ersadepbalcami.netlify.app Open in urlscan Pro
2a05:d014:275:cb02::c8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ersadepbalcami.netlify.app/
Submission: On April 30 via api (April 30th 2024, 8:57:25 am UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 14 domains to perform 21 HTTP transactions. The main IP is 2a05:d014:275:cb02::c8, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is ersadepbalcami.netlify.app.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.

This is the only time ersadepbalcami.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a05:d014:275... 2a05:d014:275:cb02::c8	16509 (AMAZON-02) (AMAZON-02)
1	185.30.92.203 185.30.92.203	60491 (NLN-AS) (NLN-AS)
1	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::2016	15169 (GOOGLE) (GOOGLE)
1	102.37.222.41 102.37.222.41	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.92.139.20 216.92.139.20	7859 (PAIR-NETW...) (PAIR-NETWORKS)
1	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::718	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.67.52 151.101.67.52	54113 (FASTLY) (FASTLY)
1	13.32.99.16 13.32.99.16	16509 (AMAZON-02) (AMAZON-02)
21	12

8 2a05:d014:275:cb02::c8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ersadepbalcami.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.30.92.203 (France)

ASN60491 (NLN-AS, FR)

www.casinosavenue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.levelwinner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casinohex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 102.37.222.41 (Johannesburg, South Africa)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htxt.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.92.139.20 (United States)

ASN7859 (PAIR-NETWORKS, US)
PTR: sites.waveform.us

olexas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::718 (United States)

ASN54113 (FASTLY, US)

i.ebayimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:816 (United States)

ASN13335 (CLOUDFLARENET, US)

image.winudf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.67.52 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

onlinecasinohex.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-16.fra60.r.cloudfront.net

n4.sdlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	netlify.app ersadepbalcami.netlify.app	73 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 90	208 KB
1	sdlcdn.com n4.sdlcdn.com	92 KB
1	casinohex.org casinohex.org	251 KB
1	onlinecasinohex.ca 1 redirects onlinecasinohex.ca	255 B
1	winudf.com image.winudf.com — Cisco Umbrella Rank: 74401	236 KB
1	ebayimg.com i.ebayimg.com — Cisco Umbrella Rank: 5300	17 KB
1	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 579	263 KB
1	olexas.com olexas.com	94 KB
1	htxt.co.za htxt.co.za — Cisco Umbrella Rank: 825021	70 KB
1	levelwinner.com www.levelwinner.com	84 KB
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1953	80 KB
1	casinosavenue.com www.casinosavenue.com	94 KB
0	onlinecasinotest.com Failed www.onlinecasinotest.com Failed
21	14

	Domain	Requested by
8	ersadepbalcami.netlify.app	ersadepbalcami.netlify.app
2	i.ytimg.com	ersadepbalcami.netlify.app
1	n4.sdlcdn.com	ersadepbalcami.netlify.app
1	casinohex.org	ersadepbalcami.netlify.app
1	onlinecasinohex.ca	1 redirects
1	image.winudf.com	ersadepbalcami.netlify.app
1	i.ebayimg.com	ersadepbalcami.netlify.app
1	play-lh.googleusercontent.com	ersadepbalcami.netlify.app
1	olexas.com	ersadepbalcami.netlify.app
1	htxt.co.za	ersadepbalcami.netlify.app
1	www.levelwinner.com	ersadepbalcami.netlify.app
1	i.pinimg.com	ersadepbalcami.netlify.app
1	www.casinosavenue.com	ersadepbalcami.netlify.app
0	www.onlinecasinotest.com Failed	ersadepbalcami.netlify.app
21	14

This site contains no links.

Subject Issuer	Validity	Valid
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
casinosavenue.com R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
levelwinner.com GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
htxt.co.za R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh
olexas.com R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
i.ebayimg.com Sectigo RSA Organization Validation Secure Server CA	`2024-03-06` - `2025-03-06`	a year	crt.sh
winudf.com GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh
*.sdlcdn.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ersadepbalcami.netlify.app/
Frame ID: 647880A35BAA3A221237054852186BE1
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ersadepbalcami.netlify.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Netlify (Web Servers) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.netlify\.(?:com|app)/

Page Statistics

21
Requests

90 %
HTTPS

58 %
IPv6

14
Domains

14
Subdomains

12
IPs

4
Countries

1561 kB
Transfer

1588 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://onlinecasinohex.ca/wp-content/uploads/flaming-hot-egt-free-slot.png HTTP 301
https://casinohex.org/canada/wp-content/uploads/flaming-hot-egt-free-slot.png

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ersadepbalcami.netlify.app/ 23 KB
6 KB 225ms
201ms Document
text/html 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ersadepbalcami.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a076da450e8b40d81dc2889537ab485c30af52158c997ac0dd68bb2642305450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 1
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 30 Apr 2024 08:57:19 GMT
etag: "62f6fb3a98daef98258dfcf7c6af164f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HWQ3J0CC32WRJT0PJY3BNTAB

GET
H2 200 JeDIs7.css
ersadepbalcami.netlify.app/ 18 KB
4 KB 180ms
179ms Stylesheet
text/css 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ersadepbalcami.netlify.app/JeDIs7.css

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

598b0790428dc735610b45efe584482811e8660311f5398de4409db1fd5b7573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWQ3J0JS980V9FPJFSVKJ9H3
date: Tue, 30 Apr 2024 08:57:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "6dd83e9371729eb8a6029f7abda3ccbb-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes

GET
H/1.1 200
OK 8010_7-clans-first-council-casino.jpeg
www.casinosavenue.com/upload/photoCasino/ 93 KB
94 KB 115ms
21ms Image
image/jpeg 185.30.92.203
NLN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.casinosavenue.com/upload/photoCasino/8010_7-clans-first-council-casino.jpeg
Requested by: Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.92.203 , France, ASN60491 (NLN-AS, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1b32b34f34d8468e53557e228e01958f66c05968cfc2dc48f33fa6a2b494ac1b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 08:57:19 GMT
Last-Modified: Wed, 01 Apr 2020 12:56:27 GMT
Server: Apache
ETag: "174de-5a23a365d94d2"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 95454
Expires: Thu, 30 May 2024 08:57:19 GMT

GET
H2 200 12214bbeb0b5d93f892a585a845a05e8.jpg
i.pinimg.com/originals/12/21/4b/ 80 KB
80 KB 28ms
7ms Image
image/jpeg 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/12/21/4b/12214bbeb0b5d93f892a585a845a05e8.jpg
Requested by: Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5b68de11fd0c0f984724caf88e2f3587fdc21c93d70a0b56a0d8e851ea731b42

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
x-cdn: fastly
etag: "d4c9b8195f7a0646e204baf1b8422338"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 81431

GET
H3 200 slotomania-vegas-casino-slots-800x350.jpg
www.levelwinner.com/wp-content/uploads/2018/01/ 83 KB
84 KB 767ms
734ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.levelwinner.com/wp-content/uploads/2018/01/slotomania-vegas-casino-slots-800x350.jpg
Requested by: Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ccd106342dd85cda29aafd4858fa2859a111b530ce23906c90e0d14c08c99e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2018 23:49:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IPu6o2TeftWRxkYeTlnN4cn3JBXHdhAL8g5z8z3nv97RwJAP9FPlsvMHafuKRkKFhmfl4nnrza7LAcBBiCFBkGHgP0d8FI0GWHLFefJkVXKdWfba05dFnZ1g%2F5BxqlFoJvrPB8j5czyyC11Jdb9hujH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 87c652d74f365d9a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 85058
expires: Wed, 30 Apr 2025 08:57:19 GMT

GET illegales_fussball_sponsoring_in_deutschland_4491.jpg
www.onlinecasinotest.com/wp-content/uploads/2015/10/ 0
0

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/DlfXsXuKXms/ 76 KB
77 KB 47ms
19ms Image
image/jpeg 2a00:1450:4001:81d::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/DlfXsXuKXms/maxresdefault.jpg

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a875c2871048b210f63e23ef42a4443aa6ae8b85fc4c36ba39238f1763819d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78202
x-xss-protection: 0
server: sffe
etag: "1710252828"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Apr 2024 10:57:19 GMT

GET
H/1.1 200
OK educational_apps_header.jpg
htxt.co.za/wp-content/uploads/2014/03/ 70 KB
70 KB 520ms
170ms Image
image/jpeg 102.37.222.41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://htxt.co.za/wp-content/uploads/2014/03/educational_apps_header.jpg
Requested by: Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 102.37.222.41 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 8d8b7ba59cd78a827e1f911433321b93b7e66f2842b38f52d4bf0bbf2fc05e32

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 30 Apr 2024 08:57:19 GMT
Last-Modified: Wed, 25 Oct 2023 06:37:23 GMT
Server: Apache
ETag: "1164c-60884b012eec0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 71244

GET
H2 200 Wedding-Cake-209.jpg
olexas.com/wp-content/gallery/wedding-cakes-1/ 94 KB
94 KB 548ms
323ms Image
image/jpeg 216.92.139.20
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://olexas.com/wp-content/gallery/wedding-cakes-1/Wedding-Cake-209.jpg
Requested by: Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.139.20 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: sites.waveform.us
Software: Apache /
Resource Hash: 62f8074bc9c6e034262d13e77335b368a6eed39597ef54aa27a7e7c3b9045bf3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
last-modified: Mon, 14 Mar 2016 23:07:24 GMT
server: Apache
accept-ranges: bytes
etag: "1784d-52e0a57f86300"
content-length: 96333
content-type: image/jpeg

GET
H2 200 Bmr1A641OGHa0uBTpILUez-S7f3f3loEngQJGTXIn5saubF64szKG0BAYmaqs_u0lAsY
play-lh.googleusercontent.com/ 263 KB
263 KB 73ms
25ms Image
image/png 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/Bmr1A641OGHa0uBTpILUez-S7f3f3loEngQJGTXIn5saubF64szKG0BAYmaqs_u0lAsY

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

592015b95bef8e160b9f0ab6cacedf8b19bd6173c8965b321d978ef9eb6fbc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268803
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 May 2024 08:57:19 GMT

GET
H2 200 $_1.JPG
i.ebayimg.com/00/s/MTYwMFgxMjAw/z/Dg8AAOSwGBpd~7L1/ 17 KB
17 KB 45ms
7ms Image
image/jpeg 2a04:4e42:400::718
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ebayimg.com/00/s/MTYwMFgxMjAw/z/Dg8AAOSwGBpd~7L1/$_1.JPG

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82658dfe4e3d316e865a1916df08d71aafd94c7847bfaf1cdd39fa02375703f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
strict-transport-security: max-age=31557600
last-modified: Sun, 22 Dec 2019 18:16:20 GMT
x-cdn: Fastly
x-ebay-pop-id: UFES2-FRA-zoe-anycast
age: 6595076
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=12960000,immutable
x-envoy-upstream-service-time: 42
rlogid: t6q4%7Cjfaofpse%3D9iptq4%7Cjfaofpse*unr5k%28rbpv6712-18da520278e-0x137
x-ebay-c-version: 1.0.0
accept-ranges: bytes
content-length: 17500
expires: Sat, 13 Jul 2024 00:59:24 GMT

GET
H2 200 screen-0.jpg
image.winudf.com/v2/image/YWlyLmNvbS5wbGF5dGlrYS5jdnNfc2NyZWVuXzBfMTUxOTExMjg0OV8wMDM/ 236 KB
236 KB 184ms
157ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image/YWlyLmNvbS5wbGF5dGlrYS5jdnNfc2NyZWVuXzBfMTUxOTExMjg0OV8wMDM/screen-0.jpg?h=800&fakeurl=1&type=.jpg

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

597ac2c0f5c97100dbf2c6d4c81e704f3a12437a04d2015e56308902ee25eb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=249245
x-cache: MISS
content-length: 241269
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: 7cca5029
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FK%2BhXFWWsiAYlpLrKQ0MfALE5DI%2BrkiH7y8UuKiqps3ml5cdfLdFj0qXHy%2Bdp042Fa0Oy%2FltSgP02GyX7fW2D5%2FTYzGpRASOOTzYmvDKtqCQLuUmiSQUI7NjV8wksYLatqVMu3f%2FJmPK1%2B7%2B5pI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87c652d74f8e91d2-FRA

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/x2PaAFqckSE/ 131 KB
131 KB 46ms
31ms Image
image/jpeg 2a00:1450:4001:81d::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/x2PaAFqckSE/maxresdefault.jpg

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

722bcbde7d6a2ca8601bd00eab29f0454d3b68202e01fe357fedc6add63018ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134167
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Apr 2024 10:57:19 GMT

GET
H3

200

flaming-hot-egt-free-slot.png
casinohex.org/canada/wp-content/uploads/
Redirect Chain

https://onlinecasinohex.ca/wp-content/uploads/flaming-hot-egt-free-slot.png
https://casinohex.org/canada/wp-content/uploads/flaming-hot-egt-free-slot.png

250 KB
251 KB

67ms
45ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casinohex.org/canada/wp-content/uploads/flaming-hot-egt-free-slot.png
Requested by: Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cc92b1136a2979806256ba20edde56c160d98c61e85580584f60a6a27a65bcd9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ersadepbalcami.netlify.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Apr 2024 08:57:19 GMT
cf-cache-status: BYPASS
last-modified: Fri, 11 Aug 2017 09:34:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "598d7a1b-3e996"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QdqIM8wak3BXA7TKSp5Z6dWf5SwCdn9G%2B73XDTUekqMugvNbTiM7TIQbr9o2e%2BX1YOCk27aQIi0D5ejcaYbf%2BFvGTsHFKmVFeZPcRoc7xU5UIV9sDqvpqnX1iekR06T2715ueyC%2ByoIOQSA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, public
accept-ranges: bytes
cf-ray: 87c652d7a823196a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 256406

Redirect headers

x-served-by: cache-fra-etou8220039-FRA
date: Tue, 30 Apr 2024 08:57:19 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
server: LiteSpeed
age: 2302
x-timer: S1714467439.271984,VS0,VE1
x-cache: HIT
content-type: text/html
location: https://casinohex.org/canada/wp-content/uploads/flaming-hot-egt-free-slot.png
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 730
x-cache-hits: 0

GET
H2 200 Blacksmith-Classic-Black-9-Slot-SDL692513789-4-918d8.jpg
n4.sdlcdn.com/imgs/b/c/e/ 91 KB
92 KB 53ms
9ms Image
image/jpeg 13.32.99.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n4.sdlcdn.com/imgs/b/c/e/Blacksmith-Classic-Black-9-Slot-SDL692513789-4-918d8.jpg
Requested by: Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-16.fra60.r.cloudfront.net
Software: gunicorn/19.9.0 /
Resource Hash: c7e809ab0a9e13727296b443a1841b6e06cc7e432bf60d3c4aac2309f135b244

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 08:41:35 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
server: gunicorn/19.9.0
x-amz-cf-pop: FRA60-P3
age: 1901744
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
content-length: 93626
x-amz-cf-id: hia4WPdGwpL4EGqSTsKyj8xGVAv7rOUic1-C-ERKSvoXfViic4xihA==
expires: Tue, 08 Apr 2025 14:41:35 GMT

GET
H2 200 CBvlDN.png
ersadepbalcami.netlify.app/ 57 KB
57 KB 125ms
124ms Image
image/png 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ersadepbalcami.netlify.app/CBvlDN.png

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/JeDIs7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

fff6f3b1a1ef4663516ac12c262cd6b60d1bb98d9942aa359cab287d247b17dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/JeDIs7.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWQ3J0RETDK0GZPY3166QMY7
date: Tue, 30 Apr 2024 08:57:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "054eeda3a066bff0ac87982914264b6d-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 58352

GET
H2 200 qdcapg.png
ersadepbalcami.netlify.app/ 3 KB
3 KB 119ms
118ms Image
image/png 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ersadepbalcami.netlify.app/qdcapg.png

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/JeDIs7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

8fc066f7188e4a6cafe8324ef8c6931c6d86c1cfe23e31b0de73b4ccc55a4651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/JeDIs7.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWQ3J0REH8QT36JR5AA3ES4H
date: Tue, 30 Apr 2024 08:57:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "b1f8e39e88fb4947d403e0b193dde3e4-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 3046

GET
H2 200 LlphyDcv.png
ersadepbalcami.netlify.app/ 422 B
508 B 122ms
122ms Image
image/png 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ersadepbalcami.netlify.app/LlphyDcv.png

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/JeDIs7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

700c098799326063cf1db239cc407144eb081457fb5c14fb32f0a985e140644f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/JeDIs7.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWQ3J0RF28KR71Z4XWTYX6B7
date: Tue, 30 Apr 2024 08:57:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "c8ed8c374369d38781fba82f262afe77-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 422

GET
H2 200 GHGGMPw.png
ersadepbalcami.netlify.app/ 429 B
515 B 125ms
124ms Image
image/png 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ersadepbalcami.netlify.app/GHGGMPw.png

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/JeDIs7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

495cb42b142f00a1f72bf7d4d59983b54eb3158e16fc391e94b0bc4ab8609e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/JeDIs7.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWQ3J0RF0HWK13Z455JYJ4HV
date: Tue, 30 Apr 2024 08:57:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "aa6f945a0d04a267076822f60ef4a78c-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 429

GET
H2 200 UtfWlK.png
ersadepbalcami.netlify.app/ 131 B
217 B 121ms
121ms Image
image/png 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ersadepbalcami.netlify.app/UtfWlK.png

Requested by

Host: ersadepbalcami.netlify.app
URL: https://ersadepbalcami.netlify.app/JeDIs7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

119c4af9c5def9ae963b28339aec934b51c850420c9dc2c4dce90f06827e0023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/JeDIs7.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWQ3J0RFWNANAJSRXPT56TY3
date: Tue, 30 Apr 2024 08:57:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: "98e179b79cfa5d44c0af895c7a2a7c09-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 131

GET
H2 404 favicon.ico
ersadepbalcami.netlify.app/ 3 KB
1 KB 119ms
119ms Other
text/html 2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ersadepbalcami.netlify.app/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ersadepbalcami.netlify.app/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWQ3J3VNXM6C791BQ2X3BXJ5
date: Tue, 30 Apr 2024 08:57:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 0
cache-status: "Netlify Edge"; fwd=miss
etag: 1652869019-ssl-df
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: public,max-age=0,must-revalidate

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.onlinecasinotest.com
URL: https://www.onlinecasinotest.com/wp-content/uploads/2015/10/illegales_fussball_sponsoring_in_deutschland_4491.jpg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.onlinecasinotest.com/wp-content/uploads/2015/10/illegales_fussball_sponsoring_in_deutschland_4491.jpg Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://ersadepbalcami.netlify.app/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

casinohex.org
ersadepbalcami.netlify.app
htxt.co.za
i.ebayimg.com
i.pinimg.com
i.ytimg.com
image.winudf.com
n4.sdlcdn.com
olexas.com
onlinecasinohex.ca
play-lh.googleusercontent.com
www.casinosavenue.com
www.levelwinner.com
www.onlinecasinotest.com
www.onlinecasinotest.com
102.37.222.41
13.32.99.16
151.101.67.52
185.30.92.203
216.92.139.20
2606:4700:20::681a:816
2a00:1450:4001:81d::2016
2a00:1450:4001:829::2016
2a04:4e42:400::718
2a04:4e42:8e::84
2a05:d014:275:cb02::c8
2a06:98c1:3121::3
119c4af9c5def9ae963b28339aec934b51c850420c9dc2c4dce90f06827e0023
1b32b34f34d8468e53557e228e01958f66c05968cfc2dc48f33fa6a2b494ac1b
22ccd106342dd85cda29aafd4858fa2859a111b530ce23906c90e0d14c08c99e
495cb42b142f00a1f72bf7d4d59983b54eb3158e16fc391e94b0bc4ab8609e35
592015b95bef8e160b9f0ab6cacedf8b19bd6173c8965b321d978ef9eb6fbc30
597ac2c0f5c97100dbf2c6d4c81e704f3a12437a04d2015e56308902ee25eb4f
598b0790428dc735610b45efe584482811e8660311f5398de4409db1fd5b7573
5b68de11fd0c0f984724caf88e2f3587fdc21c93d70a0b56a0d8e851ea731b42
62f8074bc9c6e034262d13e77335b368a6eed39597ef54aa27a7e7c3b9045bf3
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867
700c098799326063cf1db239cc407144eb081457fb5c14fb32f0a985e140644f
722bcbde7d6a2ca8601bd00eab29f0454d3b68202e01fe357fedc6add63018ff
82658dfe4e3d316e865a1916df08d71aafd94c7847bfaf1cdd39fa02375703f6
8d8b7ba59cd78a827e1f911433321b93b7e66f2842b38f52d4bf0bbf2fc05e32
8fc066f7188e4a6cafe8324ef8c6931c6d86c1cfe23e31b0de73b4ccc55a4651
a076da450e8b40d81dc2889537ab485c30af52158c997ac0dd68bb2642305450
a875c2871048b210f63e23ef42a4443aa6ae8b85fc4c36ba39238f1763819d40
c7e809ab0a9e13727296b443a1841b6e06cc7e432bf60d3c4aac2309f135b244
cc92b1136a2979806256ba20edde56c160d98c61e85580584f60a6a27a65bcd9
fff6f3b1a1ef4663516ac12c262cd6b60d1bb98d9942aa359cab287d247b17dd

ersadepbalcami.netlify.app Open in urlscan Pro 2a05:d014:275:cb02::c8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

58 %IPv6

14 Domains

14 Subdomains

12 IPs

4 Countries

1561 kBTransfer

1588 kBSize

0 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

ersadepbalcami.netlify.app Open in urlscan Pro
2a05:d014:275:cb02::c8 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

58 %
IPv6

14
Domains

14
Subdomains

12
IPs

4
Countries

1561 kB
Transfer

1588 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions