www.joocasinos2.com Open in urlscan Pro
104.18.41.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kgcbc.agdopeni.top/yyspauu-feilavt-qiym
Effective URL:
https://www.joocasinos2.com/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02&__layerref=https%3A%2F%2Fffct.isunputsa.t...
Submission: On July 16 via manual (July 16th 2022, 12:18:48 pm UTC) from IN — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 16 HTTP transactions. The main IP is 104.18.41.52, located in and belongs to . The main domain is www.joocasinos2.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 6th 2021. Valid for: a year.

This is the only time www.joocasinos2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	172.67.166.194 172.67.166.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.186.229 172.67.186.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:8e5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.18.35.11 104.18.35.11	() ()
3	104.18.41.52 104.18.41.52	() ()
1	104.18.43.150 104.18.43.150	() ()
16	6

3 172.67.166.194 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kgcbc.agdopeni.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.186.229 (United States)

ASN13335 (CLOUDFLARENET, US)

ffct.isunputsa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:8e5f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.2coo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

joopartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.35.11 (None, ) 1 redirects

ASN- ()

joocasino.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.joocasino.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.41.52 (None, )

ASN- ()

www.joocasinos2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.43.150 (None, )

ASN- ()

www.joocasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	joocasinos2.com www.joocasinos2.com	3 KB
3	joocasino.live 1 redirects joocasino.live www.joocasino.live	2 KB
3	agdopeni.top 1 redirects kgcbc.agdopeni.top	3 KB
2	isunputsa.top ffct.isunputsa.top	2 KB
1	joocasino.com www.joocasino.com	2 KB
1	joopartners.com 1 redirects joopartners.com	711 B
1	2coo.xyz 1 redirects go.2coo.xyz	700 B
0	s7s.ai Failed payments-lib.cdn.s7s.ai Failed
0	googleapis.com Failed fonts.googleapis.com Failed
16	9

	Domain	Requested by
3	www.joocasinos2.com	www.joocasino.live www.joocasinos2.com
3	kgcbc.agdopeni.top	1 redirects
2	www.joocasino.live	ffct.isunputsa.top www.joocasino.live
2	ffct.isunputsa.top	kgcbc.agdopeni.top
1	www.joocasino.com
1	joocasino.live	1 redirects
1	joopartners.com	1 redirects
1	go.2coo.xyz	1 redirects
0	payments-lib.cdn.s7s.ai Failed	www.joocasinos2.com
0	fonts.googleapis.com Failed	www.joocasinos2.com
16	10

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-13` - `2022-12-12`	a year	crt.sh
*.isunputsa.top GTS CA 1P5	`2022-06-27` - `2022-09-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.joocasinos2.com/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02&__layerref=https%3A%2F%2Fffct.isunputsa.top%2F
Frame ID: 45AF19E0F90B3B2AD3FAADDB9E61880B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://kgcbc.agdopeni.top/yyspauu-feilavt-qiym Page URL
https://kgcbc.agdopeni.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2... Page URL
https://kgcbc.agdopeni.top/aaa?p=ccc&b=b44de&s=sc01&of=ccc&n=jun15de-100spin-078 HTTP 302
https://ffct.isunputsa.top/ccc?n=jun15de-100spin-078&sub_id_1=sc01&sub_id_2=jun15de-100spin-078&sub_id_... Page URL
https://ffct.isunputsa.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodH... Page URL
https://go.2coo.xyz/click?pid=14228&offer_id=2832&l=1655295301&sub1=sc01&sub2=b44de&sub3=sc01-b4... HTTP 302
https://joopartners.com/a933300e9?clickid=62d2aca7d9758e00010203b4&pid=14228 HTTP 302
https://joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 HTTP 301
https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 Page URL
https://www.joocasinos2.com/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02&__layerref=https%3A%2... Page URL

Page Statistics

16
Requests

63 %
HTTPS

14 %
IPv6

9
Domains

10
Subdomains

6
IPs

2
Countries

10 kB
Transfer

241 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kgcbc.agdopeni.top/yyspauu-feilavt-qiym Page URL
https://kgcbc.agdopeni.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2FhYT9wPWNjYyZiPWI0NGRlJnM9c2MwMSZvZj1jY2Mmbj1qdW4xNWRlLTEwMHNwaW4tMDc4In0.ugrrIZGHDtYd6ND2VLQMQTrlyfZjFB17sw8Sk1wbcxw Page URL
https://kgcbc.agdopeni.top/aaa?p=ccc&b=b44de&s=sc01&of=ccc&n=jun15de-100spin-078 HTTP 302
https://ffct.isunputsa.top/ccc?n=jun15de-100spin-078&sub_id_1=sc01&sub_id_2=jun15de-100spin-078&sub_id_3=ccc&sub_id_4=b44de&of=ccc&sub_id_13={e} Page URL
https://ffct.isunputsa.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvZ28uMmNvby54eXpcL2NsaWNrP3BpZD0xNDIyOCZvZmZlcl9pZD0yODMyJmw9MTY1NTI5NTMwMSZzdWIxPXNjMDEmc3ViMj1iNDRkZSZzdWIzPXNjMDEtYjQ0ZGUmc3ViND1jY2Mmc3ViNT1qdW4xNWRlLTEwMHNwaW4tMDc4In0.jTEWdZ71i5GHJ7Ia7zeW84ln-UsdHhEUxSoCCqRiTWU Page URL
https://go.2coo.xyz/click?pid=14228&offer_id=2832&l=1655295301&sub1=sc01&sub2=b44de&sub3=sc01-b44de&sub4=ccc&sub5=jun15de-100spin-078 HTTP 302
https://joopartners.com/a933300e9?clickid=62d2aca7d9758e00010203b4&pid=14228 HTTP 302
https://joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 HTTP 301
https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 Page URL
https://www.joocasinos2.com/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02&__layerref=https%3A%2F%2Fffct.isunputsa.top%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://kgcbc.agdopeni.top/aaa?p=ccc&b=b44de&s=sc01&of=ccc&n=jun15de-100spin-078 HTTP 302
https://ffct.isunputsa.top/ccc?n=jun15de-100spin-078&sub_id_1=sc01&sub_id_2=jun15de-100spin-078&sub_id_3=ccc&sub_id_4=b44de&of=ccc&sub_id_13={e}

Request Chain 4

https://go.2coo.xyz/click?pid=14228&offer_id=2832&l=1655295301&sub1=sc01&sub2=b44de&sub3=sc01-b44de&sub4=ccc&sub5=jun15de-100spin-078 HTTP 302
https://joopartners.com/a933300e9?clickid=62d2aca7d9758e00010203b4&pid=14228 HTTP 302
https://joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 HTTP 301
https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	yyspauu-feilavt-qiym Show response kgcbc.agdopeni.top/	333 B 1 KB	346ms 174ms	Document text/html	172.67.166.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kgcbc.agdopeni.top/yyspauu-feilavt-qiym Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.166.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b03ddba003f0a91ad6c77b7e8e01bf509a40fc57f45fbf6811536fdde7aaa0a5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 72baae9ef917917a-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 16 Jul 2022 12:18:43 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2a4biFGIevKT4b%2BDSdPBzWaOQtQ6%2FU6V4dMNSn86rpmJ3TliQEPrU4y1YUO%2BBY6dxAQb7ppAqRfLR5R3FU2i1xenAHPmIcO3nJhhy6usdlXkKTkqaaEdDVE6sVyda5JIyn6VbVs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	gateway.php kgcbc.agdopeni.top/	322 B 449 B	258ms 257ms	Document text/html	172.67.166.194 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kgcbc.agdopeni.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2FhYT9wPWNjYyZiPWI0NGRlJnM9c2MwMSZvZj1jY2Mmbj1qdW4xNWRlLTEwMHNwaW4tMDc4In0.ugrrIZGHDtYd6ND2VLQMQTrlyfZjFB17sw8Sk1wbcxw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.166.194 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://kgcbc.agdopeni.top/yyspauu-feilavt-qiym Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 72baaea66c45917a-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 16 Jul 2022 12:18:45 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIo%2B9aLhewpmQOHTQr1rHfydIPKWfLlnhTM%2BmsoAhiddGsKda4Ylh8QPFF%2F4UvyFgPBalaeCXUHRLTxBzPhbg6wJltHkacs2TpfeM83ZNpkYwHWv6WxiXsi3hXKgA81s2HlS6dg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	ccc Show response ffct.isunputsa.top/ Redirect Chain https://kgcbc.agdopeni.top/aaa?p=ccc&b=b44de&s=sc01&of=ccc&n=jun15de-100spin-078 https://ffct.isunputsa.top/ccc?n=jun15de-100spin-078&sub_id_1=sc01&sub_id_2=jun15de-100spin-078&sub_id_3=ccc&sub_id_4=b44de&of=ccc&sub_id_13={e}	443 B 1 KB	794ms 119ms	Document text/html	172.67.186.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ffct.isunputsa.top/ccc?n=jun15de-100spin-078&sub_id_1=sc01&sub_id_2=jun15de-100spin-078&sub_id_3=ccc&sub_id_4=b44de&of=ccc&sub_id_13={e} Requested by Host: kgcbc.agdopeni.top URL: https://kgcbc.agdopeni.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2FhYT9wPWNjYyZiPWI0NGRlJnM9c2MwMSZvZj1jY2Mmbj1qdW4xNWRlLTEwMHNwaW4tMDc4In0.ugrrIZGHDtYd6ND2VLQMQTrlyfZjFB17sw8Sk1wbcxw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.186.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13897a06c6b10aa75f9c215a536f6a7e4d510079addc0696965f07f1b91ab314` Request headers Referer https://kgcbc.agdopeni.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2FhYT9wPWNjYyZiPWI0NGRlJnM9c2MwMSZvZj1jY2Mmbj1qdW4xNWRlLTEwMHNwaW4tMDc4In0.ugrrIZGHDtYd6ND2VLQMQTrlyfZjFB17sw8Sk1wbcxw Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 cf-cache-status DYNAMIC cf-ray 72baaeadbdb3774a-LHR content-encoding br content-type text/html; charset=UTF-8 date Sat, 16 Jul 2022 12:18:46 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 last-modified Sat, 16 Jul 2022 12:18:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOHLMyLqE%2FyJRjveo9z7BLZcJP2ezoB32Uu23VsaOv54QenldQ%2BMKY8ejGq78MjtJucnj8477Q8vy1xSeBZb%2BaqhJjvG6SAWsGHKRZj5RyiyDUQuHP1CzJkb7YXi3pighZ%2FWJ0I%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 72baaea82c229bac-FRA content-type text/html; charset=UTF-8 date Sat, 16 Jul 2022 12:18:45 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 location https://ffct.isunputsa.top/ccc?n=jun15de-100spin-078&sub_id_1=sc01&sub_id_2=jun15de-100spin-078&sub_id_3=ccc&sub_id_4=b44de&of=ccc&sub_id_13={e} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gQzXp%2B4nCoPWsTH9INM0B0%2F6P3t2soTyWo5GLpqkSrnWnUJf3OI%2Bmg7%2ByzKMwmS0Yc2wjw%2BluyLHt4cmKRCNoSIBF4BOjUCAlpSQinCUzjshcK5JMCst0bUxoYxDTZ9XdmSHe0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	gateway.php ffct.isunputsa.top/	480 B 820 B	243ms 140ms	Document text/html	172.67.186.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ffct.isunputsa.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvZ28uMmNvby54eXpcL2NsaWNrP3BpZD0xNDIyOCZvZmZlcl9pZD0yODMyJmw9MTY1NTI5NTMwMSZzdWIxPXNjMDEmc3ViMj1iNDRkZSZzdWIzPXNjMDEtYjQ0ZGUmc3ViND1jY2Mmc3ViNT1qdW4xNWRlLTEwMHNwaW4tMDc4In0.jTEWdZ71i5GHJ7Ia7zeW84ln-UsdHhEUxSoCCqRiTWU Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.186.229 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://ffct.isunputsa.top/ccc?n=jun15de-100spin-078&sub_id_1=sc01&sub_id_2=jun15de-100spin-078&sub_id_3=ccc&sub_id_4=b44de&of=ccc&sub_id_13={e} Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 cf-cache-status DYNAMIC cf-ray 72baaeb57cb97792-LHR content-encoding br content-type text/html; charset=UTF-8 date Sat, 16 Jul 2022 12:18:47 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires 0 last-modified Sat, 16 Jul 2022 12:18:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etFogqMoqHc8PJYFUTNSbqlnmRei5BPF4lDR6Ql1nanb3aXNmFMStsjqmWJWAyP7aTthJI8gBwsKvOJg4jyhnEnYRcSzIkzFze1ZwrBn9UczVlAmWPJMON0aTWC51put1QIxNLo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	/ Show response www.joocasino.live/de/ Redirect Chain https://go.2coo.xyz/click?pid=14228&offer_id=2832&l=1655295301&sub1=sc01&sub2=b44de&sub3=sc01-b44de&sub4=ccc&sub5=jun15de-100spin-078 https://joopartners.com/a933300e9?clickid=62d2aca7d9758e00010203b4&pid=14228 https://joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02	3 KB 2 KB	71ms 57ms	Document text/html	104.18.35.11
General Check archive.org Show headers Download Go to Full URL https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 Requested by Host: ffct.isunputsa.top URL: https://ffct.isunputsa.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvZ28uMmNvby54eXpcL2NsaWNrP3BpZD0xNDIyOCZvZmZlcl9pZD0yODMyJmw9MTY1NTI5NTMwMSZzdWIxPXNjMDEmc3ViMj1iNDRkZSZzdWIzPXNjMDEtYjQ0ZGUmc3ViND1jY2Mmc3ViNT1qdW4xNWRlLTEwMHNwaW4tMDc4In0.jTEWdZ71i5GHJ7Ia7zeW84ln-UsdHhEUxSoCCqRiTWU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.35.11 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `37e140b54967af6f159883e697e12d6f411e14ba82dce5620fb06d44b922559d` Request headers Referer https://ffct.isunputsa.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvZ28uMmNvby54eXpcL2NsaWNrP3BpZD0xNDIyOCZvZmZlcl9pZD0yODMyJmw9MTY1NTI5NTMwMSZzdWIxPXNjMDEmc3ViMj1iNDRkZSZzdWIzPXNjMDEtYjQ0ZGUmc3ViND1jY2Mmc3ViNT1qdW4xNWRlLTEwMHNwaW4tMDc4In0.jTEWdZ71i5GHJ7Ia7zeW84ln-UsdHhEUxSoCCqRiTWU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, no-cache, no-store cf-cache-status DYNAMIC cf-ray 72baaebc1c6d900c-FRA content-encoding gzip content-type text/html date Sat, 16 Jul 2022 12:18:48 GMT etag W/"62c512b8-dac" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 06 Jul 2022 04:42:32 GMT server cloudflare x-robots-tag none Redirect headers cache-control max-age=3600 cf-ray 72baaebbbbe6900c-FRA date Sat, 16 Jul 2022 12:18:48 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Sat, 16 Jul 2022 13:18:48 GMT location https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 server cloudflare vary Accept-Encoding
GET H2	200	geoip Show response www.joocasino.live/	2 B 81 B	49ms 49ms	Fetch application/octet-stream	104.18.35.11
General Check archive.org Show headers Download Go to Full URL https://www.joocasino.live/geoip Requested by Host: www.joocasino.live URL: https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.35.11 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3` Request headers accept-language de-DE,de;q=0.9 Referer https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers gdcc DE date Sat, 16 Jul 2022 12:18:48 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/octet-stream cf-ray 72baaebc8d42900c-FRA content-length 2
GET H2	200	favicon.png www.joocasinos2.com/resources/images/	2 KB 2 KB	169ms 66ms	Image image/png	104.18.41.52
General Check archive.org Show headers Download Go to Show image Full URL https://www.joocasinos2.com/resources/images/favicon.png?1657973928437 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.52 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.joocasino.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 16 Jul 2022 12:18:48 GMT referrer-policy strict-origin-when-cross-origin cf-cache-status MISS last-modified Fri, 15 Jul 2022 17:29:44 GMT server cloudflare etag "62d1a408-649" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 72baaebd7a319295-FRA content-length 1609 expires Sat, 16 Jul 2022 16:18:48 GMT
GET H2	200	favicon.png www.joocasino.com/resources/images/	2 KB 2 KB	161ms 61ms	Image image/png	104.18.43.150
General Check archive.org Show headers Download Go to Show image Full URL https://www.joocasino.com/resources/images/favicon.png?1657973928437 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.43.150 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `042ddce9577dab009e6238cb340a94aa6a3afcc6db8d1b7298c138262fc3e5f4` Request headers accept-language de-DE,de;q=0.9 Referer https://www.joocasino.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 16 Jul 2022 12:18:48 GMT referrer-policy strict-origin-when-cross-origin cf-cache-status MISS last-modified Fri, 15 Jul 2022 17:29:44 GMT server cloudflare etag "62d1a408-649" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 72baaebd7d1c922b-FRA content-length 1609 expires Sat, 16 Jul 2022 16:18:48 GMT
GET H2	200	Primary Request / Show response www.joocasinos2.com/de/	2 KB 1 KB	60ms 60ms	Document text/html	104.18.41.52
General Check archive.org Show headers Download Go to Full URL https://www.joocasinos2.com/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02&__layerref=https%3A%2F%2Fffct.isunputsa.top%2F Requested by Host: www.joocasino.live URL: https://www.joocasino.live/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.52 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `5d1dd2e1618140b2aff003d64ed5560de91392ae149d31fcc68e6dd5d0ced4ee` Request headers Referer https://www.joocasino.live/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 72baaebdeaa49295-FRA content-encoding gzip content-type text/html date Sat, 16 Jul 2022 12:18:48 GMT etag W/"62d1a40b-8f0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Fri, 15 Jul 2022 17:29:47 GMT referrer-policy strict-origin-when-cross-origin server cloudflare
GET		css2 fonts.googleapis.com/	0 0

GET		css2 fonts.googleapis.com/	0 0

GET		css2 fonts.googleapis.com/	0 0

GET		d7c0fc5b.css www.joocasinos2.com/css/	0 0

GET		index.js payments-lib.cdn.s7s.ai/v1/	0 0

GET H2	200	runtime.ae118cfe.js www.joocasinos2.com/js/	231 KB 0	45ms 43ms	Script application/javascript	104.18.41.52
General Check archive.org Show headers Download Go to Full URL https://www.joocasinos2.com/js/runtime.ae118cfe.js Requested by Host: www.joocasinos2.com URL: https://www.joocasinos2.com/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02&__layerref=https%3A%2F%2Fffct.isunputsa.top%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.52 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.joocasinos2.com/de/?sign-up=modal&stag=106737_62d2aca74cbe77db7fd9ec02&__layerref=https%3A%2F%2Fffct.isunputsa.top%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sat, 16 Jul 2022 12:18:48 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin cf-cache-status HIT last-modified Fri, 15 Jul 2022 17:29:48 GMT server cloudflare age 1945 etag W/"62d1a40c-4642d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 72baaebe5b129295-FRA expires Sat, 16 Jul 2022 16:18:48 GMT
GET		main.ef4245f7.js www.joocasinos2.com/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;900&family=Rubik:wght@300;400;500;700;900&display=swap

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@700&display=swap

Domain: www.joocasinos2.com
URL: https://www.joocasinos2.com/css/d7c0fc5b.css

Domain: payments-lib.cdn.s7s.ai
URL: https://payments-lib.cdn.s7s.ai/v1/index.js

Domain: www.joocasinos2.com
URL: https://www.joocasinos2.com/js/main.ef4245f7.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kgcbc.agdopeni.top/	1970-01-20 05:17:32	Name: _subid Value: 2vj3als2c7a
kgcbc.agdopeni.top/	1970-02-08 09:07:14	Name: d75f3 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIyNjdcIjoxNjU3OTczOTIzLFwiM1wiOjE2NTc5NzM5MjV9LFwiY2FtcGFpZ25zXCI6e1wiMTEzMlwiOjE2NTc5NzM5MjMsXCIzXCI6MTY1Nzk3MzkyNX0sXCJ0aW1lXCI6MTY1Nzk3MzkyM30ifQ.Heucjh-9pxXmi_UllnZrZ2Kxe1cR6Pkj3NmqPDAqsqk
ffct.isunputsa.top/	1970-01-20 05:17:32	Name: _subid Value: 2vj3alsid5
ffct.isunputsa.top/	1970-02-08 09:07:14	Name: 7d8e9 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEwNjRcIjoxNjU3OTczOTI2fSxcImNhbXBhaWduc1wiOntcIjE4OFwiOjE2NTc5NzM5MjZ9LFwidGltZVwiOjE2NTc5NzM5MjZ9In0.d8j0DRh00jsGk0VgWAV6TJ4sDp8YEqgK5fqjTZHQfWg
go.2coo.xyz/	1970-01-20 13:18:29	Name: afclick Value: 62d2aca7d9758e00010203b4
go.2coo.xyz/	1970-01-20 13:18:29	Name: afoffers Value: {"2832":1657973927}
joopartners.com/	1970-01-20 05:16:05	Name: 811786ad1ae74adfdd20 Value: 62d2aca74cbe77db7fd9ec02

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ffct.isunputsa.top
fonts.googleapis.com
go.2coo.xyz
joocasino.live
joopartners.com
kgcbc.agdopeni.top
payments-lib.cdn.s7s.ai
www.joocasino.com
www.joocasino.live
www.joocasinos2.com
fonts.googleapis.com
payments-lib.cdn.s7s.ai
www.joocasinos2.com
104.18.35.11
104.18.41.52
104.18.43.150
172.67.166.194
172.67.186.229
188.114.97.3
2606:4700:3034::ac43:8e5f
042ddce9577dab009e6238cb340a94aa6a3afcc6db8d1b7298c138262fc3e5f4
13897a06c6b10aa75f9c215a536f6a7e4d510079addc0696965f07f1b91ab314
37e140b54967af6f159883e697e12d6f411e14ba82dce5620fb06d44b922559d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d1dd2e1618140b2aff003d64ed5560de91392ae149d31fcc68e6dd5d0ced4ee
b03ddba003f0a91ad6c77b7e8e01bf509a40fc57f45fbf6811536fdde7aaa0a5

www.joocasinos2.com Open in urlscan Pro 104.18.41.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

16 Requests

63 %HTTPS

14 %IPv6

9 Domains

10 Subdomains

6 IPs

2 Countries

10 kBTransfer

241 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

7 Cookies

Indicators

www.joocasinos2.com Open in urlscan Pro
104.18.41.52 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

63 %
HTTPS

14 %
IPv6

9
Domains

10
Subdomains

6
IPs

2
Countries

10 kB
Transfer

241 kB
Size

7
Cookies

16 HTTP transactions
0 data transactions