xo667.com Open in urlscan Pro
2606:4700:3036::6815:594c  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response xo667.com/	69 KB 18 KB	681ms 634ms	Document text/html	2606:4700:3036::6815:594c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xo667.com/ Protocol HTTP/1.1 Server 2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 789d50f37be91a659f800dec66464d64fc03f6c461082c7863e2a83aa35b785c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 85c3dd3c9c060b8c-AMS Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 27 Feb 2024 22:29:02 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nBksmECezyqigQa69SBW1e07%2BNOycrWx6o7VHQ3f0FSeOCzou306LHFDiyvhwbfqVYM3ou%2BCnfmPwS4SF5PREDATjUZ15ylcJ57WXAaz2Bc1vFHW%2BfqFaz%2FWB0WPxoZVjjARNslmPo%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400 link <https://xo667.com/wp-json/>; rel="https://api.w.org/" vary Accept-Encoding,User-Agent x-turbo-charged-by LiteSpeed
GET H/1.1	200 OK	style.min.css xo667.com/wp-includes/css/dist/block-library/	108 KB 15 KB	441ms 425ms	Stylesheet text/css	2606:4700:3036::6815:594c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xo667.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 Requested by Host: xo667.com URL: http://xo667.com/ Protocol HTTP/1.1 Server 2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180 Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 27 Feb 2024 22:29:02 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 14473 last-modified Thu, 25 Jan 2024 00:32:28 GMT Server cloudflare vary Accept-Encoding,User-Agent Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SisNn28iZLgxXu9I6kdaz8U3PNNA3OQbTX7Y4UoaxvGFg3aCR%2Bbfneabjrk%2BZIVubBsQ8%2F5zH31zSh3JJKn9CTlM8J3L2iTHhxagxq4IVEpBXgFRtGsxJGk5CQ1jhTTnif7fPdisVU%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 85c3dd40c8487006-CDG expires Tue, 05 Mar 2024 22:29:02 GMT
GET H/1.1	200 OK	style.css xo667.com/wp-content/themes/aplos/	21 KB 6 KB	53ms 32ms	Stylesheet text/css	2606:4700:3036::6815:594c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xo667.com/wp-content/themes/aplos/style.css?ver=6.4.3 Requested by Host: xo667.com URL: http://xo667.com/ Protocol HTTP/1.1 Server 2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e332e8274a76cc4a88aac065980ab928c8a38316a9fe3716bf38fc68c5590e09 Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 27 Feb 2024 22:29:02 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 72144 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 5572 last-modified Fri, 16 Feb 2024 13:43:50 GMT Server cloudflare vary Accept-Encoding,User-Agent Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKUgKAhR4G%2FiBBQPHOSwC49ZRdz72nI2an4Z5qL9hUB0txn3NcSbr%2Bf4cIS14OwF5K5rVFqtd6NSa%2B8z8EwovffP1rvPzslUTdZ4bZfdhZMTZNwXVpCrrB5VjY8Fa8EWlWREgrSp5AM%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 85c3dd40c88f6609-AMS expires Tue, 05 Mar 2024 02:26:38 GMT
GET H2	200	Image_1-6.jpeg trafalgarresidence.com/wp-content/uploads/2018/08/	105 KB 106 KB	85ms 35ms	Image image/jpeg	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://trafalgarresidence.com/wp-content/uploads/2018/08/Image_1-6.jpeg Requested by Host: xo667.com URL: http://xo667.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 514b70ee4de0b2482447477fdedfeac5d267170ec639b80d5201a454aeb13afd Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:29:02 GMT cf-cache-status HIT age 318995 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 107707 cf-bgj imgq:100,h2pri last-modified Sat, 24 Apr 2021 22:27:19 GMT server cloudflare etag "60849b47-1a4bb" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 85c3dd40f92c90f4-FRA
GET BLOB	200 OK	2a90d9b2-71c9-4ef3-a0cd-1b8cbb3f426d http://xo667.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://xo667.com/2a90d9b2-71c9-4ef3-a0cd-1b8cbb3f426d Requested by Host: xo667.com URL: http://xo667.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H2	200	illegal-gambling-scaled.jpeg philnews.ph/wp-content/uploads/2021/06/	143 KB 144 KB	155ms 121ms	Image image/webp	2606:4700:20::681a:9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://philnews.ph/wp-content/uploads/2021/06/illegal-gambling-scaled.jpeg Requested by Host: xo667.com URL: http://xo667.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a75ec2491e01531d9f78ba0e1de2811e5231ef1bc83978d730fe29150259587a Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:29:02 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} display staticcontent_sol x-ezoic-cdn Hit ds;ds;40d453de5b92e36a1f5cede0778bc9eb;2-40517-209;6b88085d-2a50-4f00-6395-c1c7a0ef1330 x-middleton-display staticcontent_sol x-middleton-response 200 x-ezoic-excludewebp false response 200 last-modified Wed, 09 Jun 2021 03:37:00 GMT x-ez-proxy-out true 2.4 server cloudflare etag "64a59-60c0375c-64c3d89006f8c658;;;-gzip" x-origin-cache-control public, max-age=31557600 vary Accept-Encoding,X-Ezoic-Excludewebp,Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Zbbz6zq7p4YCpH9OSlHZosV%2BkmzEf1qKExDS6fnFJq6ud9%2BnsqvKEBTgWG8%2FphYZG9OY%2Fl3zjb5N4xCDg30h5%2FI3HICFvJVzM%2BvVMX3vnLEAmEN7z%2F9HSQjODuFgzwCMfpZu%2FHh4Qnc"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31557600 x-turbo-charged-by LiteSpeed cf-ray 85c3dd411f9f3732-FRA
GET H2	200	1140-dementia-and-gambling-addiction.jpg cdn.aarp.net/content/dam/aarp/health/healthy-living/2016/12/	569 KB 571 KB	633ms 581ms	Image image/jpeg	143.204.98.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.aarp.net/content/dam/aarp/health/healthy-living/2016/12/1140-dementia-and-gambling-addiction.jpg Requested by Host: xo667.com URL: http://xo667.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-41.fra50.r.cloudfront.net Software Apache / Resource Hash 4a9bc7a914db02fcff81acea33d3504210191bd54673538585e157b07ae4d8a7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' appsec.aarp.org secure.aarp.org cms.aarp.org arenax-testing2-games.aarp.org arenax-testing3-games.aarp.org stage.jobskills.aarp.org jobskills.aarp.org feeds.aarp.org memberoffers.aarp.org aarp.org cdn.aarp.net appsec.aarp.org secure-pi.aarp.org test.elearn.aarp.org dev.livablemap.aarp.byf1.dev livablemap.aarp.org nextgen.jobs.aarp.org jobs.aarp.org arenax-testing-games.aarp.org games.aarp.org futureofhousing.aarp.org aarpfutureodev.wpengine.com aarpfohstage.wpengine.com help.aarp.org test.elearn.aarp.org elearn.aarp.org local.aarp.org staging.local.aarp.org longtermscorecard.org careers.aarp.org www.aarp.org yqa.livetech.dev yqa.test caretotalk.aarp.org policybook.aarp.org policybookdb8jfimehk.devcloud.acquia-sites.com livindexhub.aarp.org livabilityindex.aarp.org livablemap.aarp.org press.aarp.org stage.mediaroom.com policybookwmcd4qm5qv.devcloud.acquia-sites.com dev.livindex-21.aarp.byf1.dev stage.livindex-21.aarp.byf1.dev veterans.aarp.org learn.aarp.org help.aarp.org community.aarp.org services.share.aarp.org secure.aarp.org virtualevents.aarp.org cdn.kitewheel.com aarp.brand.live aarpsandbox.brand.live test.virtualevents.aarp.org elearn.aarp.org blog.aarp.org taxappointment.aarp.org banksafetraining.aarp.org virtualevents.aarp.org; Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers x-dispatcher dispatcher1uswest2 date Tue, 27 Feb 2024 22:29:02 GMT strict-transport-security max-age=31536000; x-content-type-options nosniff content-security-policy frame-ancestors 'self' appsec.aarp.org secure.aarp.org cms.aarp.org arenax-testing2-games.aarp.org arenax-testing3-games.aarp.org stage.jobskills.aarp.org jobskills.aarp.org feeds.aarp.org memberoffers.aarp.org aarp.org cdn.aarp.net appsec.aarp.org secure-pi.aarp.org test.elearn.aarp.org dev.livablemap.aarp.byf1.dev livablemap.aarp.org nextgen.jobs.aarp.org jobs.aarp.org arenax-testing-games.aarp.org games.aarp.org futureofhousing.aarp.org aarpfutureodev.wpengine.com aarpfohstage.wpengine.com help.aarp.org test.elearn.aarp.org elearn.aarp.org local.aarp.org staging.local.aarp.org longtermscorecard.org careers.aarp.org www.aarp.org yqa.livetech.dev yqa.test caretotalk.aarp.org policybook.aarp.org policybookdb8jfimehk.devcloud.acquia-sites.com livindexhub.aarp.org livabilityindex.aarp.org livablemap.aarp.org press.aarp.org stage.mediaroom.com policybookwmcd4qm5qv.devcloud.acquia-sites.com dev.livindex-21.aarp.byf1.dev stage.livindex-21.aarp.byf1.dev veterans.aarp.org learn.aarp.org help.aarp.org community.aarp.org services.share.aarp.org secure.aarp.org virtualevents.aarp.org cdn.kitewheel.com aarp.brand.live aarpsandbox.brand.live test.virtualevents.aarp.org elearn.aarp.org blog.aarp.org taxappointment.aarp.org banksafetraining.aarp.org virtualevents.aarp.org; via 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-vhost publish x-cache Miss from cloudfront content-length 582858 last-modified Fri, 26 Jan 2024 17:22:40 GMT server Apache x-frame-options SAMEORIGIN content-type image/jpeg cache-control s-maxage=604800, max-age=86400 accept-ranges bytes x-amz-cf-id M7HVrYNtoCMq2loxPbnNxguzAJmBJOZdHjbUevdsG7_Q8Ob5kfX0BA== expires Wed, 28 Feb 2024 22:29:02 GMT
GET H2	200	Online-Gambling-Sites-1024x574.jpg casinomagzine.com/wp-content/uploads/2021/03/	133 KB 133 KB	633ms 308ms	Image image/jpeg	162.0.209.120 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://casinomagzine.com/wp-content/uploads/2021/03/Online-Gambling-Sites-1024x574.jpg Requested by Host: xo667.com URL: http://xo667.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.120 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium172-4.web-hosting.com Software LiteSpeed / Resource Hash ae479c43f5c55dab2c82a3e7158f339b94944e217767d32d0b28f949e18be2cb Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:29:02 GMT referrer-policy no-referrer-when-downgrade last-modified Mon, 29 Mar 2021 17:43:14 GMT server LiteSpeed etag "21246-606211b2-0;;;" content-type image/jpeg cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 135750 expires Wed, 26 Feb 2025 22:29:02 GMT
GET H/1.1	200 OK	online-casino-gambling.jpg www.smartestnotredamefan.com/wp-content/uploads/2016/11/	770 KB 0	202ms 96ms	Image image/jpeg	191.101.50.30 WHG-USE1
General Check archive.org Show headers Download Go to Show image Full URL http://www.smartestnotredamefan.com/wp-content/uploads/2016/11/online-casino-gambling.jpg Requested by Host: xo667.com URL: http://xo667.com/ Protocol HTTP/1.1 Server 191.101.50.30 Buffalo, United States, ASN14670 (WHG-USE1, GB), Reverse DNS rs202.nsresponse.com Software LiteSpeed / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:29:02 GMT last-modified Tue, 29 Nov 2016 23:57:09 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 Connection Keep-Alive accept-ranges bytes Keep-Alive timeout=5, max=100 content-length 1337972 expires Tue, 05 Mar 2024 22:29:02 GMT
GET H/1.1	200 OK	gambling-4178462_1920.jpg raven-news.uk/wp-content/uploads/2019/12/	276 KB 277 KB	49ms 11ms	Image image/jpeg	92.205.9.165 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://raven-news.uk/wp-content/uploads/2019/12/gambling-4178462_1920.jpg Requested by Host: xo667.com URL: http://xo667.com/ Protocol HTTP/1.1 Server 92.205.9.165 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 165.9.205.92.host.secureserver.net Software Apache / Resource Hash 5be848c34ab5e84356257fb9e044a6d01ad5f58006eb738c01fb6cd86e045911 Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 27 Feb 2024 22:29:02 GMT Last-Modified Wed, 11 Dec 2019 16:17:10 GMT Server Apache ETag "2f4d20-451bd-5996ff5ee2d80" Upgrade h2,h2c Content-Type image/jpeg Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 283069
GET H2	200	different-types-of-gambling.png www.gamblingsites.com/app/uploads/2019/01/	564 KB 565 KB	65ms 14ms	Image image/png	65.9.66.57 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.gamblingsites.com/app/uploads/2019/01/different-types-of-gambling.png Requested by Host: xo667.com URL: http://xo667.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-57.fra56.r.cloudfront.net Software / Resource Hash 49ab3a1a609b17ea8cd4c43cfe50524fd6038a94f31b9d86bd6736e847d433f4 Security Headers Name Value Strict-Transport-Security max-age=3600 Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sat, 24 Feb 2024 03:43:52 GMT via 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront) strict-transport-security max-age=3600 last-modified Wed, 17 Jul 2019 09:42:56 GMT x-amz-cf-pop FRA56-C1 age 326710 etag "5d2eeda0-8d08c" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 577676 x-amz-cf-id daiVlqzf2kjlM3KLn5LWkLwf4Lx3yYllZUyPtaAMNnNyy9qqk2zoYQ== expires Sun, 23 Feb 2025 03:43:52 GMT
GET H2	200	jugador-poker-enfadado-fotolia.jpg codigo-de-bono.es/wp-content/uploads/2019/01/	124 KB 124 KB	200ms 109ms	Image image/webp	2606:4700:3032::6815:16e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://codigo-de-bono.es/wp-content/uploads/2019/01/jugador-poker-enfadado-fotolia.jpg Requested by Host: xo667.com URL: http://xo667.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:16e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 798e2deff9d93216c5863aee8e27e1816c125fb716c269d0f570e93bf89b079b Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:29:02 GMT cf-cache-status MISS last-modified Wed, 19 Aug 2020 07:01:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PleskLin vary Accept-Encoding,Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iisXDuHoBf0jAEg5W8NoJO%2BgClx9x%2FSTlH7ERZhGqOdcHACafHPKizhD90TUTlHtrCD1UaO6X%2BB3VxteOcVP%2FN7kCxfg0kPK81Jp1icLXfeEZ%2FqYgw1z6p6%2FjjbJ9QNlTDDF4NJGFMP%2B6g7d1WOY2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=10368000 accept-ranges bytes cf-ray 85c3dd41fe2f66c8-AMS alt-svc h3=":443"; ma=86400 content-length 126506 expires Wed, 26 Jun 2024 22:29:02 GMT
GET H2	200	gambling.jpg 1.bp.blogspot.com/-vb8H1iBwqhg/T0GlG3f-fCI/AAAAAAAABnU/0jtHY4LQBjM/s1600/	97 KB 97 KB	362ms 307ms	Image image/jpeg	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-vb8H1iBwqhg/T0GlG3f-fCI/AAAAAAAABnU/0jtHY4LQBjM/s1600/gambling.jpg Requested by Host: xo667.com URL: http://xo667.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 69df1e702970d290fc78331499abbf592c20c1fac4b9a87af9abb90700d24820 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:29:02 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="gambling.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 99447 x-xss-protection 0 server fife etag "v675" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 28 Feb 2024 22:29:02 GMT
GET H2	200	Gambling-Debt.jpg www.debt.org/wp-content/uploads/2012/06/	69 KB 71 KB	85ms 21ms	Image image/jpeg	141.193.213.21 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.debt.org/wp-content/uploads/2012/06/Gambling-Debt.jpg Requested by Host: xo667.com URL: http://xo667.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 1d0b32b6583f47affe8129752495de552b9c072395f5708eef8ed3c6ff3bfc67 Security Headers Name Value Content-Security-Policy content-security-policy: default-src 'self' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.googlesyndication.com/ https://www.googleoptimize.com https://script.hotjar.com/ https://static.hotjar.com https://www.google-analytics.com/ https://www.googletagmanager.com/ https://ajax.googleapis.com/ https://www.calcxml.com/ https://cdnjs.cloudflare.com/ https://*.firebaseio.com https://*.google.com https://*.facebook.net https://*.trustpilot.com https://*.jquery.com https://*.callrail.com https://*.pardot.com https://*.googleapis.com https://*.jsdelivr.net https://*.pingdom.net https://*.brandcdn.com https://*.licdn.com https://*.swiftypecdn.com https://*.visualwebsiteoptimizer.com https://*.credible.com; style-src 'self' 'unsafe-inline' https://profontawesome.com/ https://www.incharge.org/ https://fonts.googleapis.com/ https://www.calcxml.com/ https://www.google.com/ https://optimize.google.com https://*.cloudflare.com; connect-src 'self' wss://*.firebaseio.com https://*.landbot.io https://*.googlesyndication.com/ https://*.google.com https://stats.g.doubleclick.net https://*.googlesyndication.com/ https://*.hotjar.com/ wss://*.hotjar.com/ https://www.calcxml.com/ https://*.googleapis.com/ https://google-analytics.com https://www.google-analytics.com https://googletagmanager.com https://*.facebook.net/ https://*.callrail.com https://*.yoast.com https://yoast.com https://*.wpengine.com https://*.credible.com https://*.pingdom.net; frame-ancestors 'self'; Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Tue, 27 Feb 2024 22:29:02 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-security-policy content-security-policy: default-src 'self' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.googlesyndication.com/ https://www.googleoptimize.com https://script.hotjar.com/ https://static.hotjar.com https://www.google-analytics.com/ https://www.googletagmanager.com/ https://ajax.googleapis.com/ https://www.calcxml.com/ https://cdnjs.cloudflare.com/ https://*.firebaseio.com https://*.google.com https://*.facebook.net https://*.trustpilot.com https://*.jquery.com https://*.callrail.com https://*.pardot.com https://*.googleapis.com https://*.jsdelivr.net https://*.pingdom.net https://*.brandcdn.com https://*.licdn.com https://*.swiftypecdn.com https://*.visualwebsiteoptimizer.com https://*.credible.com; style-src 'self' 'unsafe-inline' https://profontawesome.com/ https://www.incharge.org/ https://fonts.googleapis.com/ https://www.calcxml.com/ https://www.google.com/ https://optimize.google.com https://*.cloudflare.com; connect-src 'self' wss://*.firebaseio.com https://*.landbot.io https://*.googlesyndication.com/ https://*.google.com https://stats.g.doubleclick.net https://*.googlesyndication.com/ https://*.hotjar.com/ wss://*.hotjar.com/ https://www.calcxml.com/ https://*.googleapis.com/ https://google-analytics.com https://www.google-analytics.com https://googletagmanager.com https://*.facebook.net/ https://*.callrail.com https://*.yoast.com https://yoast.com https://*.wpengine.com https://*.credible.com https://*.pingdom.net; frame-ancestors 'self'; cf-cache-status HIT age 96082 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 70602 cf-bgj imgq:100,h2pri last-modified Mon, 05 Apr 2021 16:17:38 GMT server cloudflare etag "606b3822-113ca" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 85c3dd41c8bcbb95-FRA
GET H/1.1	200 OK	navigation.js Show response xo667.com/wp-content/themes/aplos/js/	865 B 1 KB	290ms 290ms	Script application/javascript	2606:4700:3036::6815:594c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xo667.com/wp-content/themes/aplos/js/navigation.js?ver=20120206 Requested by Host: xo667.com URL: http://xo667.com/ Protocol HTTP/1.1 Server 2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0c2a8719d6624ecd24600a083b822489350c71540a19d689ef4247d8b641b32 Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 27 Feb 2024 22:29:02 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 394 last-modified Fri, 16 Feb 2024 13:43:50 GMT Server cloudflare vary Accept-Encoding,User-Agent Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RM99cpJSiQnnKTyARCpzFpMf6c0HDSC6AiLxjJmwpso5BXzi3sgSuiAztSYZiJzlqvQ3NS%2FkR1KrlyTucfkU%2F8z%2BTpoh%2B8hXADMhod4Y8txb4RmVAxZfCUtxXe%2B7oVsK19%2FirTayIk%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 85c3dd41692c0b8c-AMS expires Tue, 05 Mar 2024 22:29:02 GMT
GET H/1.1	200 OK	BebasNeue.woff2 xo667.com/wp-content/themes/aplos/fonts/	12 KB 13 KB	153ms 152ms	Font font/woff2	2606:4700:3036::6815:594c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xo667.com/wp-content/themes/aplos/fonts/BebasNeue.woff2 Requested by Host: xo667.com URL: http://xo667.com/wp-content/themes/aplos/style.css?ver=6.4.3 Protocol HTTP/1.1 Server 2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1da6927b6e29f72f05b85d9ba29bd72bfc6438891933d87807697f91765937d5 Request headers Referer http://xo667.com/wp-content/themes/aplos/style.css?ver=6.4.3 Origin http://xo667.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 27 Feb 2024 22:29:02 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 12744 last-modified Fri, 16 Feb 2024 13:43:50 GMT Server cloudflare vary User-Agent, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYf3RwojGwVs%2Fv48Ookt6xIDDQB96EkM%2FQAxlPQV4LzmHq4I2Vr1H0%2B%2FY19LaD411E64i2%2BHcvzJujnt5OMSgxxv9Gefo%2Fwv%2FhJRATiO2fJXZBIfse2ihcO3uz%2F8OmVr86xK%2Fe86jx4%3D"}],"group":"cf-nel","max_age":604800} Content-Type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 85c3dd437ba07006-CDG expires Tue, 05 Mar 2024 22:29:02 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response xo667.com/wp-includes/js/	18 KB 6 KB	186ms 186ms	Script application/javascript	2606:4700:3036::6815:594c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://xo667.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3 Requested by Host: xo667.com URL: http://xo667.com/ Protocol HTTP/1.1 Server 2606:4700:3036::6815:594c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language de-DE,de;q=0.9 Referer http://xo667.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Tue, 27 Feb 2024 22:29:02 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 5052 last-modified Thu, 02 Feb 2023 06:23:26 GMT Server cloudflare vary Accept-Encoding,User-Agent Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqvE8C0qojzzyg9ZVBHb8TaB230yNNyqTvIC1YkQmZMgUCIK3z7EOhjgc%2FD14kgDZSR8ioTYq3Vc%2B1yx1jO0ttxG5%2BOo8XnHXqT%2FYba%2Bg6Eflq%2BEkPJ762u05VNGYTHDs1WR1QJRR6g%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 85c3dd439b730b8c-AMS expires Tue, 05 Mar 2024 22:29:02 GMT

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| twemoji object| wp

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.trafalgarresidence.com/	1970-01-20 18:44:34	Name: __cf_bm Value: fvzzDOLYzfCkcQGg0h197n6iDPJuUpVUX_jqoZVDqBI-1709072942-1.0-AcbmKKmU57SVydD02tjmd4FDEX/bkfZWqODfXecDaKQtrdBd+BHO/4qW0DaNMeXv3SiXKclrfxPDqbCqLDrK5Kg=
			.www.debt.org/	1970-01-20 18:44:34	Name: __cf_bm Value: yTlqp27en.SIGwr0.Gd5mYvWGhDiQEC9lxh_9CC3XBo-1709072942-1.0-AdCeu5jinsfyn1iMaRsilGuanRWWr1qwQCmTDj+7fM3h/6Pr+IDkcg29pZZzkKLmnif6OI1k5kNVMbtun+Eayvw=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://xo667.com/(Line 375) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://xo667.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
casinomagzine.com
cdn.aarp.net
codigo-de-bono.es
philnews.ph
raven-news.uk
trafalgarresidence.com
www.debt.org
www.gamblingsites.com
www.smartestnotredamefan.com
xo667.com
141.193.213.10
141.193.213.21
143.204.98.41
162.0.209.120
191.101.50.30
2606:4700:20::681a:9
2606:4700:3032::6815:16e
2606:4700:3036::6815:594c
2a00:1450:4001:812::2001
65.9.66.57
92.205.9.165
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
1d0b32b6583f47affe8129752495de552b9c072395f5708eef8ed3c6ff3bfc67
1da6927b6e29f72f05b85d9ba29bd72bfc6438891933d87807697f91765937d5
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
49ab3a1a609b17ea8cd4c43cfe50524fd6038a94f31b9d86bd6736e847d433f4
4a9bc7a914db02fcff81acea33d3504210191bd54673538585e157b07ae4d8a7
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
514b70ee4de0b2482447477fdedfeac5d267170ec639b80d5201a454aeb13afd
5be848c34ab5e84356257fb9e044a6d01ad5f58006eb738c01fb6cd86e045911
69df1e702970d290fc78331499abbf592c20c1fac4b9a87af9abb90700d24820
789d50f37be91a659f800dec66464d64fc03f6c461082c7863e2a83aa35b785c
798e2deff9d93216c5863aee8e27e1816c125fb716c269d0f570e93bf89b079b
a75ec2491e01531d9f78ba0e1de2811e5231ef1bc83978d730fe29150259587a
ae479c43f5c55dab2c82a3e7158f339b94944e217767d32d0b28f949e18be2cb
e0c2a8719d6624ecd24600a083b822489350c71540a19d689ef4247d8b641b32
e332e8274a76cc4a88aac065980ab928c8a38316a9fe3716bf38fc68c5590e09