twinklingcasino.com Open in urlscan Pro
2606:4700:3037::6818:69d5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://safebetscasino.com/
Effective URL:
http://twinklingcasino.com/
Submission: On March 23 via automatic, source certstream-suspicious (March 23rd 2020, 10:13:37 pm UTC)

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3037::6818:69d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is twinklingcasino.com.

This is the only time twinklingcasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::681b:9f35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6818:69d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	162.241.148.226 162.241.148.226	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
11	4

1 2606:4700:3037::681b:9f35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

safebetscasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6818:69d5 (United States)

ASN13335 (CLOUDFLARENET, US)

twinklingcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.241.148.226 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: md-ht-8.webhostbox.net

ydirection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ydirection.com ydirection.com	89 KB
4	gstatic.com fonts.gstatic.com	37 KB
1	googleapis.com fonts.googleapis.com	850 B
1	twinklingcasino.com twinklingcasino.com	2 KB
1	safebetscasino.com 1 redirects safebetscasino.com	305 B
11	5

	Domain	Requested by
5	ydirection.com	twinklingcasino.com
4	fonts.gstatic.com	twinklingcasino.com
1	fonts.googleapis.com	twinklingcasino.com
1	twinklingcasino.com
1	safebetscasino.com	1 redirects
11	5

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://twinklingcasino.com/
Frame ID: 0E65E1BFA8CBDD7D45A1ADC480BFC041
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://safebetscasino.com/ HTTP 301
http://twinklingcasino.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

11
Requests

45 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

128 kB
Transfer

353 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://safebetscasino.com/ HTTP 301
http://twinklingcasino.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
twinklingcasino.com/
Redirect Chain

https://safebetscasino.com/
http://twinklingcasino.com/

5 KB
2 KB

304ms
268ms

Document
text/html

2606:4700:3037::6818:69d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://twinklingcasino.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6818:69d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0018114018d78858d1cb71f403eafcf593fba71a58f359f1f0200f36912173b

Request headers

Host: twinklingcasino.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Mon, 23 Mar 2020 22:13:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da0e80b9d98680431b697944a1581641d1585001599; expires=Wed, 22-Apr-20 22:13:19 GMT; path=/; domain=.twinklingcasino.com; HttpOnly; SameSite=Lax
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 578b7fbeca94e00b-FRA
Content-Encoding: gzip

Redirect headers

status: 301
date: Mon, 23 Mar 2020 22:13:19 GMT
content-type: text/html
set-cookie: __cfduid=d355f42a4a5952a07759eed3ab77d7a1b1585001599; expires=Wed, 22-Apr-20 22:13:19 GMT; path=/; domain=.safebetscasino.com; HttpOnly; SameSite=Lax
location: http://twinklingcasino.com/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 578b7fbda95fc277-FRA

GET
H/1.1 200
OK bootstrap.min.css
ydirection.com/Domain/assets/css/ 118 KB
27 KB 386ms
235ms Stylesheet
text/css 162.241.148.226
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ydirection.com/Domain/assets/css/bootstrap.min.css
Requested by: Host: twinklingcasino.com
URL: http://twinklingcasino.com/
Protocol: HTTP/1.1
Server: 162.241.148.226 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: md-ht-8.webhostbox.net
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Referer: http://twinklingcasino.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 22:13:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Sep 2018 21:31:30 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
ETag: "12cc02eb-1d9ac-5759f32719467-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=75

GET
H2 200 css
fonts.googleapis.com/ 7 KB
850 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,300,500,700,600%7CMuli

Requested by

Host: twinklingcasino.com
URL: http://twinklingcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c178a62f48f81eb1319e391b64fd5947c93f52a5d05173a2eb7e1b0301155ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://twinklingcasino.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 23 Mar 2020 22:13:20 GMT
server: ESF
date: Mon, 23 Mar 2020 22:13:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Mar 2020 22:13:20 GMT

GET
H/1.1 200
OK animate.css
ydirection.com/Domain/assets/css/ 56 KB
6 KB 397ms
246ms Stylesheet
text/css 162.241.148.226
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ydirection.com/Domain/assets/css/animate.css
Requested by: Host: twinklingcasino.com
URL: http://twinklingcasino.com/
Protocol: HTTP/1.1
Server: 162.241.148.226 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: md-ht-8.webhostbox.net
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash: fa89f91bd83b48ee12dceb0f127808efa00006b891e548172a4ea0d447991b23

Request headers

Referer: http://twinklingcasino.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 22:13:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Sep 2018 21:31:29 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
ETag: "12cc02ec-def3-5759f3269bc97-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=75
Content-Length: 5985

GET
H/1.1 200
OK style.css
ydirection.com/Domain/assets/css/ 12 KB
4 KB 380ms
229ms Stylesheet
text/css 162.241.148.226
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ydirection.com/Domain/assets/css/style.css
Requested by: Host: twinklingcasino.com
URL: http://twinklingcasino.com/
Protocol: HTTP/1.1
Server: 162.241.148.226 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: md-ht-8.webhostbox.net
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash: 54616ebaf349d99796f8ac53c10bdb24f7dd5f0cf62e6493c672b5bc0513c833

Request headers

Referer: http://twinklingcasino.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 22:13:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Sep 2018 21:31:31 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
ETag: "12cc02ed-3150-5759f32855ae7-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=3, max=75
Content-Length: 3865

GET
H/1.1 200
OK jquery-2.1.1.js Show response
ydirection.com/Domain/assets/js/ 82 KB
37 KB 398ms
247ms Script
application/javascript 162.241.148.226
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ydirection.com/Domain/assets/js/jquery-2.1.1.js
Requested by: Host: twinklingcasino.com
URL: http://twinklingcasino.com/
Protocol: HTTP/1.1
Server: 162.241.148.226 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: md-ht-8.webhostbox.net
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Referer: http://twinklingcasino.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 22:13:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Sep 2018 21:31:46 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
ETag: "12cc02f5-14915-5759f336621df-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Transfer-Encoding: chunked
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=3, max=75

GET
H/1.1 200
OK bootstrap.min.js Show response
ydirection.com/Domain/assets/js/ 36 KB
14 KB 383ms
233ms Script
application/javascript 162.241.148.226
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ydirection.com/Domain/assets/js/bootstrap.min.js
Requested by: Host: twinklingcasino.com
URL: http://twinklingcasino.com/
Protocol: HTTP/1.1
Server: 162.241.148.226 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: md-ht-8.webhostbox.net
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer: http://twinklingcasino.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 22:13:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Sep 2018 21:31:42 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
ETag: "12cc02f3-9004-5759f3332503f-gzip"
Vary: Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=3, max=75
Content-Length: 14317

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: twinklingcasino.com
URL: http://twinklingcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:400,300,500,700,600%7CMuli
Origin: http://twinklingcasino.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 01:21:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 2407882
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7836
x-xss-protection: 0
expires: Wed, 24 Feb 2021 01:21:58 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: twinklingcasino.com
URL: http://twinklingcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:400,300,500,700,600%7CMuli
Origin: http://twinklingcasino.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 04:10:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 1533768
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7968
x-xss-protection: 0
expires: Sat, 06 Mar 2021 04:10:32 GMT

GET
H2 200 7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e6fwniDtzM.woff
fonts.gstatic.com/s/muli/v20/ 13 KB
13 KB 9ms
9ms Font
font/woff 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v20/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e6fwniDtzM.woff

Requested by

Host: twinklingcasino.com
URL: http://twinklingcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302f0fbc9d7907bf57c61dfb1a6cce18b65b7ef936e71d9177f278793e4b7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:400,300,500,700,600%7CMuli
Origin: http://twinklingcasino.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 08:11:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Feb 2020 22:49:05 GMT
server: sffe
age: 1519284
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13532
x-xss-protection: 0
expires: Sat, 06 Mar 2021 08:11:56 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Host: twinklingcasino.com
URL: http://twinklingcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Poppins:400,300,500,700,600%7CMuli
Origin: http://twinklingcasino.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:18:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:14 GMT
server: sffe
age: 1140877
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7960
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:18:43 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.twinklingcasino.com/	1970-01-19 08:59:53	Name: __cfduid Value: da0e80b9d98680431b697944a1581641d1585001599

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
safebetscasino.com
twinklingcasino.com
ydirection.com
162.241.148.226
2606:4700:3037::6818:69d5
2606:4700:3037::681b:9f35
2a00:1450:4001:814::2003
2a00:1450:4001:818::200a
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
302f0fbc9d7907bf57c61dfb1a6cce18b65b7ef936e71d9177f278793e4b7872
54616ebaf349d99796f8ac53c10bdb24f7dd5f0cf62e6493c672b5bc0513c833
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
c178a62f48f81eb1319e391b64fd5947c93f52a5d05173a2eb7e1b0301155ad9
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f0018114018d78858d1cb71f403eafcf593fba71a58f359f1f0200f36912173b
fa89f91bd83b48ee12dceb0f127808efa00006b891e548172a4ea0d447991b23
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

twinklingcasino.com Open in urlscan Pro 2606:4700:3037::6818:69d5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

45 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

128 kBTransfer

353 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

twinklingcasino.com Open in urlscan Pro
2606:4700:3037::6818:69d5 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

45 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

128 kB
Transfer

353 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions