mogulstates.com Open in urlscan Pro
2606:4700:3035::ac43:a4e3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/otlinks/titanSpinss.html#FEvFGeCGCmAbRMtiVNeYYqCYSXwLoFcl/21008_md/17/399/181/57/112779
Effective URL:
https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
Submission: On July 31 via api (July 31st 2022, 12:40:59 am UTC) from BE — Scanned from DE

Summary HTTP 44 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 14 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3035::ac43:a4e3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mogulstates.com.
TLS certificate: Issued by E1 on July 17th 2022. Valid for: 3 months.

This is the only time mogulstates.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:801::2010	15169 (GOOGLE) (GOOGLE)
1 1	195.149.114.21 195.149.114.21	31044 (NICUA-AS) (NICUA-AS)
1 1	35.226.132.161 35.226.132.161	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2606:4700:10:... 2606:4700:10::ac43:1e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	93.158.206.251 93.158.206.251	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2 5	2606:4700:303... 2606:4700:3036::ac43:d163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3035::ac43:a4e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4014:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.93.244 143.204.93.244	16509 (AMAZON-02) (AMAZON-02)
2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
44	14

1 2a00:1450:4001:801::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.149.114.21 (Ukraine) 1 redirects

ASN31044 (NICUA-AS, UA)
PTR: ns10.uadns.com

titanspins.proaxia.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.226.132.161 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.132.226.35.bc.googleusercontent.com

l.linklyhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.158.206.251 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)

qvadripet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::ac43:d163 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

yohitools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3035::ac43:a4e3 (United States)

ASN13335 (CLOUDFLARENET, US)

mogulstates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80b::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-praesentium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.244 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-244.fra50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-praesentium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	mogulstates.com mogulstates.com	213 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 921	1 KB
5	trk-praesentium.com trk-praesentium.com — Cisco Umbrella Rank: 185763 event.trk-praesentium.com — Cisco Umbrella Rank: 278694	3 KB
5	yohitools.com 2 redirects yohitools.com	8 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	489 B
3	gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 446 fonts.googleapis.com — Cisco Umbrella Rank: 72 ajax.googleapis.com — Cisco Umbrella Rank: 303	35 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 18188	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	111 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 960	8 KB
1	qvadripet.com qvadripet.com	417 B
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 19806	438 B
1	linklyhq.com 1 redirects l.linklyhq.com — Cisco Umbrella Rank: 320739	360 B
1	pp.ua 1 redirects titanspins.proaxia.pp.ua	209 B
44	14

	Domain	Requested by
16	mogulstates.com	mogulstates.com
5	tr.snapchat.com	sc-static.net
5	yohitools.com	2 redirects qvadripet.com yohitools.com
4	event.trk-praesentium.com	trk-praesentium.com
3	www.facebook.com	mogulstates.com
3	fonts.gstatic.com	fonts.googleapis.com
2	a.mgid.com	mogulstates.com
2	connect.facebook.net	mogulstates.com connect.facebook.net
1	sc-static.net	mogulstates.com
1	trk-praesentium.com	mogulstates.com
1	ajax.googleapis.com	mogulstates.com
1	fonts.googleapis.com	mogulstates.com
1	qvadripet.com
1	tinyurl.com	1 redirects
1	l.linklyhq.com	1 redirects
1	titanspins.proaxia.pp.ua	1 redirects
1	storage.googleapis.com
44	17

This site contains links to these domains. Also see Links.

Domain
www.gambleaware.co.uk
www.gamcare.org.uk

Subject Issuer	Validity	Valid
storage.googleapis.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
qvadripet.com R3	`2022-07-13` - `2022-10-11`	3 months	crt.sh
*.yohitools.com E1	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.mogulstates.com E1	`2022-07-17` - `2022-10-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-08` - `2023-02-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-09` - `2022-08-07`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
Frame ID: 1F4A7DEF24633EEF3CAA61598827746C
Requests: 39 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&_scsid=bcc9ed95-300f-40c8-902b-46787882e563&_sclid=da2bb676-0c9c-45fc-b7f6-6d7bdf823fa6
Frame ID: 35835AB35CF99A480DA02DDBCB4CE106
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: A45FF7DFB737FD995814CC5098A09304
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: D971AFCCABF53AD588EB7879CAD540B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TitanSpins

Page URL History Show full URLs

https://storage.googleapis.com/otlinks/titanSpinss.html Page URL
http://titanspins.proaxia.pp.ua/ HTTP 301
https://l.linklyhq.com/l/15uIs HTTP 302
https://tinyurl.com/4xn75zw6 HTTP 301
https://qvadripet.com/0/0/0/23fa06d2e9f7a5693d44534df05394fb Page URL
https://yohitools.com/?s1=351100&s2=768751360&s3=2543&s10=1404 Page URL
https://yohitools.com/cdn-cgi/phish-bypass?atok=1dt4JZR_uKv9m3XDTApXrRLNkQZWNol7UlEQBqIPppI-165922... HTTP 301
https://yohitools.com/?s1=351100&s2=768751360&s3=2543&s10=1404 HTTP 302
https://mogulstates.com/846e5a12aaecc85094459712e57e9ced Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

65 %
IPv6

14
Domains

17
Subdomains

14
IPs

6
Countries

454 kB
Transfer

4642 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.gambleaware.co.uk/
Title: www.gambleaware.co.uk

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/
Title: www.gamcare.org.uk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/otlinks/titanSpinss.html Page URL
http://titanspins.proaxia.pp.ua/ HTTP 301
https://l.linklyhq.com/l/15uIs HTTP 302
https://tinyurl.com/4xn75zw6 HTTP 301
https://qvadripet.com/0/0/0/23fa06d2e9f7a5693d44534df05394fb Page URL
https://yohitools.com/?s1=351100&s2=768751360&s3=2543&s10=1404 Page URL
https://yohitools.com/cdn-cgi/phish-bypass?atok=1dt4JZR_uKv9m3XDTApXrRLNkQZWNol7UlEQBqIPppI-1659228049-0-%2F%3Fs1%3D351100%26s2%3D768751360%26s3%3D2543%26s10%3D1404 HTTP 301
https://yohitools.com/?s1=351100&s2=768751360&s3=2543&s10=1404 HTTP 302
https://mogulstates.com/846e5a12aaecc85094459712e57e9ced Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://titanspins.proaxia.pp.ua/ HTTP 301
https://l.linklyhq.com/l/15uIs HTTP 302
https://tinyurl.com/4xn75zw6 HTTP 301
https://qvadripet.com/0/0/0/23fa06d2e9f7a5693d44534df05394fb

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 titanSpinss.html Show response
storage.googleapis.com/otlinks/ 172 B
757 B 457ms
404ms Document
text/html 2a00:1450:4001:801::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/otlinks/titanSpinss.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: af66f4ee2b0e8fbe737b9793b164903ce45c3774c74728ee93c2c709a5b1cae3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-length: 172
content-type: text/html
date: Sun, 31 Jul 2022 00:40:46 GMT
etag: "3dcce99129763a98ce1655f22a8dff25"
expires: Sun, 31 Jul 2022 01:40:46 GMT
last-modified: Fri, 22 Apr 2022 03:06:58 GMT
server: UploadServer
x-goog-generation: 1650596818950890
x-goog-hash: crc32c=qr6pnw== md5=PczpkSl2OpjOFlXyKo3/JQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 172
x-guploader-uploadid: ADPycdvjALrYvjedIY3P_5obP75dfO65v5V9HQ7wbvHiskFIWGUCFkuOocdtHRMpBK6Jrim4srWUyzHKzu2iz35mudnfmfbJG9XK

GET
H/1.1

200
OK

23fa06d2e9f7a5693d44534df05394fb
qvadripet.com/0/0/0/
Redirect Chain

http://titanspins.proaxia.pp.ua/
https://l.linklyhq.com/l/15uIs
https://tinyurl.com/4xn75zw6
https://qvadripet.com/0/0/0/23fa06d2e9f7a5693d44534df05394fb

125 B
417 B

764ms
624ms

Document
text/html

93.158.206.251
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qvadripet.com/0/0/0/23fa06d2e9f7a5693d44534df05394fb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.158.206.251 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://storage.googleapis.com/otlinks/titanSpinss.html#FEvFGeCGCmAbRMtiVNeYYqCYSXwLoFcl/21008_md/17/399/181/57/112779
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 125
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 00:40:49 GMT
server: Apache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-cache-status: DYNAMIC
cf-ray: 733248e3db7e9bd1-FRA
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 00:40:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://qvadripet.com/0/0/0/23fa06d2e9f7a5693d44534df05394fb
referrer-policy: unsafe-url
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-powered-by: PHP/8.1.8
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
yohitools.com/ 5 KB
2 KB 97ms
28ms Document
text/html 2606:4700:3036::ac43:d163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yohitools.com/?s1=351100&s2=768751360&s3=2543&s10=1404

Requested by

Host: qvadripet.com
URL: https://qvadripet.com/0/0/0/23fa06d2e9f7a5693d44534df05394fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7485b8cc0af35835e214fe28fac168ab69a09964d4c9f4b7305f9ce517b283

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://qvadripet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 733248ec2a7d9130-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 00:40:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj5werg8WSVUy%2FIwD51PSMh4dBAI%2BRQgp5dApUNRx3akBDRQ9zIj7aLJ99AdqH2uLSnB15XGp%2F7nGzT3JtAf2BMFUZHCAnhHkhsAmITRa5pown2T5ik3tfdnQNym2jzTneNQpdvwBLZ%2BV2h4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
yohitools.com/cdn-cgi/styles/ 24 KB
5 KB 23ms
23ms Stylesheet
text/css 2606:4700:3036::ac43:d163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yohitools.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: yohitools.com
URL: https://yohitools.com/?s1=351100&s2=768751360&s3=2543&s10=1404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yohitools.com/?s1=351100&s2=768751360&s3=2543&s10=1404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jul 2022 10:58:52 GMT
server: cloudflare
etag: W/"62e11a6c-5e44"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 733248ec5aa89130-FRA
vary: Accept-Encoding
expires: Sun, 31 Jul 2022 02:40:49 GMT

GET
H2 200 icon-exclamation.png
yohitools.com/cdn-cgi/images/ 452 B
540 B 23ms
22ms Image
image/png 2606:4700:3036::ac43:d163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yohitools.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: yohitools.com
URL: https://yohitools.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yohitools.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Jul 2022 10:58:52 GMT
server: cloudflare
etag: "62e11a6c-1c4"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 733248ec8abd9130-FRA
vary: Accept-Encoding
content-length: 452
expires: Sun, 31 Jul 2022 02:40:49 GMT

GET
H2

200

Primary Request 846e5a12aaecc85094459712e57e9ced Show response
mogulstates.com/
Redirect Chain

https://yohitools.com/cdn-cgi/phish-bypass?atok=1dt4JZR_uKv9m3XDTApXrRLNkQZWNol7UlEQBqIPppI-1659228049-0-%2F%3Fs1%3D351100%26s2%3D768751360%26s3%3D2543%26s10%3D1404
https://yohitools.com/?s1=351100&s2=768751360&s3=2543&s10=1404
https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

28 KB
8 KB

619ms
537ms

Document
text/html

2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4cb1a16fd7b1b46b347693a841a492910701b3640bc55d63b8db05a3ef5241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yohitools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 733248fcab029b74-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 00:40:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pskOcx1pwS31HY7IA7Q%2FwFCXw2KpoLLHiZtmtV4K5W5RRWuzSg7t6TtOWV4JuWXM2Yc4yN4D8mxRLkIJ1td5leotJng0ZRG27YEliMX4HvwLrpndAymFGghE5nO7%2BJPR%2FNWG%2FL1wxWl9b3qYZ%2Fk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 733248f8aa44698f-FRA
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 00:40:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZ6CQoXIVAh8oVQfD1oOZHzFU5bHaUUZd0cJQSAbiL4Yd3qwXyMmKEzmtLr7Qg75r%2FqIZhLR%2F5O462KMloc5s9MRSduHdqbqP%2FK%2F4f75ZDkVIHY%2Fl%2BDLlsvyxI42d02XCRLqQLLJ4mb4Nvkb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 bootstrap.min.css
mogulstates.com/fim/431e01ff8d223581faa0f5282fd29cde/ 118 KB
21 KB 806ms
749ms Stylesheet
text/css 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/fim/431e01ff8d223581faa0f5282fd29cde/bootstrap.min.css

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/bootstrap.min.css"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAOKO5ZppIwfC7u95X5X1YLnMkPLiKGFFTEKbZkhXWjzpJI1cHMH88si9EpIn2tON3SrfTVm8YL6KuK1s3jbxn8C8a6oVAxgrhqjRITcsSzsz5KQsOruK91vLw3%2FgOQSRojPIT%2BOiWM36ryZMEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 733249006b43bb8f-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
962 B 83ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 31 Jul 2022 00:40:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Jul 2022 00:40:52 GMT

GET
H3 200 style.css
mogulstates.com/fim/431e01ff8d223581faa0f5282fd29cde/ 12 KB
3 KB 552ms
495ms Stylesheet
text/css 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/fim/431e01ff8d223581faa0f5282fd29cde/style.css?v1.05

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a040933cb5dc29937509e87e348bbbd111024182ad2a3109c4a711aaa05c1e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/style.css"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5ohYHn7GA1p7Vp2p5Fl%2BRaQ%2Fqj%2FMdq7Bkj1v6cLWLI1zWWLEGRi0lZLP3yNSBSoHRVBEHJuzKPUSI04gg%2B4y0G96bz%2FaUqqMM9Dhy6fHW4gKwCGg6xhyNaERcCwuaYkB%2BglOe7K8JsDUjjpugk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 733249006b47bb8f-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 msg.js Show response
mogulstates.com/inc/ 945 B
1 KB 443ms
386ms Script
application/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/inc/msg.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61fb35acee02253526f14228009a0cf1d5c976b925611826b0b6b8ecfa17a6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Jul 2022 16:26:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkAVCTKOSaWWXW%2FEgRfQF%2BQVmlCr2k6LIitU14bCWZ1Di7Xry%2BaQkb19shESm3%2F%2BBNro23aLomjqbnqPrf1iAquAHqLH4JAZjzfInC3aRN%2BfcbtHaZ8BZlA5PzDYT5yKxr1Hu%2F2ddBNApUOMMqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
cf-ray: 733249006b48bb8f-FRA
expires: Sun, 07 Aug 2022 00:40:52 GMT

GET
H3 200 fbcode1.js Show response
mogulstates.com/inc/ 2 KB
1 KB 446ms
389ms Script
application/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/inc/fbcode1.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 23:35:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxvYkIufv%2FDsjGxhEtAmpBeeFXuB2lO%2FjSAQ2DROyBiZiTVNAG850k3bRSA4kGpF2NMURxB4%2FgEk0vOoJl38KrE33Q9FcmVFBPefiv%2BU4DVk8%2BCzIqf9ZbIFOQA5K9DXQLVcqHqNGEuayyoWFF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
cf-ray: 733249006b4abb8f-FRA
expires: Sun, 07 Aug 2022 00:40:52 GMT

GET
H3 200 f918c45099c124ccb74a6ef0932c0837.png
mogulstates.com/fim/1404/ 39 KB
40 KB 650ms
649ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1404/f918c45099c124ccb74a6ef0932c0837.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39898
x-xss-protection: 1; mode=block
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkhIdmsylaxJkYQuw0mdfCMZZh9LpXWYBXkLqJhiPkH20KeJECQWtQJWriRpYzJlSfTR0FNUK8SuTF03n6LYlX0%2FNc31h78O2yfdyVmKa61yjrat8aHUBipm4ZjyJTlojuE7jcLdru1ZG3rSJS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 733249053ed8bb8f-FRA
expires: Sun, 07 Aug 2022 00:40:53 GMT

GET
H3 200 1c1925feff325651e9095ffa59cba198.png
mogulstates.com/fim/1404/ 24 KB
25 KB 489ms
487ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1404/1c1925feff325651e9095ffa59cba198.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24575
x-xss-protection: 1; mode=block
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgU15dEJJbrhxc37LYTsbiMFo22EGcLhJ1C8nOESJ34w7t5XzlVK0RcjuhTEDEGOFLxCKfwI2OpWHYpol1me%2Fxn0NBa51dYbqeg2GamHSNowmSObCf32FZ8Pfef5n1%2B%2FUf0rkBkKp38XGaYb018%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 733249054ed9bb8f-FRA
expires: Sun, 07 Aug 2022 00:40:53 GMT

GET
H3 200 659e6f537f302332de35402e2eae0cd1.png
mogulstates.com/fim/1404/ 3 KB
4 KB 392ms
390ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1404/659e6f537f302332de35402e2eae0cd1.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3458
x-xss-protection: 1; mode=block
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eyn%2BkvIYRuM14vydEQcyIdb61x5G019UJEFZ8UFX6z0PFVXQBN8ZWouaTe8I0Zw8r%2FacBvjahKzZjfDQDiJBOu3oCTWGqBAQwmWfPg%2B2LwAVPN8c2M7ge2HJooSqo6WnNx%2B9%2FWy8gyMYpAXy3lY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 733249054edabb8f-FRA
expires: Sun, 07 Aug 2022 00:40:53 GMT

GET
H3 200 47528627cd65a986d1ef927a082014f1.png
mogulstates.com/fim/1404/ 4 KB
4 KB 397ms
395ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1404/47528627cd65a986d1ef927a082014f1.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3661
x-xss-protection: 1; mode=block
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWzkDoMI547BwTxoJvdUis6ejHJvojT8MguiSkKt14mith5MJAxRaqe3NYtrsLpKEcAq0Z3LcPnJLExhaaSuUwSaCPJcD%2BWDcvAoO3HCDOnUkqsGk05perWWHOr92uP7YIPZdrNKLDXSubbztGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 733249054edcbb8f-FRA
expires: Sun, 07 Aug 2022 00:40:53 GMT

GET
H3 200 d7e25b545eca12d30f585a988780d959.png
mogulstates.com/fim/1404/ 4 KB
4 KB 374ms
372ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1404/d7e25b545eca12d30f585a988780d959.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3613
x-xss-protection: 1; mode=block
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqM9LmrMkRcOf%2B%2FjbKcFEbKcKBgHn8rCaTO%2Fr5DPHX8YQDCeKuJZJKsrmNW0Q5ZKPb1xoc3Z0KJnody6wlOr9mbNWuOnx8rV1dgYJtPce7jNhTr5z3WSJoMZjR8J0Gi5ysN2HKt89ere1gJNaYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 733249054eddbb8f-FRA
expires: Sun, 07 Aug 2022 00:40:53 GMT

GET
H3 200 26aa6d62a0fb7cb711d6d90aaf9069ff.png
mogulstates.com/fim/1404/ 12 KB
12 KB 530ms
528ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1404/26aa6d62a0fb7cb711d6d90aaf9069ff.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12169
x-xss-protection: 1; mode=block
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjGyj7KfjE1NCiOhueYd0vPpf%2FbS13SRY%2F4SAVPO%2BfhV3TOcK0yK30cOUvhIERgGCCThegIcUQCp4rZgiwqLKE%2BNNT4%2FQnNTgAofjoDye%2BANyJ8TArHSEkwEqVEqRt82N99i4x%2BvHurWoXE472A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 733249054edfbb8f-FRA
expires: Sun, 07 Aug 2022 00:40:53 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 100ms
29ms Script
text/javascript 2a00:1450:4014:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 11:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 11:30:00 GMT

GET
H3 200 bootstrap.js Show response
mogulstates.com/fim/431e01ff8d223581faa0f5282fd29cde/ 70 KB
16 KB 610ms
610ms Script
text/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/fim/431e01ff8d223581faa0f5282fd29cde/bootstrap.js?v=1.0

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85d140144d75fee3c058ac806a2bc7f9fa4ecb778d00b31f02710513e61e71ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/bootstrap.js"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZLhyPM9%2BoL9aHH0DKfRAegMekCm8zcc1slpImCUsyGzxD8qKL515UjXJiysKWGu5zqUCx4538HqBUX%2BXB0pQqThdX%2FuIi5p0G6561z4S7DU9LfEAI7l44TQGaa4GGAD2uhH0niIazVSfMASgas%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 733249045e2fbb8f-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 common.js Show response
mogulstates.com/fim/431e01ff8d223581faa0f5282fd29cde/ 768 B
1 KB 523ms
522ms Script
text/javascript 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/fim/431e01ff8d223581faa0f5282fd29cde/common.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1669a1f2809856365657b64b61614f40ea490d99156733ec137cd55e095f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding: binary
content-disposition: inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/common.js"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCrEbk86kLGkfU%2Bf0NWL6MUoaf3BUanlhzl%2FGGOHNCuIdjfr1BfMwTjKeG9%2BKVKoag6tqw6E1XZcJByqRfiGAkeMeB6fPIcd1gtuMRVpsxq7136H3z3a4ZDlqjKxu92IHR2Vc46YdB%2F030vlNOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 733249053ecebb8f-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 v9e118mez8 Show response
trk-praesentium.com/scripts/push/ 7 KB
3 KB 268ms
209ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-praesentium.com/scripts/push/v9e118mez8

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/inc/msg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9333aab854db43fb49e5c17d5777e592ac9a032fa23e65be9388215b3d6240b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOiqDXHDnOAvk1P4XaEE76YRjNnmHEcuzb%2BEEOm4J72G%2Boa0bTsx5o2VKjyv7K%2Bt07BR0lXQR9zbDWm9FhYJZGa6y0HLepxznI3UAXFIdzR1rwGEep8MsvW7i3u5%2BfcOv2B7PpqJxMbRZ0s9aqOb9Xx0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 733249059a989b7d-FRA
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 82ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/inc/fbcode1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27fc02705fe7e895aeec26f7ec3e645e4544c4561f7ce7cfbdb6502e99e942cb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26465
x-xss-protection: 0
pragma: public
x-fb-debug: J6VupI/S4MPDjBI2IXj1hPyUStq7drGVwF7ZZlbUr2ByDz2ai7mFrfWLhkH1U2K7ryjeM0g65lBPZY8Qqxb/gQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 31 Jul 2022 00:40:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 106ms
35ms Script
application/javascript 143.204.93.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: mogulstates.com
URL: https://mogulstates.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.244 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-244.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7821
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-id: kEMccT0JO5tX7sLLXocUxKm-66qi-BQCh-a_qJK0aXlyf0yCzMNrLA==

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 184ms
124ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1659228053308
Requested by: Host: mogulstates.com
URL: https://mogulstates.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: ef71b991-c1fb-4bfe-a37c-07aebea4e3a4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 73324905ac5d5c3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H3 200 552fa41e600c0b621115ba829b17b857.jpg
mogulstates.com/fim/1404/ 71 KB
71 KB 625ms
625ms Image
image/jpeg 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1404/552fa41e600c0b621115ba829b17b857.jpg

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72488
x-xss-protection: 1; mode=block
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVcHnTZbZK5pBVSa2eD4NAG%2B0sXJkM8bsl4c5rvstdijuXPfNjvv49pRfKax2pPGNImaTURz3jTOI6iYC8VOcu%2FM6PVjuIv9HajcV7FlyF4kMOwVgXIBc63jsif8CAskFB8t7rKhQCo%2BzjAQ6aE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 733249054ee0bb8f-FRA
expires: Sun, 07 Aug 2022 00:40:53 GMT

GET
H3 200 9c599afccd9239111db415db1552d4f6.png
mogulstates.com/fim/1404/ 1 KB
2 KB 370ms
369ms Image
image/png 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mogulstates.com/fim/1404/9c599afccd9239111db415db1552d4f6.png

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1312
x-xss-protection: 1; mode=block
last-modified: Sun, 31 Jul 2022 00:40:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbMLv8tOjw8nzObMOJT0icCBfbNjGHAOBnT%2FvLskVhA8%2Fa92LdlhsKzO%2F0zAt3OVWqoM9rKThJldO7H6Bv6LiA9Qh798u9VddTgmw6oaZKAXxxgFfC4BEoaO6epoKDvUKdT%2FU7XTYYihf%2FdVN%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 733249054ee5bb8f-FRA
expires: Sun, 07 Aug 2022 00:40:53 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 103ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mogulstates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 372764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 75ms
21ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mogulstates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 372764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 94ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mogulstates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 372514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 17:12:19 GMT

GET
H3 206 bg-video.mp4
mogulstates.com/views/casino/titanspins-casino-us-v2/assets/ 4 MB
0 757ms
756ms Media
video/mp4 2606:4700:3035::ac43:a4e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mogulstates.com/views/casino/titanspins-casino-us-v2/assets/bg-video.mp4

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:a4e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 31 Jul 2022 00:40:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-4765376/4765377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4765377
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Jun 2022 14:54:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu%2BRSRebUV79NxP4foNTl0L%2BUYF0gza5dQHLMNi65CRWpH7YUQRiwG8OGgtqFwrG79xT8bukQdELCViZwJ72bJ%2FoisWTJd3XfSbHVxbD%2BPwXHsz1ScsAHBKWnmarJ7DKS9D%2BMD7%2FfFBelt8%2F%2Bec%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=14400
cf-ray: 733249056ef7bb8f-FRA

GET
H3 200 399694290689525 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 49ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/399694290689525?v=2.9.69&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd10a2853697053700cf3e887cc0cf096de70da0f2b01bcc34d3551f94f3dee1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85962
x-xss-protection: 0
pragma: public
x-fb-debug: suLHDxC2B61DBzxSeM0nNdsGt7paOtzrN9xzgg9Nu2ud67KDC5zf2EJHBc38pSpXImQXpiNmrUJ4R/X4WyxMBg==
x-frame-options: DENY
date: Sun, 31 Jul 2022 00:40:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
273 B 152ms
127ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fmogulstates.com%2F846e5a12aaecc85094459712e57e9ced&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1659228053505
Requested by: Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 73324906a84a6961-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 76ms
23ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Fmogulstates.com%2F846e5a12aaecc85094459712e57e9ced&rl=https%3A%2F%2Fyohitools.com%2F&if=false&ts=1659228053540&sw=1600&sh=1200&v=2.9.69&r=stable&ec=0&o=30&fbp=fb.1.1659228053539.1941892119&it=1659228053428&coo=false&rqm=GET

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 31 Jul 2022 00:40:53 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 76ms
23ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Fmogulstates.com%2F846e5a12aaecc85094459712e57e9ced&rl=https%3A%2F%2Fyohitools.com%2F&if=false&ts=1659228053541&sw=1600&sh=1200&v=2.9.69&r=stable&ec=1&o=30&fbp=fb.1.1659228053539.1941892119&it=1659228053428&coo=false&rqm=GET

Requested by

Host: mogulstates.com
URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 31 Jul 2022 00:40:53 GMT

POST
H3 200 v9e118mez8
event.trk-praesentium.com/register/event_log/ 0
0 223ms
222ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-praesentium.com/register/event_log/v9e118mez8

Requested by

Host: trk-praesentium.com
URL: https://trk-praesentium.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mogulstates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 31 Jul 2022 00:40:54 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJXwBWDjYXdxck%2B08mikeRdwHW0cC7AyzGv1arsIFogbfRI6Amby6aIARV74ldMCWrWEdbndAcrx9ZsLLQZ4gVHifbGE8poinou7l4%2BhGU0%2FagSN%2FJjYMgT%2BaG9g6IdzleC5icj247G9VPwlk2%2B8JbsCxyuAWCd2"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://mogulstates.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 7332490b7e299bf4-FRA
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-praesentium.com/register/event_log/ Frame 0
0 316ms
256ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-praesentium.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mogulstates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://mogulstates.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73324909de676977-FRA
content-length: 0
date: Sun, 31 Jul 2022 00:40:54 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2wB43pHi4AXzpl6z8hZaLbpHd7Qz9UWejrdUEjBE0Hulza51If0zgLwvhcwfvPzWVhhWkBIGRS1%2FZBOQ2ibCyh9hFMQeOKPqIlZhqSQcH0HKR2hx8V828l8VO9wHRveVJ5D1d6M7rkcxB2Kn%2B5LEuGndDKYTZOp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 v9e118mez8
event.trk-praesentium.com/register/event_log/ 0
0 253ms
227ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-praesentium.com/register/event_log/v9e118mez8

Requested by

Host: trk-praesentium.com
URL: https://trk-praesentium.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mogulstates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 31 Jul 2022 00:40:54 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atflZCI3tldEOFAyQy8ZXNAWlxY1YT8el8pkb1eCwz6TvugcIdUMz1H%2BiwVbMU1lOflLm98U4khyiuKVO4VMnM0aCM%2BG73JK3KqbxtgRwqXYR0Yyzwcq3fOvB0B7naX3fXGyano7GxeJm7KhF%2FVJLdTh5Y%2Byzmnq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://mogulstates.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 7332490b5e0d9bf4-FRA
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-praesentium.com/register/event_log/ Frame 0
0 263ms
204ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-praesentium.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mogulstates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://mogulstates.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73324909ee686977-FRA
content-length: 0
date: Sun, 31 Jul 2022 00:40:54 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks%2F5paRMGCl92YvJZqzEej54jOUNpmfgR5ahi3yg7OOBqOMfJYuNXFkpKxKPVbF1wETDCN%2FM3g0v5REkkUWQqQ%2BaSPLxhV%2FpLYBvHoECZCPHEKfNF6MT4Efs5I3aaC9XCMz4SxREO2ivhEBgCfPHaM1nwwSt%2Fdyr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
192 B 92ms
32ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:54 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mogulstates.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
450 B 90ms
31ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6754cecbb1ee2d4c965ee52e5f456f6cc258b124b93e5ce046f0e99edd35fa10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:54 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mogulstates.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 3583 0
45 B 84ms
33ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&_scsid=bcc9ed95-300f-40c8-902b-46787882e563&_sclid=da2bb676-0c9c-45fc-b7f6-6d7bdf823fa6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://mogulstates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 31 Jul 2022 00:40:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p Show response
tr.snapchat.com/ Frame A45F 68 B
279 B 59ms
35ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mogulstates.com
Referer: https://mogulstates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://mogulstates.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Sun, 31 Jul 2022 00:40:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 1

POST
H2 200 p Show response
tr.snapchat.com/ Frame D971 68 B
561 B 56ms
33ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://mogulstates.com
Referer: https://mogulstates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://mogulstates.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Sun, 31 Jul 2022 00:40:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 48ms
23ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=Microdata&dl=https%3A%2F%2Fmogulstates.com%2F846e5a12aaecc85094459712e57e9ced&rl=https%3A%2F%2Fyohitools.com%2F&if=false&ts=1659228055043&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TitanSpins%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.69&r=stable&ec=2&o=30&fbp=fb.1.1659228053539.1941892119&it=1659228053428&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mogulstates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 00:40:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 31 Jul 2022 00:40:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 04:55:14	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
l.linklyhq.com/	1970-01-20 05:37:00	Name: X2NzX2xpbmtfaWQ6MTYxODQ0MTA Value: OTAzNzI1MDY
l.linklyhq.com/	1969-12-31 23:59:59	Name: _cs_link_id Value: MTYxODQ0MTA
qvadripet.com/	1970-01-20 05:37:00	Name: uid2543 Value: 768751360-20220730204049-aeaae1bd1e61666783a2a90816fa89ef-
.yohitools.com/	1970-01-20 04:55:14	Name: __cf_mw_byp Value: 1dt4JZR_uKv9m3XDTApXrRLNkQZWNol7UlEQBqIPppI-1659228049-0-/?s1=351100&s2=768751360&s3=2543&s10=1404
yohitools.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5f916828d60376007f554b7ed12d6cea
mogulstates.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d686ac7c690c2e65ab83bd189806c1f9
.mgid.com/	1970-01-20 04:53:49	Name: __cf_bm Value: XPO4BMilC3gp.mrfPESy9b.J487VnWAwTQL6rkNqeqA-1659228053-0-AUynlfYW7fXTwvFGKOMau9TAe01giE5qjZcaTUQCpa36IeB3Wp75bxrDQOI5PX3h9oTJVvlGlYyFdUwsEs4V51Y=
mogulstates.com/	1970-01-20 07:03:24	Name: MgidSensorNVis Value: 1
mogulstates.com/	1970-01-20 07:03:24	Name: MgidSensorHref Value: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced
.mogulstates.com/	1970-01-20 07:03:24	Name: _fbp Value: fb.1.1659228053539.1941892119
.mogulstates.com/	1970-01-20 14:23:34	Name: _scid Value: 6448b1ce-6ded-4ae3-959b-781d9f90c03c
.snapchat.com/	1970-01-20 14:15:24	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRUAIAQFwIm89xXKOIWmMHx3bmX+EGSRj2Rp0kkIKbvkCr6Y1c2mPsaGSuMDP9ogVDIAAAA=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://mogulstates.com/846e5a12aaecc85094459712e57e9ced Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
ajax.googleapis.com
connect.facebook.net
event.trk-praesentium.com
fonts.googleapis.com
fonts.gstatic.com
l.linklyhq.com
mogulstates.com
qvadripet.com
sc-static.net
storage.googleapis.com
tinyurl.com
titanspins.proaxia.pp.ua
tr.snapchat.com
trk-praesentium.com
www.facebook.com
yohitools.com
104.19.135.78
143.204.93.244
195.149.114.21
2606:4700:10::ac43:1e1
2606:4700:3035::ac43:a4e3
2606:4700:3036::ac43:d163
2a00:1450:4001:801::2010
2a00:1450:4001:813::2003
2a00:1450:4001:82f::200a
2a00:1450:4014:80b::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
35.190.43.134
35.226.132.161
93.158.206.251
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
1b4cb1a16fd7b1b46b347693a841a492910701b3640bc55d63b8db05a3ef5241
1f7485b8cc0af35835e214fe28fac168ab69a09964d4c9f4b7305f9ce517b283
27fc02705fe7e895aeec26f7ec3e645e4544c4561f7ce7cfbdb6502e99e942cb
2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
61fb35acee02253526f14228009a0cf1d5c976b925611826b0b6b8ecfa17a6a4
6754cecbb1ee2d4c965ee52e5f456f6cc258b124b93e5ce046f0e99edd35fa10
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
85d140144d75fee3c058ac806a2bc7f9fa4ecb778d00b31f02710513e61e71ca
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9333aab854db43fb49e5c17d5777e592ac9a032fa23e65be9388215b3d6240b4
a040933cb5dc29937509e87e348bbbd111024182ad2a3109c4a711aaa05c1e7a
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af66f4ee2b0e8fbe737b9793b164903ce45c3774c74728ee93c2c709a5b1cae3
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
fc1669a1f2809856365657b64b61614f40ea490d99156733ec137cd55e095f93
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d
fd10a2853697053700cf3e887cc0cf096de70da0f2b01bcc34d3551f94f3dee1

mogulstates.com Open in urlscan Pro 2606:4700:3035::ac43:a4e3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

65 %IPv6

14 Domains

17 Subdomains

14 IPs

6 Countries

454 kBTransfer

4642 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mogulstates.com Open in urlscan Pro
2606:4700:3035::ac43:a4e3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

65 %
IPv6

14
Domains

17
Subdomains

14
IPs

6
Countries

454 kB
Transfer

4642 kB
Size

13
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!