Submitted URL: http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
Effective URL: https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Submission: On July 15 via manual from IN — Scanned from DE

Summary

This website contacted 10 IPs in 4 countries across 20 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3037::ac43:c069, located in United States and belongs to CLOUDFLARENET, US. The main domain is a.cupidconnect.top.
TLS certificate: Issued by GTS CA 1P5 on June 26th 2023. Valid for: 3 months.
This is the only time a.cupidconnect.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 155.254.244.28 19969 (JOESDATAC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 104.75.88.126 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.215.152.128 59729 (ITL-BG)
12 2606:4700:303... 13335 (CLOUDFLAR...)
2 5.188.203.92 49981 (WORLDSTREAM)
4 2a00:1450:400... 15169 (GOOGLE)
43 10
Apex Domain
Subdomains
Transfer
12 cupidconnect.top
cupidconnect.top — Cisco Umbrella Rank: 892281
a.cupidconnect.top
97 KB
4 gstatic.com
www.gstatic.com
36 KB
3 somee.com
3tc1-jogosdecassino.somee.com
157 KB
2 p-analytics.life
p-analytics.life — Cisco Umbrella Rank: 422911
634 B
2 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2484
626 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
5 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433
95 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
50 KB
0 googletagmanager.com Failed
www.googletagmanager.com Failed
0 winudf.com Failed
image.winudf.com Failed
0 slots.org.ua Failed
cdn.slots.org.ua Failed
0 casinonewsdaily.com Failed
www.casinonewsdaily.com Failed
0 slotsspot.com Failed
slotsspot.com Failed
0 allpokies.co.nz Failed
allpokies.co.nz Failed
0 ytimg.com Failed
i.ytimg.com Failed
0 cdnraw.com Failed
i.cdnraw.com Failed
0 sftcdn.net Failed
images.sftcdn.net Failed
0 myliveslot77.com Failed
www.myliveslot77.com Failed
0 ggpht.com Failed
lh4.ggpht.com Failed
0 androidshock.com Failed
www.androidshock.com Failed
43 20
Domain Requested by
6 a.cupidconnect.top cupidconnect.top
a.cupidconnect.top
6 cupidconnect.top 91.215.152.128
cupidconnect.top
4 www.gstatic.com cupidconnect.top
a.cupidconnect.top
3 3tc1-jogosdecassino.somee.com 3tc1-jogosdecassino.somee.com
2 p-analytics.life cupidconnect.top
a.cupidconnect.top
2 s7.addthis.com 1 redirects 3tc1-jogosdecassino.somee.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 ajax.googleapis.com 3tc1-jogosdecassino.somee.com
1 pagead2.googlesyndication.com 3tc1-jogosdecassino.somee.com
pagead2.googlesyndication.com
0 www.googletagmanager.com Failed 3tc1-jogosdecassino.somee.com
0 image.winudf.com Failed 3tc1-jogosdecassino.somee.com
0 cdn.slots.org.ua Failed 3tc1-jogosdecassino.somee.com
0 www.casinonewsdaily.com Failed 3tc1-jogosdecassino.somee.com
0 slotsspot.com Failed 3tc1-jogosdecassino.somee.com
0 allpokies.co.nz Failed 3tc1-jogosdecassino.somee.com
0 i.ytimg.com Failed 3tc1-jogosdecassino.somee.com
0 i.cdnraw.com Failed 3tc1-jogosdecassino.somee.com
0 images.sftcdn.net Failed 3tc1-jogosdecassino.somee.com
0 www.myliveslot77.com Failed 3tc1-jogosdecassino.somee.com
0 lh4.ggpht.com Failed 3tc1-jogosdecassino.somee.com
0 www.androidshock.com Failed 3tc1-jogosdecassino.somee.com
43 21

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
cupidconnect.top
GTS CA 1P5
2023-06-26 -
2023-09-24
3 months crt.sh
p-analytics.life
R3
2023-06-19 -
2023-09-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh

This page contains 2 frames:

Primary Page: https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Frame ID: 7799E52E4AEF75FC5C6B01C55294F343
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: AA1BCC48087546E90E9559BB12C8BAB7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Click Allow

Page URL History Show full URLs

  1. http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html Page URL
  2. https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq Page URL
  3. https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

49 %
HTTPS

56 %
IPv6

20
Domains

21
Subdomains

10
IPs

4
Countries

441 kB
Transfer

685 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html Page URL
  2. https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq Page URL
  3. https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
page-836-2024-03-21.html
3tc1-jogosdecassino.somee.com/jogos-gratis/
35 KB
35 KB
Document
General
Full URL
http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
Protocol
HTTP/1.1
Server
155.254.244.28 Dallas, United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66da441afcd14c0d27da388f50403b2bf5a2d84d3689dd4d25b2cfbe6561a123

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
36036
Content-Type
text/html
Date
Sat, 15 Jul 2023 11:06:25 GMT
ETag
"687ba855b5d91:0"
Last-Modified
Wed, 12 Jul 2023 21:12:09 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
bootstrap.min.css
3tc1-jogosdecassino.somee.com/css/
119 KB
120 KB
Stylesheet
General
Full URL
http://3tc1-jogosdecassino.somee.com/css/bootstrap.min.css
Requested by
Host: 3tc1-jogosdecassino.somee.com
URL: http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
Protocol
HTTP/1.1
Server
155.254.244.28 Dallas, United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 11:06:26 GMT
Last-Modified
Wed, 12 Jul 2023 21:11:23 GMT
Server
Microsoft-IIS/10.0
ETag
"68ba8e695b5d91:0"
X-Powered-By
ASP.NET
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
122184
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Requested by
Host: 3tc1-jogosdecassino.somee.com
URL: http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ac7878f2218e06b37829bb77b14d4a0247cb65715731835a85cf99a2d28f1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3tc1-jogosdecassino.somee.com/
Origin
http://3tc1-jogosdecassino.somee.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50473
x-xss-protection
0
server
cafe
etag
1599612138856082793
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 15 Jul 2023 11:06:26 GMT
qwertymin.js
3tc1-jogosdecassino.somee.com/css/
1 KB
2 KB
Script
General
Full URL
http://3tc1-jogosdecassino.somee.com/css/qwertymin.js
Requested by
Host: 3tc1-jogosdecassino.somee.com
URL: http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
Protocol
HTTP/1.1
Server
155.254.244.28 Dallas, United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 11:06:26 GMT
Last-Modified
Wed, 12 Jul 2023 21:11:23 GMT
Server
Microsoft-IIS/10.0
ETag
"4e475a695b5d91:0"
X-Powered-By
ASP.NET
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1365
Pyramid-Solitaire-Saga-1.jpg
www.androidshock.com/wp-content/uploads/2014/07/
0
0

SSX_2f67-n2o2Jz-ZrJe0R6F22V4lXcZzPUqsqDOxaRD14WlYsoZa6MzvghHk-ftwDk=h900
lh4.ggpht.com/
0
0

pyramid-of-ramesses-sa-5f03061f-5440-434e-8336-2f666712f537_800x800.jpeg
www.myliveslot77.com/img/cache/articles/
0
0

pyramid-screenshot.jpg
images.sftcdn.net/images/t_app-cover-l,f_auto/p/1020c5fa-9b27-11e6-b25e-00163ec9f5fa/1548757223/
0
0

p-slots-casino-games-by-huuuge-fbHEtOPYzZ-5.jpg
i.cdnraw.com/previews/downloads/d/f/b/
0
0

maxresdefault.jpg
i.ytimg.com/vi/K30QuLowXLA/
0
0

the-pyramid-of-ramesses-pokie.jpg
allpokies.co.nz/wp-content/uploads/s/playtech/
0
0

playtech-the-pyramid-of-ramesses-info5.jpg
slotsspot.com/wp-content/uploads/slotsimages/13/
0
0

pyramid-of-ramses-logo.jpg
www.casinonewsdaily.com/wp-content/uploads/2015/05/
0
0

The_Pyramid_of_Ramesses7.jpg
cdn.slots.org.ua/content/thumbs/600x450/screenshots/RU/The_Pyramid_of_Ramesses/
0
0

screen-9.jpg
image.winudf.com/v2/image1/Y29tLnphcmliYS5zbG90c19zY3JlZW5fOV8xNTUwMTc0MzEwXzA5OA/
0
0

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/
94 KB
95 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: 3tc1-jogosdecassino.somee.com
URL: http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://3tc1-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 04:19:35 GMT
x-content-type-options
nosniff
age
24411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96381
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 04:19:35 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
56 B
359 B
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: 3tc1-jogosdecassino.somee.com
URL: http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
Protocol
H2
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://3tc1-jogosdecassino.somee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 15 Jul 2023 11:06:26 GMT
server
Oracle API Gateway
opc-request-id
/36A1C9D5460A724B8305ABA62D40D6B0/20242F137A1BE11B7C7200B03341FB9A
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block

Redirect headers

Date
Sat, 15 Jul 2023 11:06:26 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
js
www.googletagmanager.com/gtag/
0
0

js
www.googletagmanager.com/gtag/
0
0

js
www.googletagmanager.com/gtag/
0
0

js
www.googletagmanager.com/gtag/
0
0

js
www.googletagmanager.com/gtag/
0
0

show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/
0
0

zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame AA1B
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6890287250975679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3tc1-jogosdecassino.somee.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jul 2023 12:09:00 GMT
etag
12368291122986407432
expires
Fri, 28 Jul 2023 12:09:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bronline
91.215.152.128/
193 B
992 B
Script
General
Full URL
http://91.215.152.128/bronline?default_keyword=Slots+gratis+sem+download+The+Pyramid+of+Ramesses
Requested by
Host: 3tc1-jogosdecassino.somee.com
URL: http://3tc1-jogosdecassino.somee.com/jogos-gratis/page-836-2024-03-21.html
Protocol
HTTP/1.1
Server
91.215.152.128 Sofia, Bulgaria, ASN59729 (ITL-BG, UA),
Reverse DNS
live7101.vds
Software
nginx / PHP/7.0.27
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

Referer
http://3tc1-jogosdecassino.somee.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 15 Jul 2023 11:06:26 GMT
Strict-Transport-Security
max-age=15768000
X-Content-Type-Options
nosniff
Last-Modified
Sat, 15 Jul 2023 11:06:26 GMT
Server
nginx
Content-Encoding
gzip
X-Powered-By
PHP/7.0.27
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
0
/
cupidconnect.top/robot/
5 KB
2 KB
Document
General
Full URL
https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Requested by
Host: 91.215.152.128
URL: http://91.215.152.128/bronline?default_keyword=Slots+gratis+sem+download+The+Pyramid+of+Ramesses
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b0ca80cbfa1201f2be9cd27faa7eedb34b8d9ade6d0c79a0bbcd24bb195c5a

Request headers

Referer
http://3tc1-jogosdecassino.somee.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e71893edd372c21-FRA
content-encoding
br
content-type
text/html
date
Sat, 15 Jul 2023 11:06:27 GMT
last-modified
Tue, 20 Apr 2021 19:53:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BtyleDZmJrBhD92CahY7BTkUo0uVIp8eS%2Bpt%2FpsaYuPc6o%2FOx1sp3rQi0HiqWudzb3QFtHo9%2BYrN%2BisjtRDjmgTsSsfoht6fFKcD1XBihYZaDEO8VAE273Wyo50sAmEJURkJG0IJGK9lcil8IJh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
cupidconnect.top/robot/js/
8 KB
4 KB
Script
General
Full URL
https://cupidconnect.top/robot/js/trls.js
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff3ae9344247b7ad8324dc77ad2c81ff13c300122502e64b5e41f4e29d94b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Dec 2020 19:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3288
etag
W/"5fdfa3f6-1e80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BNX4vZGRNgyyhWX%2BQX2VuY5LvQEJRSwZhOtIyMusV7yoe3bNbyow4YNN3YlOom%2Bfax5kBkUoJQy5rQNueHfTRPqTPLtjhdIPyjkxmQ0FFmpy6XvaSV4q8IYIdx5xDpozPRdsYAN5pCz4lOunXum"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e71893f2d842c21-FRA
alt-svc
h3=":443"; ma=86400
settings.js
cupidconnect.top/robot/js/
70 B
433 B
Script
General
Full URL
https://cupidconnect.top/robot/js/settings.js
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d78c03636a64988e7333405932b98d34b1bfb0016915aeb7c88981f3c3fb7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 25 Oct 2019 06:51:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3288
etag
W/"5db29b5a-46"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3HyzA504OuysyxsRuTLuRwL0p0kTKy%2FrPNiy8NVn2ZAEutEu%2ByCFRUR1iZr29AVqxtCJy50a7SVrKUXJnAVhQsvBw7VxmZ8G7yj900VPL6GHti%2B8qxQ7b%2FGZUtIDwtOcVYkUGdI6XDnRDnkCuAs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e71893f2d852c21-FRA
alt-svc
h3=":443"; ma=86400
ps-new.js
cupidconnect.top/js/
46 KB
21 KB
Script
General
Full URL
https://cupidconnect.top/js/ps-new.js
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f4b6da3f8e71a25c54b19119d5cc94439a31b40b16f80246e7938365fc71da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 20:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3428
etag
W/"645bfce9-b811"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVCN%2Bw7erwHG65qLpuAp53VVFXmQOk5hN4EzCx2QqietCsyiIjq1hU9Sn3s5mlTo1yOOjOnRpkKDVojQr6hDqQD6pAhPmhYNJCk5CSlFkrxaY%2Fnd7P2ftkSQATaRARIJXCDdmWBh1MM01d%2BMz5nT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e71893f2d872c21-FRA
alt-svc
h3=":443"; ma=86400
arrow.png
cupidconnect.top/robot/images/
2 KB
3 KB
Image
General
Full URL
https://cupidconnect.top/robot/images/arrow.png
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2aae62260f623b7b0463f96a4d2b5180ac43dc03ab16dcdf0d36741ab55ed5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
cf-cache-status
HIT
last-modified
Sun, 20 Dec 2020 19:20:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3288
etag
"5fdfa3e5-9cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXHHw3doC%2Bn6K5RASp%2BGc9L13zVagc%2FBE525KaCEm%2B%2Bk4%2F1t58O5HboOh6zEbmhbWJf6Q2LtNqR5LDwwIyyljJH%2Bm1Ar5GACuRSONoVZMjaYEwki8DEJIxGX7JZ4bBO6w7Hop1piP%2BFnoJ5GUvZD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e71893f5dbb2c21-FRA
alt-svc
h3=":443"; ma=86400
content-length
2509
robot-men.png
cupidconnect.top/robot/images/
18 KB
18 KB
Image
General
Full URL
https://cupidconnect.top/robot/images/robot-men.png
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23505d97b82c55e37f690518bd3385b85c63eb4da0dcabf6bfdf896051c3d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
cf-cache-status
HIT
last-modified
Sun, 20 Dec 2020 19:20:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3288
etag
"5fdfa3e5-46fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PX9DsB42Qf7tC3jYxJFrRwbVyjuozmjl2q42FbBGGhy9u4KEqp6MkuLlEgJL1p1xs9snxQ8EJEd5Lwbx0x9Awr%2Bid4YUVjBPflvDOSW%2BRSb7lsXF2UK%2B9er3ZvDxSUy3DvucH43tu78GqUJQRtyQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e71893f5dc92c21-FRA
alt-svc
h3=":443"; ma=86400
content-length
18170
pxl.png
p-analytics.life/
0
317 B
Image
General
Full URL
https://p-analytics.life/pxl.png
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.188.203.92 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
vm95-nl-dynamicjsconfig.texdom.org
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cupidconnect.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 11:06:27 GMT
Last-Modified
Mon, 18 May 2020 14:09:57 GMT
Server
nginx
ETag
"5ec29735-0"
Content-Type
image/png
Cache-Control
no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Sat, 15 Jul 2023 11:06:26 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.10.0/
22 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-app.js
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/js/ps-new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cupidconnect.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 09 Jul 2023 02:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7003
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 20:25:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jul 2024 02:43:43 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.10.0/
40 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-messaging.js
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/js/ps-new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69df19aa714c324e70896cd5cc834d9dcc1080b58b2e771e86df18ab10b20859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cupidconnect.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 20:33:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10881
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 20:25:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 Jul 2024 20:33:01 GMT
truncated
/
378 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
377 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
Primary Request /
a.cupidconnect.top/robot/
5 KB
2 KB
Document
General
Full URL
https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Requested by
Host: cupidconnect.top
URL: https://cupidconnect.top/js/ps-new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b0ca80cbfa1201f2be9cd27faa7eedb34b8d9ade6d0c79a0bbcd24bb195c5a

Request headers

Referer
https://cupidconnect.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e7189409f4e2c21-FRA
content-encoding
br
content-type
text/html
date
Sat, 15 Jul 2023 11:06:27 GMT
last-modified
Tue, 20 Apr 2021 19:53:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cjsx177tcNvNbkLF%2FRVo2MNbjb5BOM%2BjLSXpVQXbIVC9KNDM730vppDENaNpQyuMZkA9svpQpBhd%2FAFeWfhvUclDDUkMimCLDjh6DXVN95Ppq1ANJkm0i6uzuSsK5BvykeqJ01RzOkrel%2BXGY5SfEKU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
a.cupidconnect.top/robot/js/
8 KB
4 KB
Script
General
Full URL
https://a.cupidconnect.top/robot/js/trls.js
Requested by
Host: a.cupidconnect.top
URL: https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff3ae9344247b7ad8324dc77ad2c81ff13c300122502e64b5e41f4e29d94b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Dec 2020 19:20:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
387
etag
W/"5fdfa3f6-1e80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN8lFRtcXP9vOgWpHqEYz6Up%2Bg08e7rVlYpTltcnvE9v8YsctgzyHLySQZp3c9sDvNPgI2s6L8LB%2F%2Bjhp1%2B%2FTcYdMUboFs3O8bqSygHKLmg8pWAGhT5ZS%2FfwAAKYgyqbtM9AWaxDgiVggsMcWhE3FZg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e718940d8c935f3-FRA
alt-svc
h3=":443"; ma=86400
settings.js
a.cupidconnect.top/robot/js/
70 B
525 B
Script
General
Full URL
https://a.cupidconnect.top/robot/js/settings.js
Requested by
Host: a.cupidconnect.top
URL: https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d78c03636a64988e7333405932b98d34b1bfb0016915aeb7c88981f3c3fb7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 25 Oct 2019 06:51:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
387
etag
W/"5db29b5a-46"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KEfyDmtKl3dAsgVDztIgkf0Vs2nlDVY16VpWUkHBUlz7oKXuojOVjVdRtDVFfycJpvshLHs2IudGK0PRxxBjXndm1wzzoVkKL9O031G%2Fpa4y1oL%2FeFWhCYm0YDcFcYRYDYLWPvCXGg2aasWDVuohLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e718940d8ca35f3-FRA
alt-svc
h3=":443"; ma=86400
ps-new.js
a.cupidconnect.top/js/
46 KB
21 KB
Script
General
Full URL
https://a.cupidconnect.top/js/ps-new.js
Requested by
Host: a.cupidconnect.top
URL: https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f4b6da3f8e71a25c54b19119d5cc94439a31b40b16f80246e7938365fc71da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 20:22:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4144
etag
W/"645bfce9-b811"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKiSruC8m5xgUPJr%2FXT%2B%2Fd9jpxyCdvGE2ol9cGsk6mT2P3e6ECL30LQCa7Svzih63JssK1dwmLX7lSGOf7oU%2FyyTLTA22pJwYCw5T2uDWeTqyt2cKBiUptJPU%2BlqFlkvqzWVZ3B64CakfEDBA8QDB4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7e718940d8cc35f3-FRA
alt-svc
h3=":443"; ma=86400
arrow.png
a.cupidconnect.top/robot/images/
2 KB
3 KB
Image
General
Full URL
https://a.cupidconnect.top/robot/images/arrow.png
Requested by
Host: a.cupidconnect.top
URL: https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2aae62260f623b7b0463f96a4d2b5180ac43dc03ab16dcdf0d36741ab55ed5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
cf-cache-status
HIT
last-modified
Sun, 20 Dec 2020 19:20:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
387
etag
"5fdfa3e5-9cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvKNOSGfqqTZ1LmZdXInhyezyJTea5oOcFzZfUJLfk6PgDRlZWN6soKGvVOuVKd7yvxIEu%2BYpJ65tHs%2FyPsOaJMdtYC0nIwj9FtqAzxPskQ3ZOPRv9kzYl5DbSzpLicRm3Sy2RlBZRtnIOi0ePvRdqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e718941293235f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
2509
robot-men.png
a.cupidconnect.top/robot/images/
18 KB
18 KB
Image
General
Full URL
https://a.cupidconnect.top/robot/images/robot-men.png
Requested by
Host: a.cupidconnect.top
URL: https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c069 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23505d97b82c55e37f690518bd3385b85c63eb4da0dcabf6bfdf896051c3d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 11:06:27 GMT
cf-cache-status
HIT
last-modified
Sun, 20 Dec 2020 19:20:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
387
etag
"5fdfa3e5-46fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vlROooTnTTTVIlet1GY4alotjeLyu86GHojBbmJ98O8JpCWV1lRBFU0HM3EST28DVDIF0KuTPGX%2Bl5KdphWruCikGs%2Fhc81cusPx76TfMFX19Loy3bUlB7fdLW1QZ7g1BhhFjkyLUhcXlzvMPUy8tw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7e718941293535f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
18170
pxl.png
p-analytics.life/
0
317 B
Image
General
Full URL
https://p-analytics.life/pxl.png
Requested by
Host: a.cupidconnect.top
URL: https://a.cupidconnect.top/robot/?u=d4ewkwf&o=vm2pdzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.188.203.92 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
vm95-nl-dynamicjsconfig.texdom.org
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.cupidconnect.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sat, 15 Jul 2023 11:06:27 GMT
Last-Modified
Mon, 18 May 2020 14:09:57 GMT
Server
nginx
ETag
"5ec29735-0"
Content-Type
image/png
Cache-Control
no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Sat, 15 Jul 2023 11:06:26 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.10.0/
22 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-app.js
Requested by
Host: a.cupidconnect.top
URL: https://a.cupidconnect.top/js/ps-new.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.cupidconnect.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 09 Jul 2023 02:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7003
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 20:25:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jul 2024 02:43:43 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.10.0/
40 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-messaging.js
Requested by
Host: a.cupidconnect.top
URL: https://a.cupidconnect.top/js/ps-new.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69df19aa714c324e70896cd5cc834d9dcc1080b58b2e771e86df18ab10b20859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.cupidconnect.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 20:33:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10881
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 20:25:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 Jul 2024 20:33:01 GMT
truncated
/
378 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
377 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.androidshock.com
URL
http://www.androidshock.com/wp-content/uploads/2014/07/Pyramid-Solitaire-Saga-1.jpg
Domain
lh4.ggpht.com
URL
https://lh4.ggpht.com/SSX_2f67-n2o2Jz-ZrJe0R6F22V4lXcZzPUqsqDOxaRD14WlYsoZa6MzvghHk-ftwDk=h900
Domain
www.myliveslot77.com
URL
https://www.myliveslot77.com/img/cache/articles/pyramid-of-ramesses-sa-5f03061f-5440-434e-8336-2f666712f537_800x800.jpeg
Domain
images.sftcdn.net
URL
https://images.sftcdn.net/images/t_app-cover-l,f_auto/p/1020c5fa-9b27-11e6-b25e-00163ec9f5fa/1548757223/pyramid-screenshot.jpg
Domain
i.cdnraw.com
URL
https://i.cdnraw.com/previews/downloads/d/f/b/p-slots-casino-games-by-huuuge-fbHEtOPYzZ-5.jpg
Domain
i.ytimg.com
URL
https://i.ytimg.com/vi/K30QuLowXLA/maxresdefault.jpg
Domain
allpokies.co.nz
URL
https://allpokies.co.nz/wp-content/uploads/s/playtech/the-pyramid-of-ramesses-pokie.jpg
Domain
slotsspot.com
URL
https://slotsspot.com/wp-content/uploads/slotsimages/13/playtech-the-pyramid-of-ramesses-info5.jpg
Domain
www.casinonewsdaily.com
URL
http://www.casinonewsdaily.com/wp-content/uploads/2015/05/pyramid-of-ramses-logo.jpg
Domain
cdn.slots.org.ua
URL
https://cdn.slots.org.ua/content/thumbs/600x450/screenshots/RU/The_Pyramid_of_Ramesses/The_Pyramid_of_Ramesses7.jpg
Domain
image.winudf.com
URL
https://image.winudf.com/v2/image1/Y29tLnphcmliYS5zbG90c19zY3JlZW5fOV8xNTUwMTc0MzEwXzA5OA/screen-9.jpg?fakeurl=1&type=.jpg
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-WKKLPLJP3V
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-B29892VMGP
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-96521599-1
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-199856617-1
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-162690612-1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6890287250975679&plah=3tc1-jogosdecassino.somee.com

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| translation object| rtlLangs string| browserLang string| siteLang number| extTpl function| detect_language function| replace_text function| translation_available function| translate function| getParameterByName object| MESSAGES function| docReady object| settings function| _0x289a6e function| MD5 function| M function| X function| V function| Y function| md5cmn function| _0xdc0f function| _0x4c3e function| md5ff function| md5gg function| md5hh function| md5ii function| safeadd function| bitrol object| today string| date string| sw function| initPush object| firebase number| verOffset number| t

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slots+gratis+sem+download+The+Pyramid+of+Ramesses, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://91.215.152.128/bronline?default_keyword=Slots+gratis+sem+download+The+Pyramid+of+Ramesses, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3tc1-jogosdecassino.somee.com
a.cupidconnect.top
ajax.googleapis.com
allpokies.co.nz
cdn.slots.org.ua
cupidconnect.top
googleads.g.doubleclick.net
i.cdnraw.com
i.ytimg.com
image.winudf.com
images.sftcdn.net
lh4.ggpht.com
p-analytics.life
pagead2.googlesyndication.com
s7.addthis.com
slotsspot.com
www.androidshock.com
www.casinonewsdaily.com
www.googletagmanager.com
www.gstatic.com
www.myliveslot77.com
allpokies.co.nz
cdn.slots.org.ua
i.cdnraw.com
i.ytimg.com
image.winudf.com
images.sftcdn.net
lh4.ggpht.com
pagead2.googlesyndication.com
slotsspot.com
www.androidshock.com
www.casinonewsdaily.com
www.googletagmanager.com
www.myliveslot77.com
104.75.88.126
155.254.244.28
2606:4700:3037::ac43:c069
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200a
5.188.203.92
91.215.152.128
0ae5586d9890485b7d9cddaad714e8df68cb7abfd679402458149db9f38fdc42
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
3ac7878f2218e06b37829bb77b14d4a0247cb65715731835a85cf99a2d28f1dd
60f4b6da3f8e71a25c54b19119d5cc94439a31b40b16f80246e7938365fc71da
66da441afcd14c0d27da388f50403b2bf5a2d84d3689dd4d25b2cfbe6561a123
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
69df19aa714c324e70896cd5cc834d9dcc1080b58b2e771e86df18ab10b20859
77d6cef356868f46018abf1911b049186a3e4ca73b0f0cadf48033694324948c
7ff3ae9344247b7ad8324dc77ad2c81ff13c300122502e64b5e41f4e29d94b3c
a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc
b0b0ca80cbfa1201f2be9cd27faa7eedb34b8d9ade6d0c79a0bbcd24bb195c5a
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b4d78c03636a64988e7333405932b98d34b1bfb0016915aeb7c88981f3c3fb7b
e23505d97b82c55e37f690518bd3385b85c63eb4da0dcabf6bfdf896051c3d4c
e2aae62260f623b7b0463f96a4d2b5180ac43dc03ab16dcdf0d36741ab55ed5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e