Report - www.ontrklnk.com/visit/?bta=47096&nci=5661&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&qlt=true&utm

Report Overview

Visited public
2024-09-01 15:44:46
Tags
URL
www.ontrklnk.com/visit/?bta=47096&nci=5661&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&qlt=true&utm_campaign=sms
Finishing URL
ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk|afp10:sms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true
IP / ASN
35.234.86.61
#396982 GOOGLE-CLOUD-PLATFORM
Title
Ninecasino - Play Slots Online for Free or Real Money

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-08-31 18:12:11	981 B	2.7 kB	23.33.119.57
aramuz.net	unknown	2020-09-08	2020-09-08 14:45:15	2024-08-24 14:29:50	6.3 kB	46 kB	104.22.35.217
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-09-01 11:06:04	1.1 kB	68 kB	216.58.207.227
auth.betonliga.com	unknown	2022-11-24	2023-01-15 22:58:19	2024-08-30 09:12:25	507 B	882 B	104.26.0.19
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-31 18:12:11	2.0 kB	5.3 kB	23.33.119.27
ninecasino.com	unknown	2016-09-15	2019-08-15 18:03:04	2024-08-24 14:29:48	37 kB	6.4 MB	172.67.39.215
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2024-09-01 16:31:34	492 B	40 kB	104.16.79.73
sentry.marfa-tech.net	unknown	2021-06-03	2021-10-05 15:27:18	2024-08-30 09:15:13	1.8 kB	1.2 kB	176.9.53.66
cdn.igrand.pro	unknown	2024-01-15	2024-02-26 21:19:12	2024-04-14 07:32:25	912 B	9.5 kB	104.26.9.58
www.ontrklnk.com	unknown	2023-09-13	2023-10-04 15:42:30	2024-08-24 14:29:46	568 B	702 B	35.234.86.61
bi-metrics.aramuz.net	unknown	2020-09-08	2023-08-10 09:34:57	2024-08-30 09:16:57	2.9 kB	2.7 kB	142.132.243.105
cdn.aramuz.net	unknown	2020-09-08	2021-10-13 17:55:38	2024-08-30 09:17:25	6.0 kB	478 kB	104.22.35.217
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-09-01 11:06:06	474 B	12 kB	142.250.74.170
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-08-31 18:27:47	650 B	1.4 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-01	medium	ontrklnk.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (44)

	URL	From	Size	First Seen	Last Seen
	ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms	ScriptElement	104 B	2023-03-14	2025-06-12
Pretty URL ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 01:02 Last Seen2025-06-12 22:51 Times Seen372 Hash 21ac9cc7bc6350f0ef91cf15f5fcd0c4 a59118fe5f9e1b1b9b6b74f9f21936c0a65b950f f0cf1f9b2124dfea1706498e57be0f0a665203035d3a4a58955a550ece6ee2c4 Loading...

	ninecasino.com/assets/main.a5eddf3b65efaaab758d.js	ScriptElement	2.2 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.a5eddf3b65efaaab758d.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash 4efa515894f8d469c99792e8e7faa256 a3eb67baa14f07187d144da548df480d1b1e9ce3 609b37c7352c83effb1933f84e45837afe19711ce155a4d383a7baee5022bbc2 Loading...

	ninecasino.com/assets/main.02d0a2625838efc0b6e7.js	ScriptElement	1.4 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.02d0a2625838efc0b6e7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 19:59 Last Seen2024-09-20 20:13 Times Seen24 Hash eebcebf8d2707c2b5f2a476047959eb0 94400a7a56eccb155055da13046717b1d38e7540 0f0a5532179aa2e7ac1fa388d47eced72850cabcddd15354c3780dbef5e30c91 Loading...

	ninecasino.com/assets/main.c00c1953b33850002460.js	ScriptElement	592 B	2024-06-12	2024-10-27
Pretty URL ninecasino.com/assets/main.c00c1953b33850002460.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:55 Last Seen2024-10-27 17:44 Times Seen77 Hash 7786d22719e865ddbe03d83d61d3f7c3 2a62c906bc855ce93e0f4a1f781ab256f7ff364a ac4534d729d5c6313279e6a8064c0ea79b8e6e91da032990b177f0db58ffaa3e Loading...

	ninecasino.com/assets/main.a5157e267787bd7666a5.js	ScriptElement	7.2 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.a5157e267787bd7666a5.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash 950dd2e96fb2da4bc3bd7dcf28ab774d f1ff7b0a66ba4d45837b170208d4624691aa2757 ca8cce675d23328e6103ea7af43bcbf0d7c5da1092862b40f535543b104912d7 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-06-13
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-06-13 03:18 Times Seen59291 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	ninecasino.com/assets/main.a548ac689c47f91ac216.js	ScriptElement	1.7 kB	2024-07-26	2024-09-20
Pretty URL ninecasino.com/assets/main.a548ac689c47f91ac216.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 19:01 Last Seen2024-09-20 20:13 Times Seen46 Hash 215183669940e7fc4d6b60acee7a3ee0 f0f1f33b078c45f578d6c6c7b48a95be6bd7183f 4e8469120d5487272790285c390ee283ca8e25cca8f7a49e968e342fe68ceece Loading...

	ninecasino.com/assets/register/build/remoteEntry.js?0.3008257636042949	ScriptElement	8.5 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/register/build/remoteEntry.js?0.3008257636042949 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 08:29 Last Seen2024-09-20 20:13 Times Seen12 Hash 9cdc1067cf1da4b27deec7eb5840cf40 95353f021c23fbea67916e11781dda2ddc1d623b bd11f422293c684f544f26485c5dcc84685f1703982deae82a4e9e7a8fe1416f Loading...

	ninecasino.com/assets/main.13b0a47d57ed334cbb10.js	ScriptElement	82 kB	2024-06-12	2024-09-20
Pretty URL ninecasino.com/assets/main.13b0a47d57ed334cbb10.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:55 Last Seen2024-09-20 20:13 Times Seen66 Hash c9b55801db89e8a6974a5971b6120c46 7bf14b1b7cdf8ba8502fbc75bf9bcfb1a6457af8 0b35b84e5dde158a67c86d1a4065fd9b2540935a385647af30a4cc8c64f5969d Loading...

	ninecasino.com/assets/main.a7b155e889b93dcc916d.js	ScriptElement	21 kB	2024-06-12	2024-09-20
Pretty URL ninecasino.com/assets/main.a7b155e889b93dcc916d.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:56 Last Seen2024-09-20 20:13 Times Seen66 Hash 2641bd4d7fba7f5d8f985c83eaad0c28 d65a843cfdcb741d21fc42361dc1354c3cb81135 370b2da2fb76b9c603ae799fef6f34f0a51990687c73d303a0ec8f2b27647726 Loading...

	ninecasino.com/assets/main.5b3ee8898426f346e98d.js	ScriptElement	1.6 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/main.5b3ee8898426f346e98d.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 13:00 Last Seen2024-09-20 20:13 Times Seen11 Hash 7610720c75ba8dc94eff8610aa7c2c86 706293741f264cd7a03eb17be21f77c1228b3bd5 dbb9893bfe2c99dc6b33296e6421fbd56acf7428bc096fda20088af3503c8ca6 Loading...

	ninecasino.com/assets/main.ad44267e775aabb797a9.js	ScriptElement	3.3 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.ad44267e775aabb797a9.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash b065dfb08af38113be5cb678a3069e4f d354f0a4190ea7f6eafb398c690dc6e94ba25c45 b38efb39a62c5c773f5bca011f0eaa1ea01f94f519fd5e999f45008bcf430a05 Loading...

	ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms	ScriptElement	30 kB	2024-09-20	2024-09-20
Pretty URL ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-20 20:02 Last Seen2024-09-20 20:02 Times Seen1 Hash 27d055096f12ae418e6cf695ca820b7b cbc748760a63b9c1dd746f004957ebc9e232284f 1c9ce28b4d2cc22d27cc208b16438046e0641a9fe738d7bc40d5b76538bfc59d Loading...

	ninecasino.com/assets/main.264dee95242ff64d9d2d.js	ScriptElement	52 kB	2024-08-28	2024-09-20
Pretty URL ninecasino.com/assets/main.264dee95242ff64d9d2d.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 15:50 Last Seen2024-09-20 20:13 Times Seen14 Hash 7bd2331563f33b9a71c9f290789895a6 ab8834f41245150cf06652e298f9fd5e157df092 21ab2c5d2edadab70a7fef97d28f9519061c8807e322b69e8338460f6485a13a Loading...

	ninecasino.com/assets/cms_bo/build/remoteEntry.js?0.6631205749570761	ScriptElement	3.3 kB	2024-05-30	2025-03-24
Pretty URL ninecasino.com/assets/cms_bo/build/remoteEntry.js?0.6631205749570761 IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-30 17:50 Last Seen2025-03-24 03:04 Times Seen35 Hash ff12b2cdfbc86f69226aabaccb617688 3f7035fc3afe72ee2433404b8b4c15954ef8c792 eb4df4d68c9ab19c3d549b7eff666b13a003ca27e17297fe3073da16c79fcba4 Loading...

	ninecasino.com/assets/register/build/fc1f2071bc03ec22c5d0.js	ScriptElement	50 kB	2024-08-13	2024-09-20
Pretty URL ninecasino.com/assets/register/build/fc1f2071bc03ec22c5d0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 23:03 Last Seen2024-09-20 20:13 Times Seen33 Hash 7f824212573f99acba14fa79514c7714 d7c22748e21e85152ef7f78d345639aae2e118f0 ecb1320791de856635cb2cd6bc0329e0c6a89358e919eca8a3bb7f60371b9152 Loading...

	ninecasino.com/modernizr.client.js	ScriptElement	3.1 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/modernizr.client.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 19:59 Last Seen2024-09-20 20:13 Times Seen23 Hash 1678465ae15de0becdbb6561ff5f7d51 3b74f38ceb5581dbc96c43e9a337edfd1fe30062 2da6803cc279755f9e3ff96bd7f52cb0095d434f3d30f86e01e11eddf017a642 Loading...

	ninecasino.com/assets/main.36fa2b823166dab2f3e9.js	ScriptElement	41 kB	2024-08-28	2024-09-20
Pretty URL ninecasino.com/assets/main.36fa2b823166dab2f3e9.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 15:50 Last Seen2024-09-20 20:13 Times Seen19 Hash 7517df58233cb3f05222f138f77e1337 dcbb1781bd71294b060563b7e3a984d67c530953 75169395772c21560ae938b6f0f7fb03d31f1e733714dc76553f55e85c24e865 Loading...

	ninecasino.com/assets/main.fa82552e3763c284c997.js	ScriptElement	1.9 kB	2024-07-12	2025-06-12
Pretty URL ninecasino.com/assets/main.fa82552e3763c284c997.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-12 08:59 Last Seen2025-06-12 22:51 Times Seen285 Hash 7a34b69319c63a8fdbcddd16321f26f3 d3d8b9f54e636fbac1f1bdf9a0ddd07d5bc00729 0a042a7627dbe9721cec7c8aa5be7f0cecaa7931706de9de346ebcaa3eea8654 Loading...

	unknown	Function	139 B	2023-06-06	2025-06-12
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-06-06 19:23 Last Seen2025-06-12 21:03 Times Seen303 Hash 7c3d627c2d14830554a6090ed20bec82 f404689da32e3ea6d9895b2fcbd601c5a03a9192 d561bf451dbdbe63a479e8bce3c10a247fbac8adc45c9fea9c07b53a1f179599 Loading...

	ninecasino.com/assets/main.16cca10c38599f1e32d9.js	ScriptElement	68 kB	2024-01-20	2025-02-06
Pretty URL ninecasino.com/assets/main.16cca10c38599f1e32d9.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 23:23 Last Seen2025-02-06 21:16 Times Seen177 Hash 79fb124efb73d4d6cd64d0ccdbcbe064 b93398dd13de4c326eb5f578bd6c89c36c07ddc1 1b3215429883dbf3a129b64a2d614403206b3325d46ce336a09797748ae56139 Loading...

	ninecasino.com/assets/main.34f47f504463d3f350fa.js	ScriptElement	86 kB	2024-06-12	2024-09-20
Pretty URL ninecasino.com/assets/main.34f47f504463d3f350fa.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:56 Last Seen2024-09-20 20:13 Times Seen66 Hash a33e02cf21b8910baa36ba46ba3afbf8 6b898db0d305d7e3f2dc9b5bfb5a92945eb0dfee 496e28e950094d55b7227b3b33b73ca766ad5233f3dbbdc9fba2d409226b8c87 Loading...

	ninecasino.com/assets/main.b8c501117d3e484cbe43.js	ScriptElement	1.1 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.b8c501117d3e484cbe43.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash 0348ea269a471c55858cbcbec765939e 85e9c6078d919caf47c4fe7dbf033127095bb40d f5bcfdfe8f36f451e0b0624a14414fdd88448e0fb7d754859ae32a05e78392f2 Loading...

	ninecasino.com/assets/main.afc9229a99f8eb10fbba.js	ScriptElement	7.1 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.afc9229a99f8eb10fbba.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash 3528b613d4ba4e7d24f56c5063451727 1541b28405bc424fbaf92f46175a8e61c3ecad19 f125f218f1e29432aee8eb29eddc3fdff4ff8c5e6480c412775f0558b6fedddd Loading...

	ninecasino.com/assets/main.631ba3a707709718195b.js	ScriptElement	912 B	2024-08-10	2025-02-06
Pretty URL ninecasino.com/assets/main.631ba3a707709718195b.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-10 14:11 Last Seen2025-02-06 21:16 Times Seen91 Hash 5f2f0a8c8d901c158b35b56fad692112 ddc43ee8f90a72058c2e063cc2c636e7b44256d2 e7ff792a8856d81f691fad61e5762f061daaee091441ff85cf0a4e07aee54069 Loading...

	ninecasino.com/assets/main.318277b394886d6c3b44.js	ScriptElement	982 B	2024-06-22	2024-09-20
Pretty URL ninecasino.com/assets/main.318277b394886d6c3b44.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-22 13:36 Last Seen2024-09-20 20:13 Times Seen67 Hash 82e91d1296ccbd4ef6ec570bdfc81b74 284d93fa62a3bbb59a2d53608b6a6826cfc5ec5b 8f25f7509b4e580d0b32e3ca74f9099ac4d7d0af4d0213418b05a6354512be4f Loading...

	ninecasino.com/assets/main.5d4fb4ed3bcd9187e0cf.js	ScriptElement	1.6 kB	2024-08-19	2024-09-20
Pretty URL ninecasino.com/assets/main.5d4fb4ed3bcd9187e0cf.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:58 Last Seen2024-09-20 20:13 Times Seen21 Hash 546d43e42f6ea8b7b37aec280eae6a7e 0ddaa2ae8d042b307e3d18903574ac99bb1f9cd9 3bf5e5cef23b25baba963797b24dbf4167d383ecfc5cb4a20363707af491cdd9 Loading...

	unknown	Function	250 B	2023-12-03	2024-09-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-03 06:20 Last Seen2024-09-20 20:02 Times Seen54 Hash c86d6dfa424df071e8e6a6e4a09c70a1 99a97ca35499c6c8c4e726fde19c932b5c5c99b8 6040361c3ba910e41edbab121a742869ad557676d413290ea58eb9e60dea1c8c Loading...

	ninecasino.com/assets/register/build/958e8340f858e7b75874.js	ScriptElement	875 B	2024-08-17	2024-09-20
Pretty URL ninecasino.com/assets/register/build/958e8340f858e7b75874.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-17 19:52 Last Seen2024-09-20 20:13 Times Seen29 Hash e08cef48ae1dbd116aae14400b2d077a 7f84c01110b0eaac53e66a4015f2ead70647898f e7171e7c0a2dc767d95a55f7fba2b5d26b7b263928054aaecd0fbac234593049 Loading...

	ninecasino.com/assets/cms_bo/assets/chunks/113.chunk.js	ScriptElement	5.2 MB	2024-05-30	2024-09-20
Pretty URL ninecasino.com/assets/cms_bo/assets/chunks/113.chunk.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-30 17:50 Last Seen2024-09-20 20:13 Times Seen21 Hash 46c4449df344fead6197bd73839b21b4 bbe8b9b472050cd2abf1822294b370e896f6c674 90d7fc1d09aaefc48ff99210d85e74ccf500c06c3a5cf6f3b907f4f1c74d990b Loading...

	ninecasino.com/assets/register/build/f90690b3fff846d6749c.js	ScriptElement	38 kB	2024-08-21	2024-09-20
Pretty URL ninecasino.com/assets/register/build/f90690b3fff846d6749c.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 22:00 Last Seen2024-09-20 20:13 Times Seen26 Hash f352eb864833f7e05e273ed79ffc5672 d21b135e713222672af329c229eb323d5ebda5ba 7b069db31d385393a605ae15cfaf2c0e4c64c0936ec3eb6f7da950fd458abde7 Loading...

	ninecasino.com/assets/main.e11312d9921965c8dc1b.js	ScriptElement	36 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/main.e11312d9921965c8dc1b.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 13:00 Last Seen2024-09-20 20:13 Times Seen11 Hash e0169e0a5aa3473c11dcc8f04aa22ea8 b04b034391584611125032d3e1e126ae6c692772 8a9e3d2e212fc19040262b961fd82c69159a92b2e8012dec3ca5f536762ae1c7 Loading...

	ninecasino.com/assets/main.85202ea707482059d629.js	ScriptElement	54 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/main.85202ea707482059d629.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 13:00 Last Seen2024-09-20 20:13 Times Seen11 Hash 059563db679f065356498d2b4a1e8fa4 82baae7aedc42ad12e6669cc2e596e52bb7830fe 87f74d9faeccf4089df64c2b260d6a8fd2b4fe03b1cd80b3a726d441fd84fd0a Loading...

	ninecasino.com/assets/main.1584e87908484b5d1c11.js	ScriptElement	44 kB	2024-08-19	2024-09-20
Pretty URL ninecasino.com/assets/main.1584e87908484b5d1c11.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:58 Last Seen2024-09-20 20:13 Times Seen27 Hash 13b29e25e514e3ddbc474ad4d984590c 66238d13831d8f3958c11dfdbb1f4a773b49d575 c1a90fa03284b57f42a66f4d8715fa5ceef1b4485d539b4068603a6c4e6e89eb Loading...

	ninecasino.com/assets/main.979d7e4cd6639d976a81.js	ScriptElement	3.4 kB	2024-08-10	2024-09-20
Pretty URL ninecasino.com/assets/main.979d7e4cd6639d976a81.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-10 14:11 Last Seen2024-09-20 20:13 Times Seen38 Hash 6c402027e59b9f2f9ca129264a5cc8c8 25d02e518c5566e9eed1c8de3433d5ca65dc0af0 f0f081eced17ce1f6257c0bedc720a78e003b12fc7f94efa402783d54ebd2301 Loading...

	ninecasino.com/assets/main.c8fce02bff3e38f97822.js	ScriptElement	2.7 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.c8fce02bff3e38f97822.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 19:59 Last Seen2024-09-20 20:13 Times Seen15 Hash dc7b8daa47f06a3b5bc530c9c3642842 d530f33719ea2f5bb55b8c2e74a9856539fd254f 605248716cbbd435c0e32a1b6c95b599158f59383a2073a786a1bbb8f4c5e275 Loading...

	unknown	Function	218 B	2023-09-10	2025-06-12
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-09-10 00:20 Last Seen2025-06-12 21:03 Times Seen286 Hash 989614ac54a4ed061f9992e4c0741146 9510c6181ca8aee9c69fdfde9143ab84f5d72b29 65be92c50b7781079560997aaab3d61693f95402c1667c0811ddfb0b619013cf Loading...

	unknown	Function	146 B	2023-06-24	2025-06-12
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-06-24 05:02 Last Seen2025-06-12 21:03 Times Seen318 Hash eaf74464ec2717e88e0d3521dd86d63a c7b11a1c30899a64387f4b196c2fb35a2f9fee6b bbd85b7a3316765f9836aaee4114d52abbf9c4d099c415c60c1a2e105a8c596a Loading...

	ninecasino.com/assets/register/build/1eaacaec941bf850384d.js	ScriptElement	21 kB	2024-08-17	2024-09-20
Pretty URL ninecasino.com/assets/register/build/1eaacaec941bf850384d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-17 19:52 Last Seen2024-09-20 20:13 Times Seen29 Hash c43f1f84668dd0d00475caa3b64e2af8 d6d323a7370792e773adf399dc1cf0d0f6b5d5e8 b9768391ff04628c72f0a22ccaf857d69b85eae1fba55fbe0c5c9cb3c537d006 Loading...

	ninecasino.com/assets/register/build/155eec208cd2a5e2ff9e.js	ScriptElement	20 kB	2024-07-16	2024-09-20
Pretty URL ninecasino.com/assets/register/build/155eec208cd2a5e2ff9e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-16 08:07 Last Seen2024-09-20 20:13 Times Seen57 Hash 676c3dd7083559f2b2e8e519efa2e367 06b32f0c44f44d970e7d52a1a7db4d192e1dd3e5 23be098f99a2f0f7b1e948b408d86c6a4458284b86c93181f32ad35a81b204cb Loading...

	ninecasino.com/assets/main.77d3821ebfe065b0b436.js	ScriptElement	37 kB	2024-06-12	2024-09-20
Pretty URL ninecasino.com/assets/main.77d3821ebfe065b0b436.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:56 Last Seen2024-09-20 20:13 Times Seen66 Hash 2251b669db938d2a8d8ad228ad7eaf3a cfa047c5ee847476608af333e0e384cbdf757492 a8a7c77b3a9e7559ccfdbf295f6429234c3c25d6227126dbe1adf071a4ade24c Loading...

	ninecasino.com/assets/main.a6aae19d83225072d497.js	ScriptElement	5.8 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/main.a6aae19d83225072d497.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 13:00 Last Seen2024-09-20 20:13 Times Seen11 Hash 27e39173cba50283b4d006a35bbb8077 3b759b3aea589f252b751ea245b4a3eb13b23cf2 9459c17a446012500948acec8c15863953a336d48f5959cfc86ff7411e0cc227 Loading...

	unknown	Function	159 B	2023-09-10	2025-06-12
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-09-10 00:20 Last Seen2025-06-12 21:03 Times Seen285 Hash 8021f3fb46f26f9d08ea2f4170303feb 44b2e9e96037fa5cbc8e47f0151129fdca9011e5 3571b52e25bcaa5e695c0a31b542bed6e5c2414b045ae16a9eab45ef1a57a061 Loading...

	ninecasino.com/assets/register/build/87d5d2918cfa93cb9ecb.js	ScriptElement	51 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/register/build/87d5d2918cfa93cb9ecb.js IP 172.67.39.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 08:29 Last Seen2024-09-20 20:13 Times Seen12 Hash 31f0c5a6028aac95cc54a05404003a17 147ef3654c53450d99c5ef3439479306860c0de9 f4f0b85da857665e7f0f50b5ba97ad3ebda60fcde287b3db4e8dd545bc901a81 Loading...

HTTP Transactions (91)

URL IP Response Size

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9af7a8cd532ef5aaf31ca93238520c04
f072b79c778c47733bbd3377e03f716ecdfc14ea
36e32e96e96ff13975dfb765119ad431a8a3bedc9cdd8f16bbe7460664ee177c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "36E32E96E96FF13975DFB765119AD431A8A3BEDC9CDD8F16BBE7460664EE177C"
Last-Modified: Sat, 31 Aug 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11559
Expires: Sun, 01 Sep 2024 18:56:53 GMT
Date: Sun, 01 Sep 2024 15:44:14 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
404e3e4520c09fcce1358b1a21f6b171
040aa03460f3d7ec6f75cae0bf5a462a4bb9798d
f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A"
Last-Modified: Sat, 31 Aug 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9462
Expires: Sun, 01 Sep 2024 18:21:56 GMT
Date: Sun, 01 Sep 2024 15:44:14 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a69a40edecaf5262aa4492b7259eb1dd
8241174bc1b8840baf20b3ce2950114dbb539871
a89a6e1e8de96ae61eb24e9a672d112a1b8f8f28f583a5335bc744a6b43fc7ac

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A89A6E1E8DE96AE61EB24E9A672D112A1B8F8F28F583A5335BC744A6B43FC7AC"
Last-Modified: Sat, 31 Aug 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15208
Expires: Sun, 01 Sep 2024 19:57:43 GMT
Date: Sun, 01 Sep 2024 15:44:15 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9d2c063731a46a7e1548540195080de0
dd1924ebf7697509a10f3f07604f28f96b4fc498
0d414ed4850119c53fae9ddd19ee1dd95783fd08f7389c3e8ec95215023e298e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0D414ED4850119C53FAE9DDD19EE1DD95783FD08F7389C3E8EC95215023E298E"
Last-Modified: Sat, 31 Aug 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7361
Expires: Sun, 01 Sep 2024 17:46:56 GMT
Date: Sun, 01 Sep 2024 15:44:15 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cd37924483feac1aaf87d9d4690d3012
39af530103b62e55a6ecd351f3331c149588d165
e586b571db73e49ee15b7a46cba8fda10272fe6e0cce8cdca867670569545151

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E586B571DB73E49EE15B7A46CBA8FDA10272FE6E0CCE8CDCA867670569545151"
Last-Modified: Sat, 31 Aug 2024 16:36:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12911
Expires: Sun, 01 Sep 2024 19:19:26 GMT
Date: Sun, 01 Sep 2024 15:44:15 GMT
Connection: keep-alive

www.ontrklnk.com/visit/?bta=47096&nci=5661&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&qlt=true&utm_campaign=sms

35.234.86.61

3 B

URL
www.ontrklnk.com/visit/?bta=47096&nci=5661&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&qlt=true&utm_campaign=sms
IP
35.234.86.61:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
43e819cfbef2c8fc69c227513504087b
3ea645da8b9c23cfcf4e75e45b2ea79c5ec89c4a
82985617ce795510ad965737efe6b5a76411b26a6d7453ff4ba680e856377bc8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /visit/?bta=47096&nci=5661&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&qlt=true&utm_campaign=sms HTTP/1.1
Host: www.ontrklnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: rhino-core-shield
Date: Sun, 01 Sep 2024 15:44:15 GMT
Content-Type: application/octet-stream
Content-Length: 3
Connection: keep-alive
Set-cookie: ninecasino-v=1738133; Max-Age=2678400; Path=/; Expires=Wed, 02 Oct 2024 15:44:15 GMT; HttpOnly
expires: 0
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
surrogate-control: no-store
location: https://gocasinonine.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk|afp10:sms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
referer: 
X-Cache-Status: MISS
access-control-allow-origin: *, *

ninecasino.com/dot.png

172.67.39.215

200 OK

34 B

URL GET HTTP/2
ninecasino.com/dot.png
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
RIFF (little-endian) data, Web/P image
Size
34 B (34 bytes)
Hash
a65c84bc93182dcacb41776f2bd764f5
268bf9ab04e18012afee8b16c23f548fd958a158
b0ff5420a87b7117d944273dafe43684066c6cae95533df2fbada29cf1523a9f

HTTP Headers

GET /dot.png HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: image/webp
content-length: 34
cache-control: public, max-age=300
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=103
content-disposition: inline; filename="dot.webp"
etag: W/"67-191a1fb2e43"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc661792de0569f-OSL
X-Firefox-Spdy: h2

ninecasino.com/assets/main.e11312d9921965c8dc1b.js

172.67.39.215

18 kB

URL
ninecasino.com/assets/main.e11312d9921965c8dc1b.js
IP
172.67.39.215:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (35716), with no line terminators
Size
18 kB (18386 bytes)
Hash
e0169e0a5aa3473c11dcc8f04aa22ea8
b04b034391584611125032d3e1e126ae6c692772
8a9e3d2e212fc19040262b961fd82c69159a92b2e8012dec3ca5f536762ae1c7

HTTP Headers

GET /assets/main.e11312d9921965c8dc1b.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"8b84-191a1fb2d2f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 4851
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661792de5569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
769939c6037566445fc83e83332cdb61
028f3bd0b70917fe7aae3afd003d74fff6e61829
cf8f4d32427796c8c9decb0e7136e8672fcd988e96b2e54de2c5345a7e28ffb5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Sep 2024 15:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd0cba0be026b652bbffe7b1677f7a50
14e043560f93c989426b59a5ce88ba1758ef3d1f
ec79b16ec123b0034a02b557ad26892d404fcd5c573f516ead9bcc3f585702b9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Sep 2024 15:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

40 kB

URL
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
40 kB (39970 bytes)
Hash
732ed1978304b0d665c0d5f54286fe8c
f01b673a43a11610cb0a049468be003ec3dd147b
f3eb2e32e775aefe4c668bc63ff6ebf45cd783cbb7efba2642642b5b91b3ff6e

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661796b0fb4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ninecasino.com/assets/style.77652cdf.css

172.67.39.215

200 OK

29 kB

URL GET HTTP/2
ninecasino.com/assets/style.77652cdf.css
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (58447), with no line terminators
Size
29 kB (28793 bytes)
Hash
c834ca80881d7e7873a0a63d88bb6c0c
3e7b4dae1018e20bc7a45761359b4760923f8abb
b388586291b148902f6d023dc1465fe053937e2d4e552e8aeb20dec98d5cac61

HTTP Headers

GET /assets/style.77652cdf.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=58456
etag: W/"e458-191a1fb2d3f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 27409
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661791dc1569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.16cca10c38599f1e32d9.js

172.67.39.215

23 kB

URL
ninecasino.com/assets/main.16cca10c38599f1e32d9.js
IP
172.67.39.215:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (23336 bytes)
Hash
79fb124efb73d4d6cd64d0ccdbcbe064
b93398dd13de4c326eb5f578bd6c89c36c07ddc1
1b3215429883dbf3a129b64a2d614403206b3325d46ce336a09797748ae56139

HTTP Headers

GET /assets/main.16cca10c38599f1e32d9.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"107bf-191a1fb2d13"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10921
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617ad95b569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/favicons/apple-touch-icon.png

172.67.39.215

2.0 kB

URL
ninecasino.com/favicons/apple-touch-icon.png
IP
172.67.39.215:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.0 kB (2000 bytes)
Hash
fd9deac346dac407f7c5e8551e587688
30d3bcb70cae03bb2352d2b9e4939cc5125bf781
0968e140dcdafcd8d3e8bb6182c94cc8b6a64b6ee3f86e1974a9677b925c30f7

HTTP Headers

GET /favicons/apple-touch-icon.png HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: image/webp
content-length: 2000
cache-control: public, max-age=300
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2169
content-disposition: inline; filename="apple-touch-icon.webp"
etag: W/"879-191a1fb2e43"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6617b9aeb569f-OSL
X-Firefox-Spdy: h2

ninecasino.com/assets/main.5b3ee8898426f346e98d.js

172.67.39.215

200 OK

1.4 kB

URL GET HTTP/2
ninecasino.com/assets/main.5b3ee8898426f346e98d.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1617), with no line terminators
Size
1.4 kB (1354 bytes)
Hash
7610720c75ba8dc94eff8610aa7c2c86
706293741f264cd7a03eb17be21f77c1228b3bd5
dbb9893bfe2c99dc6b33296e6421fbd56acf7428bc096fda20088af3503c8ca6

HTTP Headers

GET /assets/main.5b3ee8898426f346e98d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"651-191a1fb2d1b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 3821
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617c2c4d569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0

176.9.53.66

200 OK

2 B

URL POST HTTP/1.1
sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0
IP
176.9.53.66:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectsentry.marfa-tech.net
FingerprintB3:7B:12:1F:CA:B6:F4:E1:D9:99:68:84:D2:1C:CA:6A:1E:6B:C0:94
ValiditySun, 25 Aug 2024 06:18:00 GMT - Sat, 23 Nov 2024 06:17:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0 HTTP/1.1
Host: sentry.marfa-tech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 458
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Sun, 01 Sep 2024 15:44:17 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
vary: origin, access-control-request-method, access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin

ninecasino.com/modernizr.client.js

172.67.39.215

200 OK

19 kB

URL GET HTTP/2
ninecasino.com/modernizr.client.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (3113), with no line terminators
Size
19 kB (18970 bytes)
Hash
1678465ae15de0becdbb6561ff5f7d51
3b74f38ceb5581dbc96c43e9a337edfd1fe30062
2da6803cc279755f9e3ff96bd7f52cb0095d434f3d30f86e01e11eddf017a642

HTTP Headers

GET /modernizr.client.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=300
cf-bgj: minify
cf-polished: origSize=3116
etag: W/"c2c-191a1fb2e47"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661792dd8569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/cdn-cgi/rum?

172.67.39.215

0 B

URL
ninecasino.com/cdn-cgi/rum?
IP
172.67.39.215:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1252
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 01 Sep 2024 15:44:17 GMT
access-control-allow-origin: https://ninecasino.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8bc6617d4e2c569f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ninecasino.com/assets/main.a6aae19d83225072d497.js

172.67.39.215

200 OK

4.4 kB

URL GET HTTP/2
ninecasino.com/assets/main.a6aae19d83225072d497.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (5785), with no line terminators
Size
4.4 kB (4382 bytes)
Hash
27e39173cba50283b4d006a35bbb8077
3b759b3aea589f252b751ea245b4a3eb13b23cf2
9459c17a446012500948acec8c15863953a336d48f5959cfc86ff7411e0cc227

HTTP Headers

GET /assets/main.a6aae19d83225072d497.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"1699-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 29481
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617c4c78569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.08279b29.css

172.67.39.215

34 kB

URL
ninecasino.com/assets/style.08279b29.css
IP
172.67.39.215:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with no line terminators
Size
34 kB (34475 bytes)
Hash
9488d90f31908d1bed0a493de2d298a7
565b16c3cb7bac2e7db726e34d6716920676e9c7
7605203d34ffb108ea85970080e3e04ada4f9dedfc39936468f8f76dded42b97

HTTP Headers

GET /assets/style.08279b29.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"e0-191a1fb2d33"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 9483
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661792dcf569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cd17cb634dff900a1abd17dd730b0151
1c8c3d220db108bce3fa89adf307e60dedb6d1f8
258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779"
Last-Modified: Sat, 31 Aug 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18711
Expires: Sun, 01 Sep 2024 20:56:08 GMT
Date: Sun, 01 Sep 2024 15:44:17 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0168428bb5ce98881397607e957a8900
b6f2f9c69872023a1b0a13c010baf1bc5a22606c
5c52fde3215825de11768c3fc2bf32090a2e1f80bb3cf7b7373d13ceaf8f1e8b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C52FDE3215825DE11768C3FC2BF32090A2E1F80BB3CF7B7373D13CEAF8F1E8B"
Last-Modified: Sat, 31 Aug 2024 03:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11131
Expires: Sun, 01 Sep 2024 18:49:48 GMT
Date: Sun, 01 Sep 2024 15:44:17 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL
r10.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0168428bb5ce98881397607e957a8900
b6f2f9c69872023a1b0a13c010baf1bc5a22606c
5c52fde3215825de11768c3fc2bf32090a2e1f80bb3cf7b7373d13ceaf8f1e8b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C52FDE3215825DE11768C3FC2BF32090A2E1F80BB3CF7B7373D13CEAF8F1E8B"
Last-Modified: Sat, 31 Aug 2024 03:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11131
Expires: Sun, 01 Sep 2024 18:49:48 GMT
Date: Sun, 01 Sep 2024 15:44:17 GMT
Connection: keep-alive

aramuz.net/frontapi/ninecasino/feedback?locale=en

104.22.35.217

200 OK

0 B

URL OPTIONS HTTP/2
aramuz.net/frontapi/ninecasino/feedback?locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/feedback?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAX2jLVXvJ9DD; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:17 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6617dab73abe7-CPH
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.33.119.57

504 B

URL
r11.o.lencr.org/
IP
23.33.119.57:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cd17cb634dff900a1abd17dd730b0151
1c8c3d220db108bce3fa89adf307e60dedb6d1f8
258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779"
Last-Modified: Sat, 31 Aug 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18711
Expires: Sun, 01 Sep 2024 20:56:08 GMT
Date: Sun, 01 Sep 2024 15:44:17 GMT
Connection: keep-alive

aramuz.net/frontapi/ninecasino/currencyList?locale=en

104.22.35.217

200 OK

0 B

URL GET HTTP/2
aramuz.net/frontapi/ninecasino/currencyList?locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/currencyList?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAX2jLVXvJ9DD; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:17 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6617dab7fabe7-CPH
X-Firefox-Spdy: h2

ninecasino.com/api/setCookie

172.67.39.215

200 OK

0 B

URL POST HTTP/2
ninecasino.com/api/setCookie
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/setCookie HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 27
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-length: 0
x-powered-by: Express
set-cookie: isPwa=false; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 21:33:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6617dbecf569f-OSL
X-Firefox-Spdy: h2

ninecasino.com/assets/main.fa82552e3763c284c997.js

172.67.39.215

200 OK

938 B

URL GET HTTP/2
ninecasino.com/assets/main.fa82552e3763c284c997.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1889), with no line terminators
Size
938 B (938 bytes)
Hash
7a34b69319c63a8fdbcddd16321f26f3
d3d8b9f54e636fbac1f1bdf9a0ddd07d5bc00729
0a042a7627dbe9721cec7c8aa5be7f0cecaa7931706de9de346ebcaa3eea8654

HTTP Headers

GET /assets/main.fa82552e3763c284c997.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"761-191a1fb2d33"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10921
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617d8e88569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/cms/page?url=welcome-offer&locale=en

104.22.35.217

200 OK

0 B

URL GET HTTP/2
aramuz.net/frontapi/ninecasino/cms/page?url=welcome-offer&locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/cms/page?url=welcome-offer&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAX2jLVXvJ9DD; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:17 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6617dcbb5abe7-CPH
X-Firefox-Spdy: h2

172.67.39.215

200 OK

85 kB

URL User Request GET HTTP/2
ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
HTML document, ASCII text, with very long lines (30188)
Size
85 kB (84620 bytes)
Hash
3d96ff48e0acd7deb039a520a56078f0
7495e740097ed8db903729452a3a4c8ddbad3478
64523ee0bf65e1c07e4b838899217856b5d773be143c03e8b37abcf514937df3

HTTP Headers

GET /landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-store
set-cookie: lastActivityTime=1725205456204; Path=/
i18n_redirected=en; Path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc66174dcb1569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino

142.132.243.105

204 No Content

0 B

URL OPTIONS HTTP/2
bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino
IP
142.132.243.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectbi-metrics.aramuz.net
Fingerprint80:DC:10:E7:9F:B2:EA:24:EC:6F:1D:A7:2D:3D:E9:99:2E:D4:B1:DB
ValidityFri, 26 Jul 2024 10:46:45 GMT - Thu, 24 Oct 2024 10:46:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /topics/aramuz_fe_ninecasino HTTP/1.1
Host: bi-metrics.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 01 Sep 2024 15:44:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://ninecasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino

142.132.243.105

204 No Content

48 B

URL OPTIONS HTTP/2
bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino
IP
142.132.243.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectbi-metrics.aramuz.net
Fingerprint80:DC:10:E7:9F:B2:EA:24:EC:6F:1D:A7:2D:3D:E9:99:2E:D4:B1:DB
ValidityFri, 26 Jul 2024 10:46:45 GMT - Thu, 24 Oct 2024 10:46:44 GMT

File type
JSON text data
Size
48 B (48 bytes)
Hash
54d7568553dd95a2c98743ead84fb061
53a0d199e43a8fa9ee63a9f67e682ddf03d2aa56
86e5aea2524af5f9e75fe885e5a972b9e2680ef12057001d35e641e0c9e05ad9

HTTP Headers

POST /topics/aramuz_fe_ninecasino HTTP/1.1
Host: bi-metrics.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: application/vnd.kafka.json.v2+json
Authorization: Basic dWk6d0t2NzJCcThpWDBIbkhXbWphcGdQbEhx
Content-Length: 756
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/vnd.kafka.v2+json
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://ninecasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/cms/page?url=welcome-offer&locale=en

104.22.35.217

200 OK

34 kB

URL GET HTTP/2
aramuz.net/frontapi/ninecasino/cms/page?url=welcome-offer&locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
gzip compressed data, from Unix
Size
34 kB (34193 bytes)
Hash
e288ce71d12d25c247a159841493662f
41022bffacccd2813194e704ea82f02c18b0205e
5098ed990829394c81be75a305751a2b61b88d12714238dc47f094f605f1180e

HTTP Headers

GET /frontapi/ninecasino/cms/page?url=welcome-offer&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Visitor-Uuid: a4b22ee8-8de1-43b4-a39f-fad4fd78191f
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAX2jLVXvJ9DD; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:17 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6617e8c9aabe7-CPH
X-Firefox-Spdy: h2

bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino

142.132.243.105

204 No Content

0 B

URL OPTIONS HTTP/2
bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino
IP
142.132.243.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectbi-metrics.aramuz.net
Fingerprint80:DC:10:E7:9F:B2:EA:24:EC:6F:1D:A7:2D:3D:E9:99:2E:D4:B1:DB
ValidityFri, 26 Jul 2024 10:46:45 GMT - Thu, 24 Oct 2024 10:46:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /topics/aramuz_fe_ninecasino HTTP/1.1
Host: bi-metrics.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 01 Sep 2024 15:44:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://ninecasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

ninecasino.com/api/setCookie

172.67.39.215

200 OK

0 B

URL POST HTTP/2
ninecasino.com/api/setCookie
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/setCookie HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 39
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-length: 0
x-powered-by: Express
set-cookie: UGID=698949009036474147; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 21:33:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6617fcabd569f-OSL
X-Firefox-Spdy: h2

sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0

176.9.53.66

200 OK

2 B

URL POST HTTP/1.1
sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0
IP
176.9.53.66:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectsentry.marfa-tech.net
FingerprintB3:7B:12:1F:CA:B6:F4:E1:D9:99:68:84:D2:1C:CA:6A:1E:6B:C0:94
ValiditySun, 25 Aug 2024 06:18:00 GMT - Sat, 23 Nov 2024 06:17:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0 HTTP/1.1
Host: sentry.marfa-tech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 463
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Sun, 01 Sep 2024 15:44:17 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
vary: origin, access-control-request-method, access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin

sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0

176.9.53.66

200 OK

2 B

URL POST HTTP/1.1
sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0
IP
176.9.53.66:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectsentry.marfa-tech.net
FingerprintB3:7B:12:1F:CA:B6:F4:E1:D9:99:68:84:D2:1C:CA:6A:1E:6B:C0:94
ValiditySun, 25 Aug 2024 06:18:00 GMT - Sat, 23 Nov 2024 06:17:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0 HTTP/1.1
Host: sentry.marfa-tech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 458
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Sun, 01 Sep 2024 15:44:17 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
vary: origin, access-control-request-method, access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin

ninecasino.com/assets/main.c8fce02bff3e38f97822.js

172.67.39.215

5.4 kB

URL
ninecasino.com/assets/main.c8fce02bff3e38f97822.js
IP
172.67.39.215:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (2665), with no line terminators
Size
5.4 kB (5378 bytes)
Hash
dc7b8daa47f06a3b5bc530c9c3642842
d530f33719ea2f5bb55b8c2e74a9856539fd254f
605248716cbbd435c0e32a1b6c95b599158f59383a2073a786a1bbb8f4c5e275

HTTP Headers

GET /assets/main.c8fce02bff3e38f97822.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"a69-191a1fb2d2b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10921
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617e681f569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.13b0a47d57ed334cbb10.js

172.67.39.215

200 OK

29 kB

URL GET HTTP/2
ninecasino.com/assets/main.13b0a47d57ed334cbb10.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65484), with no line terminators
Size
29 kB (28753 bytes)
Hash
c9b55801db89e8a6974a5971b6120c46
7bf14b1b7cdf8ba8502fbc75bf9bcfb1a6457af8
0b35b84e5dde158a67c86d1a4065fd9b2540935a385647af30a4cc8c64f5969d

HTTP Headers

GET /assets/main.13b0a47d57ed334cbb10.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=82214
etag: W/"14126-191a1fb2d0f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10921
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617ab912569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en

104.22.35.217

200 OK

0 B

URL POST HTTP/2
aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/analyticsEvent?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:18 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAX2jLVXvJ9DD; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:17 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc661804f09abe7-CPH
X-Firefox-Spdy: h2

bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino

142.132.243.105

204 No Content

48 B

URL OPTIONS HTTP/2
bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino
IP
142.132.243.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectbi-metrics.aramuz.net
Fingerprint80:DC:10:E7:9F:B2:EA:24:EC:6F:1D:A7:2D:3D:E9:99:2E:D4:B1:DB
ValidityFri, 26 Jul 2024 10:46:45 GMT - Thu, 24 Oct 2024 10:46:44 GMT

File type
JSON text data
Size
48 B (48 bytes)
Hash
63a22c9ad1c603d2c1a332f8b1f7dab9
5753ba3ea42e29e4ac42dfce4499bc3c4016c939
2e41fc3c5d41a9c8dd316bbb11642a54024964d9c8123018167dba357c17f214

HTTP Headers

POST /topics/aramuz_fe_ninecasino HTTP/1.1
Host: bi-metrics.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: application/vnd.kafka.json.v2+json
Authorization: Basic dWk6d0t2NzJCcThpWDBIbkhXbWphcGdQbEhx
Content-Length: 405
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/vnd.kafka.v2+json
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://ninecasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
X-Firefox-Spdy: h2

bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino

142.132.243.105

204 No Content

48 B

URL OPTIONS HTTP/2
bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino
IP
142.132.243.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectbi-metrics.aramuz.net
Fingerprint80:DC:10:E7:9F:B2:EA:24:EC:6F:1D:A7:2D:3D:E9:99:2E:D4:B1:DB
ValidityFri, 26 Jul 2024 10:46:45 GMT - Thu, 24 Oct 2024 10:46:44 GMT

File type
JSON text data
Size
48 B (48 bytes)
Hash
99768435ec1dbf171f7c7a1232979b04
5c8fa9bb0b38af4ab8a5d6a13c0c3e874ce147ac
040c0e0d9fa0f37292b050e32774419e3e9628fb0fb0a1122ca27e4f4bcbec45

HTTP Headers

POST /topics/aramuz_fe_ninecasino HTTP/1.1
Host: bi-metrics.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: application/vnd.kafka.json.v2+json
Authorization: Basic dWk6d0t2NzJCcThpWDBIbkhXbWphcGdQbEhx
Content-Length: 776
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:18 GMT
content-type: application/vnd.kafka.v2+json
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://ninecasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
X-Firefox-Spdy: h2

ninecasino.com/assets/cms_bo/assets/chunks/113.chunk.js

172.67.39.215

5.2 MB

URL
ninecasino.com/assets/cms_bo/assets/chunks/113.chunk.js
IP
172.67.39.215:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (65469)
Size
5.2 MB (5227284 bytes)
Hash
46c4449df344fead6197bd73839b21b4
bbe8b9b472050cd2abf1822294b370e896f6c674
90d7fc1d09aaefc48ff99210d85e74ccf500c06c3a5cf6f3b907f4f1c74d990b

HTTP Headers

GET /assets/cms_bo/assets/chunks/113.chunk.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk|afp10:sms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-length: 5227284
x-powered-by: Express
cache-control: public, max-age=31536000
last-modified: Mon, 27 May 2024 12:17:38 GMT
cf-cache-status: HIT
age: 4512870
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661802b6c569f-OSL
X-Firefox-Spdy: h2

ninecasino.com/api/setCookie

172.67.39.215

200 OK

0 B

URL POST HTTP/2
ninecasino.com/api/setCookie
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/setCookie HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 26
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk|afp10:sms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en; isPwa=false; UGID=698949009036474147
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:18 GMT
content-length: 0
x-powered-by: Express
set-cookie: width=1280; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 21:33:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6618348c2569f-OSL
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en

104.22.35.217

200 OK

0 B

URL POST HTTP/2
aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/analyticsEvent?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:18 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAXCS1WLjnkUj; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:18 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc661835b0dabe7-CPH
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/geoInfo?cxd=47096_1738133_%7Cafp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10:sms&mobile=0&affiliate=1&locale=en

104.22.35.217

200 OK

0 B

URL OPTIONS HTTP/2
aramuz.net/frontapi/ninecasino/geoInfo?cxd=47096_1738133_%7Cafp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10:sms&mobile=0&affiliate=1&locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/geoInfo?cxd=47096_1738133_%7Cafp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10:sms&mobile=0&affiliate=1&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid,x-user-origin
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:18 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAXCS1WLjnkUj; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:18 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc661835b0cabe7-CPH
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/3
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 18:28:18 GMT
expires: Sat, 30 Aug 2025 18:28:18 GMT
cache-control: public, max-age=31536000
age: 162961
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.aramuz.net/images/file/uploads/847807566006253247.png

104.22.35.217

200 OK

78 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/847807566006253247.png
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 580 x 800, 8-bit colormap, non-interlaced
Size
78 kB (78285 bytes)
Hash
365275576ed6c9ada5f34d65ba3f424a
35b33d536ab020a6ebd29fe214995ffdc42e14a4
662e64477eff0906f89863abf6b71a5d82e03c0acaacc752281b88b32a2aac8f

HTTP Headers

GET /images/file/uploads/847807566006253247.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/png
content-length: 78285
cf-bgj: imgq:85,h2pri
cf-polished: origSize=82447, status=vary_header_present
etag: "882ae37922ed3a2eaabe76f5dfb0051a"
last-modified: Fri, 06 Oct 2023 14:05:43 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 a4d1081d5075bd9587a6e3981d5f5592.cloudfront.net (CloudFront)
x-amz-cf-id: ghAY7Z0BVvMVR0TkMLCBAApOYfsA8J1YaSER9VRAY07RRyCIQ3Aycw==
x-amz-cf-pop: CPH50-C2
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 1230
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6618878dd8f60-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/file/uploads/400437744436645551.png

104.22.35.217

2.8 kB

URL
cdn.aramuz.net/images/file/uploads/400437744436645551.png
IP
104.22.35.217:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 403 x 80, 8-bit colormap, non-interlaced
Size
2.8 kB (2832 bytes)
Hash
c74fb041d62761c2a793825ce1f20fdb
4c57f0b8fdfc585bcfbc08436b8b248269aa0330
9529a9cc0c10f700a08089f54694aee1ba4a9009b604634f23ce11f799b0be5f

HTTP Headers

GET /images/file/uploads/400437744436645551.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/png
content-length: 2832
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2982, status=vary_header_present
etag: "facf2ca5f6fe5349eb2fa755cbfd927f"
last-modified: Fri, 06 Oct 2023 13:48:10 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 2c37157ce416bf23a28e186191d1fd2a.cloudfront.net (CloudFront)
x-amz-cf-id: U53KD3ctlbBJs0dAVzxNk8uRg7szuE76pqyPrmaCo7MbWax_tPLEUA==
x-amz-cf-pop: CPH50-C2
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 1230
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6618878da8f60-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/file/uploads/122057468840600363.png

104.22.35.217

2.8 kB

URL
cdn.aramuz.net/images/file/uploads/122057468840600363.png
IP
104.22.35.217:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 403 x 80, 8-bit colormap, non-interlaced
Size
2.8 kB (2832 bytes)
Hash
c74fb041d62761c2a793825ce1f20fdb
4c57f0b8fdfc585bcfbc08436b8b248269aa0330
9529a9cc0c10f700a08089f54694aee1ba4a9009b604634f23ce11f799b0be5f

HTTP Headers

GET /images/file/uploads/122057468840600363.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/png
content-length: 2832
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2982, status=vary_header_present
etag: "facf2ca5f6fe5349eb2fa755cbfd927f"
last-modified: Fri, 06 Oct 2023 13:46:03 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 d6095b4d9fa82f5d25465246e397ad4e.cloudfront.net (CloudFront)
x-amz-cf-id: OhUA3vDNscQuWI6ny75Xz5oDvti4_ljvH1nGD2OtQ-uWUCphFOJN0g==
x-amz-cf-pop: HEL51-P1
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 1230
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6618878df8f60-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/file/uploads/236540010414549037.png

104.22.35.217

200 OK

32 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/236540010414549037.png
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 500 x 200, 8-bit/color RGBA, non-interlaced
Size
32 kB (31965 bytes)
Hash
4ac7ab994f738297011207fc326b19eb
8431b900d559c6187890969eb914a3195c20cb1c
6e1d7a51e100e54e7b90df8381c3a12e0893667fdea2aeba8a53be2cb3cd8153

HTTP Headers

GET /images/file/uploads/236540010414549037.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/png
content-length: 31965
cf-bgj: imgq:85,h2pri
cf-polished: origSize=36212, status=vary_header_present
etag: "f7791973c9aee9cbb7f6c98293a405b1"
last-modified: Tue, 17 Oct 2023 13:43:36 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-id: lgZkhGT-VvLoY-k-KuNDbweGoTgTNN7dnQsI5ddMLEtI0mx-JptK-g==
x-amz-cf-pop: CPH50-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 1230
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6618878d98f60-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/file/uploads/280067566000393932.png

104.22.35.217

200 OK

82 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/280067566000393932.png
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 580 x 800, 8-bit colormap, non-interlaced
Size
82 kB (82214 bytes)
Hash
a67a9f35310ccebb5b28944608873b9b
8fd86da9bb2acc6be843d3659780356d628a5aae
bf87fc68c84ec59ac2909f7228d623e79d80e574c3abe66c6aa569a551ce12c3

HTTP Headers

GET /images/file/uploads/280067566000393932.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/png
content-length: 82214
cf-bgj: imgq:85,h2pri
cf-polished: origSize=86781, status=vary_header_present
etag: "4addb71e0d879a593b951c1ead64c80f"
last-modified: Fri, 06 Oct 2023 13:47:55 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 52185ea0de4fc3b9a693955c5e065bbe.cloudfront.net (CloudFront)
x-amz-cf-id: kOFl7R-PBG3nqeQvH6vOafMlUMV4ARfleOx4D_hb5sW_wvLi6ixKWQ==
x-amz-cf-pop: CPH50-C2
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 1230
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6618878de8f60-CPH
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/3
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Aug 2024 18:28:18 GMT
expires: Sat, 30 Aug 2025 18:28:18 GMT
cache-control: public, max-age=31536000
age: 162961
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ninecasino.com/assets/main.979d7e4cd6639d976a81.js

172.67.39.215

474 kB

URL
ninecasino.com/assets/main.979d7e4cd6639d976a81.js
IP
172.67.39.215:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (3409), with no line terminators
Size
474 kB (474408 bytes)
Hash
6c402027e59b9f2f9ca129264a5cc8c8
25d02e518c5566e9eed1c8de3433d5ca65dc0af0
f0f081eced17ce1f6257c0bedc720a78e003b12fc7f94efa402783d54ebd2301

HTTP Headers

GET /assets/main.979d7e4cd6639d976a81.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"d51-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 31121
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617e5811569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en

104.22.35.217

200 OK

0 B

URL POST HTTP/2
aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/analyticsEvent?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:22 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAXsEhZa1mBYo; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:22 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6619b79faabe7-CPH
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en

104.22.35.217

200 OK

0 B

URL POST HTTP/2
aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/analyticsEvent?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:22 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAXsEhZa1mBYo; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:22 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6619c6b0cabe7-CPH
X-Firefox-Spdy: h2

ninecasino.com/theme.css?v=^0.1.54

172.67.39.215

200 OK

65 kB

URL GET HTTP/2
ninecasino.com/theme.css?v=^0.1.54
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
65 kB (64919 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /theme.css?v=^0.1.54 HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2400000
cf-bgj: minify
etag: W/"fd97-19192f65696"
last-modified: Tue, 27 Aug 2024 08:31:43 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 454609
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661791dba569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.afc9229a99f8eb10fbba.js

172.67.39.215

200 OK

7.1 kB

URL GET HTTP/2
ninecasino.com/assets/main.afc9229a99f8eb10fbba.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (7254), with no line terminators
Size
7.1 kB (7140 bytes)
Hash
ffebbeb43e056e09d845c6b3b38d4ce3
579ac63a2b1ce50762491dfdc28b71a35b1c06fb
b2cd68d7f2bc1e27b811a55b0b2b742d8636862e3ad06a136b8b7b980946371f

HTTP Headers

GET /assets/main.afc9229a99f8eb10fbba.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"1be4-191a1fb2d27"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10921
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617c8cef569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.318277b394886d6c3b44.js

172.67.39.215

200 OK

982 B

URL GET HTTP/2
ninecasino.com/assets/main.318277b394886d6c3b44.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (992), with no line terminators
Size
982 B (982 bytes)
Hash
280511a58a259ba8f84769bc1754dd41
dabbaff82d55a1815ac08ae65cf5dfb2bd229715
3216cb59351c23736008fbb80718dd4ca7b91f41526179968c558f983cc870ce

HTTP Headers

GET /assets/main.318277b394886d6c3b44.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"3d6-191a1fb2d13"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 8720
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617c9d06569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.a5eddf3b65efaaab758d.js

172.67.39.215

200 OK

2.2 kB

URL GET HTTP/2
ninecasino.com/assets/main.a5eddf3b65efaaab758d.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2190), with no line terminators
Size
2.2 kB (2174 bytes)
Hash
8f87357d7a5aa1a98bd4366d3cb49774
d9b4f2138fcc9396b32d120e009c3f001d0a8ae9
c7e519006994c53d24d6631122c4d54d1d5e63cf75565250f4812d0a1faee0da

HTTP Headers

GET /assets/main.a5eddf3b65efaaab758d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"87e-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10921
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617d9eb1569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/BankTransfer.svg

104.22.35.217

200 OK

14 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/BankTransfer.svg
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
14 kB (13798 bytes)
Hash
11eb5d7c4f53afcb6da9e51d212aff1b
b26b7cf4afbf6730810f018c6891ed80cafd0342
8d83815395300f68134a0277acdadf03dce4e2500db8af89709bbfa2b0d3c3ba

HTTP Headers

GET /images/footer-payment-methods/BankTransfer.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:39 GMT
etag: W/"11eb5d7c4f53afcb6da9e51d212aff1b"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 36350dd697b9af80be27aaf4296fbde4.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: ERhzGtNRfEtOrliipdAEZC4eGhCY_KmXRpFcCXo2KOUrEVCmI6WK8w==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 8bc6618939f78f60-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.0dcef775.css

172.67.39.215

200 OK

666 B

URL GET HTTP/2
ninecasino.com/assets/style.0dcef775.css
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (666), with no line terminators
Size
666 B (666 bytes)
Hash
287c90958c387882e88bd1564b4fe9d7
10d8d761dc19b58e072c6092d9432e35d8838d04
a2a943042375986feb907965f0d7dbb285759926ca2c468650d1c3d25c7568a8

HTTP Headers

GET /assets/style.0dcef775.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"29a-191a1fb2d33"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10921
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617e5804569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en

104.22.35.217

200 OK

2.2 kB

URL GET HTTP/2
aramuz.net/frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2484), with no line terminators
Size
2.2 kB (2212 bytes)
Hash
d3aaf6f27960dbfab8290312a526a860
f35fcf7a7795a5aff0c03739712244ff125845ce
cba18a346c244e939e31a2f85aebf36188c9864a60e5954fbeba350a4ef5fd65

HTTP Headers

GET /frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Visitor-Uuid: a4b22ee8-8de1-43b4-a39f-fad4fd78191f
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAX2jLVXvJ9DD; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:17 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6617e7c8fabe7-CPH
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/87d5d2918cfa93cb9ecb.js

172.67.39.215

200 OK

51 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/87d5d2918cfa93cb9ecb.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (51021), with no line terminators
Size
51 kB (51021 bytes)
Hash
31f0c5a6028aac95cc54a05404003a17
147ef3654c53450d99c5ef3439479306860c0de9
f4f0b85da857665e7f0f50b5ba97ad3ebda60fcde287b3db4e8dd545bc901a81

HTTP Headers

GET /assets/register/build/87d5d2918cfa93cb9ecb.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk|afp10:sms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
x-powered-by: Express
etag: W/"66d03ff3-c74d"
last-modified: Thu, 29 Aug 2024 09:31:31 GMT
cf-cache-status: HIT
age: 279399
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661804b88569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.a7b155e889b93dcc916d.js

172.67.39.215

200 OK

21 kB

URL GET HTTP/2
ninecasino.com/assets/main.a7b155e889b93dcc916d.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (21165), with no line terminators
Size
21 kB (21165 bytes)
Hash
2641bd4d7fba7f5d8f985c83eaad0c28
d65a843cfdcb741d21fc42361dc1354c3cb81135
370b2da2fb76b9c603ae799fef6f34f0a51990687c73d303a0ec8f2b27647726

HTTP Headers

GET /assets/main.a7b155e889b93dcc916d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=21168
etag: W/"52b0-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 8721
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617af9a7569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en

104.22.35.217

200 OK

0 B

URL OPTIONS HTTP/2
aramuz.net/frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAX2jLVXvJ9DD; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 16:44:17 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6617dcbafabe7-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Ezeewallet.svg

104.22.35.217

200 OK

4.3 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Ezeewallet.svg
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
4.3 kB (4301 bytes)
Hash
e1c85fc43444d911d6bf776c420a93d4
454319ec2ec301d7ac805e399fcc5a8393a07578
1c29a3e7bf9303f739ed50d6b5c0821cb79c6c1c38dd067040018c0c4757b03d

HTTP Headers

GET /images/footer-payment-methods/Ezeewallet.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:44 GMT
etag: W/"3f66c9fe10e8229bfb9854599c2f6daa"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 14ac9ebde59a0d49d111dc4e4f5e846c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: pFwqLFT4koWiQ7LkI5SRHLu8g_t69-3m0HO4DtEsmgBOmRc0jx9WuA==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 6746
server: cloudflare
cf-ray: 8bc6618909a88f60-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.5d4fb4ed3bcd9187e0cf.js

172.67.39.215

200 OK

1.6 kB

URL GET HTTP/2
ninecasino.com/assets/main.5d4fb4ed3bcd9187e0cf.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1673), with no line terminators
Size
1.6 kB (1645 bytes)
Hash
4f8202c24fde9854b9059d2cb429bdef
98c65e0061eab078b8343938c71c8b7756a691b4
233cc3c088595b73aed5c70ca36bf54ff8962c3133fa1e4036cd5315a374f98c

HTTP Headers

GET /assets/main.5d4fb4ed3bcd9187e0cf.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"66d-191a1fb2d1b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 9881
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617d9eae569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

auth.betonliga.com/

104.26.0.19

200 OK

310 B

URL GET HTTP/2
auth.betonliga.com/
IP
104.26.0.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectbetonliga.com
FingerprintA4:26:88:C1:EC:25:C3:E4:CF:86:61:81:D5:41:50:52:1C:66:9A:29
ValiditySun, 28 Jul 2024 05:02:04 GMT - Sat, 26 Oct 2024 05:02:03 GMT

File type
HTML document, ASCII text, with very long lines (335), with no line terminators
Size
310 B (310 bytes)
Hash
b713fa9c48720e5b04080f6948d64afc
dd8a9795e5edb7f622d428b846a76b66fa02b58f
d6bc931432d40fa0413b6c09a2220331084b1b7c5dfa5d3d2f24285d67c6ce15

HTTP Headers

GET / HTTP/1.1
Host: auth.betonliga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: text/html
last-modified: Thu, 09 Nov 2023 10:32:56 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEmGOt8wDy7MqS4WU6LSbTFbs9mjkaiK%2FfysEMW1PoitZOS%2BYGHC78B7DhAXxicdRoeMzg3KQxOtn32HI3gILBLCGjeWPaLNXrQmkEvIbONTjAHsyxNPG8GvovDziCQwCjjt4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bc6617e6f6956ba-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Jeton.svg

104.22.35.217

200 OK

5.5 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Jeton.svg
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
5.5 kB (5525 bytes)
Hash
f8d8a0101ea6580e5fc985ec5da1e96e
440f43b2f80c246dd5253057b81bd8167be684fa
4550b665e7e1dc2d5fbcd458ad1ef509edde39d9a2a512be4fdcb4221456405f

HTTP Headers

GET /images/footer-payment-methods/Jeton.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:38 GMT
etag: W/"89ef9095423785031f93fe7c9b3cdcef"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 c126163fdc452c400ffe65744c8b6612.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: hPHOY_H9ITNtbk8g4UNnvlkx_hasFLfVm8LBhWt_qt4T_0iEErLmJA==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 6746
server: cloudflare
cf-ray: 8bc6618909aa8f60-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.ad44267e775aabb797a9.js

172.67.39.215

200 OK

3.3 kB

URL GET HTTP/2
ninecasino.com/assets/main.ad44267e775aabb797a9.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (3398), with no line terminators
Size
3.3 kB (3268 bytes)
Hash
e4cf234de9bcb596bb9572a8a4b41a25
4c8b13c09cca5273f654aa6216b476253fcc9fc0
45768ca8744c7aa253fab6411d8f64f6455bd9bf474b492ead3d677b852de51e

HTTP Headers

GET /assets/main.ad44267e775aabb797a9.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"cc4-191a1fb2d27"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 4296
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617ee94d569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/cms_bo/build/remoteEntry.js?0.6631205749570761

172.67.39.215

200 OK

3.3 kB

URL GET HTTP/2
ninecasino.com/assets/cms_bo/build/remoteEntry.js?0.6631205749570761
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (3426), with no line terminators
Size
3.3 kB (3348 bytes)
Hash
79d9948f7d7f5274d5a97b95fd63fe55
88bccb8c72527d4799fbd41166df995d44c9e4d4
bf5bc56d868a64f21f7571f968b638179c322f4aca90c915221efc25e70fbaaa

HTTP Headers

GET /assets/cms_bo/build/remoteEntry.js?0.6631205749570761 HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript
x-powered-by: Express
etag: W/"66d0758d-d14"
last-modified: Thu, 29 Aug 2024 13:20:13 GMT
cache-control: public, max-age=300
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617f1988569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.2a1d6cf7.css

172.67.39.215

200 OK

122 B

URL GET HTTP/2
ninecasino.com/assets/style.2a1d6cf7.css
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with no line terminators
Size
122 B (122 bytes)
Hash
350d5660dc216480a4c5539f382966e6
bb3b6aeb26f31d8407bb8980899e7d168a9fe2c0
8ffffed597da1378b7f5e658868d5c764e68b0eb5cf604da2abb49e256cbb05d

HTTP Headers

GET /assets/style.2a1d6cf7.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=124
etag: W/"7c-191a1fb2d37"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10006
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661791dcb569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.b8c501117d3e484cbe43.js

172.67.39.215

200 OK

1.1 kB

URL GET HTTP/2
ninecasino.com/assets/main.b8c501117d3e484cbe43.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1077), with no line terminators
Size
1.1 kB (1061 bytes)
Hash
b68c54cd3af8f753461b780fd6691446
ba68f49df8846042319cca92dce1e6d3c0bb0f38
513affba994ab435cfa3970e71a7f5699677166762cfb6d0387ddb085c12fe61

HTTP Headers

GET /assets/main.b8c501117d3e484cbe43.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"425-191a1fb2d27"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10031
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617c6cbd569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/backoffice/cms/affiliate_landing/default_ssl-logo.svg

104.22.35.217

200 OK

13 kB

URL GET HTTP/2
cdn.aramuz.net/backoffice/cms/affiliate_landing/default_ssl-logo.svg
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
13 kB (13150 bytes)
Hash
a693386c72fa6f6940e5d7032e8ab87a
91f19aaf1b180770d813f8ac7b78dc2f530e123e
b20f80874f200b9c2e36ce10f593b173da1d9103656635b164f2b4218fe8979a

HTTP Headers

GET /backoffice/cms/affiliate_landing/default_ssl-logo.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jun 2023 07:55:58 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
etag: W/"a693386c72fa6f6940e5d7032e8ab87a"
vary: accept-encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 3282be13995871d1c682f618f37df606.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: 5m6fUzkNV06DsOVyS9Xzw_E7NwX8Q6ITuocxsc2Up1FSpFf5TsLjsw==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 1971
server: cloudflare
cf-ray: 8bc6618878d58f60-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.33dc8d7c.css

172.67.39.215

200 OK

179 B

URL GET HTTP/2
ninecasino.com/assets/style.33dc8d7c.css
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
16acd926458bedbc045f317ea53f31d8
d50d57c36817ab2f3b21d0f103f3f8c991dac722
449853cd611da42b730f628f17c4b3f17818180bc7ce850820f775f709b54a2d

HTTP Headers

GET /assets/style.33dc8d7c.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"b3-191a1fb2d37"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 30338
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661791dc9569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.d220d85a.css

172.67.39.215

200 OK

3.0 kB

URL GET HTTP/2
ninecasino.com/assets/style.d220d85a.css
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (2980), with no line terminators
Size
3.0 kB (2980 bytes)
Hash
43408de228897cb2889235f4f15812f7
82f61a4791f6a01d9c950aecf4d16e27363da704
e77a8c5e868ab4e6da37789ccd060aec96bf64f6d6d76e216a2a41491861ff8a

HTTP Headers

GET /assets/style.d220d85a.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"ba4-191a1fb2d43"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 4673
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661791dcd569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800;900&display=swap

142.250.74.170

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800;900&display=swap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint67:2C:47:03:FC:2F:6C:04:CD:B8:61:4D:97:F1:C4:EA:71:E9:9E:11
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
ASCII text
Size
11 kB (10980 bytes)
Hash
2654a9f83638e3c228ae6f778b6952ee
d1316cd791aad53e1cc170343c5d5018719b0496
a95a220a98893e07ffb415f50c9aaac2ed078d15300534e0e82d3b27e7eb3a7c

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 01 Sep 2024 15:44:16 GMT
date: Sun, 01 Sep 2024 15:44:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.igrand.pro/backoffice/cms/affiliate_landing/stepOne.svg

104.26.9.58

200 OK

515 B

URL GET HTTP/2
cdn.igrand.pro/backoffice/cms/affiliate_landing/stepOne.svg
IP
104.26.9.58:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectigrand.pro
Fingerprint3D:BB:D8:FD:C4:7D:07:22:A3:58:AD:5F:BA:A4:37:2A:68:CF:16:07
ValidityFri, 16 Aug 2024 05:45:09 GMT - Thu, 14 Nov 2024 05:45:08 GMT

File type
SVG Scalable Vector Graphics image
Size
515 B (515 bytes)
Hash
9173d15aaf77b0405281d491473d5866
0add872cb4383a1e17fbad0fcde7fce2055fe1a6
ffd6f5fbbd1249ffd66513ab1d921f22c3bd03d6d679b59c0d6c0533447973c9

HTTP Headers

GET /backoffice/cms/affiliate_landing/stepOne.svg HTTP/1.1
Host: cdn.igrand.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
x-amz-id-2: sH65ubbO70IxK0aoRuXqpGKvF6Ijy2GS95hcyvBNJe38cMNyM6Om8MwS/qlyapbCiuA2yvqHKS3Nj6M53t1dYo188vSw1gECtmdOQVUTwKI=
x-amz-request-id: D2B3X6EX5FBXSCS9
last-modified: Wed, 24 Jan 2024 20:19:09 GMT
etag: W/"f51c03d0a69fa17c25cb664a04b2f295"
cache-control: max-age=3600
cf-cache-status: HIT
age: 7148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKecz53IgcG4KzQPzpvZUkQDTqMvvchNaAlqvSF9SrHY8ak7HTW66uGEqcvkzF5CLoX%2BSaUFySt2Je7hDw3jQOux4UVtztzuM5F%2FYhN2c6GGhv1v1%2FANLd47siwlG9fA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc66188ca50b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms&rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiI0NzA5Nl8xNzM4MTMzX3xhZnAxOnRya09BcFVWUXdiU0pERkF6WENXRFduSnNmMnRya3xhZnAxMDpzbXMiLCJhZnAxIjoidHJrT0FwVVZRd2JTSkRGQXpYQ1dEV25Kc2YydHJrIiwiYWZwMTAiOiJzbXMiLCJidGEiOiI0NzA5NiIsIm5jaSI6IjU2NjEiLCJxbHQiOiJ0cnVlIiwidXRtX2NhbXBhaWduIjoic21zIiwicm90YXRvcklkIjoiZmI3NDc3ZmEyYjViYzEyNzNjYjk1YjRlMDVjYzJmYTkzNTI4M2M0MTA5OTUxYmU1MzJkZTU1NDY4NmRmNWQ3MyIsInJvdGF0b3JSb3V0ZXIiOiJnb2Nhc2lub25pbmUuY29tIn0%253D

172.67.39.215

302 Found

33 kB

URL User Request GET HTTP/2
ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms&rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiI0NzA5Nl8xNzM4MTMzX3xhZnAxOnRya09BcFVWUXdiU0pERkF6WENXRFduSnNmMnRya3xhZnAxMDpzbXMiLCJhZnAxIjoidHJrT0FwVVZRd2JTSkRGQXpYQ1dEV25Kc2YydHJrIiwiYWZwMTAiOiJzbXMiLCJidGEiOiI0NzA5NiIsIm5jaSI6IjU2NjEiLCJxbHQiOiJ0cnVlIiwidXRtX2NhbXBhaWduIjoic21zIiwicm90YXRvcklkIjoiZmI3NDc3ZmEyYjViYzEyNzNjYjk1YjRlMDVjYzJmYTkzNTI4M2M0MTA5OTUxYmU1MzJkZTU1NDY4NmRmNWQ3MyIsInJvdGF0b3JSb3V0ZXIiOiJnb2Nhc2lub25pbmUuY29tIn0%253D
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
33 kB (33064 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms&rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiI0NzA5Nl8xNzM4MTMzX3xhZnAxOnRya09BcFVWUXdiU0pERkF6WENXRFduSnNmMnRya3xhZnAxMDpzbXMiLCJhZnAxIjoidHJrT0FwVVZRd2JTSkRGQXpYQ1dEV25Kc2YydHJrIiwiYWZwMTAiOiJzbXMiLCJidGEiOiI0NzA5NiIsIm5jaSI6IjU2NjEiLCJxbHQiOiJ0cnVlIiwidXRtX2NhbXBhaWduIjoic21zIiwicm90YXRvcklkIjoiZmI3NDc3ZmEyYjViYzEyNzNjYjk1YjRlMDVjYzJmYTkzNTI4M2M0MTA5OTUxYmU1MzJkZTU1NDY4NmRmNWQ3MyIsInJvdGF0b3JSb3V0ZXIiOiJnb2Nhc2lub25pbmUuY29tIn0%253D HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 01 Sep 2024 15:44:16 GMT
location: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
x-powered-by: Express
set-cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 21:33:28 GMT
rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 21:33:28 GMT
rotatorRouter=gocasinonine.com; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 21:33:28 GMT
cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; Max-Age=604800; Path=/; Expires=Sun, 08 Sep 2024 15:44:16 GMT
qlt=true; Max-Age=604800; Path=/; Expires=Sun, 08 Sep 2024 15:44:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc661740b2b569f-OSL
X-Firefox-Spdy: h2

cdn.aramuz.net/lokalise/ninecasino/en.json?timestamp=1725202880

104.22.35.217

200 OK

220 kB

URL GET HTTP/2
cdn.aramuz.net/lokalise/ninecasino/en.json?timestamp=1725202880
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
JSON text data
Size
220 kB (220256 bytes)
Hash
9d0b2ba3f6fd89cd8b5f90bdd026e640
66f402550fed587b56eb78bf278e6ca266fdcacf
05e610874df638bc370d372882b3ee9da87acea03a1ef2b10375bd1b392d3bd2

HTTP Headers

GET /lokalise/ninecasino/en.json?timestamp=1725202880 HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Sun, 01 Sep 2024 01:00:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6QlvzqfrjK6AmhpU99M_VxqX5hKLfuRy
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ce212714683674e5fb514cf3923f165c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: i5Y6WATV0MaN-5Uj21oAYb2xs184GSw5ZVoO0Qq7JQNvYbMU0RieBA==
age: 147
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6617c98698f60-CPH
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Paysafecard.svg

104.22.35.217

200 OK

8.4 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Paysafecard.svg
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
8.4 kB (8431 bytes)
Hash
31b40c1c7fb8d26543a90430faa61211
6ee47e62c8faca330ad867741bf63e8072e6bf8c
10a8a8e6e0231f1351d928420cf292a9c8efc0faef46509ef1a3aa83e472cc85

HTTP Headers

GET /images/footer-payment-methods/Paysafecard.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:51 GMT
etag: W/"1e4822cf726cab748cd792a94c34f80c"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 169057b8db0fb379ccba5daa74680acc.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: hkvT52dZLnEPh8mY17K3Kj4bSQSN38pA8SDZZWF1Xmup5ms1tn0lMQ==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 1533
server: cloudflare
cf-ray: 8bc661895a328f60-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.68570695.css

172.67.39.215

200 OK

4.2 kB

URL GET HTTP/2
ninecasino.com/assets/style.68570695.css
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (4224), with no line terminators
Size
4.2 kB (4224 bytes)
Hash
5261950e8f93ff00b3a33cc6f691ec51
219af4f18e644ad9cf030cd8c44545e6512f1e62
e52a42cddd7745d41f07f10a154cfb1c0917d971e657021c045a5961a9c18d76

HTTP Headers

GET /assets/style.68570695.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"1080-191a1fb2d3b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 4673
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661792dce569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/f90690b3fff846d6749c.js

172.67.39.215

200 OK

38 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/f90690b3fff846d6749c.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (38356), with no line terminators
Size
38 kB (38356 bytes)
Hash
f352eb864833f7e05e273ed79ffc5672
d21b135e713222672af329c229eb323d5ebda5ba
7b069db31d385393a605ae15cfaf2c0e4c64c0936ec3eb6f7da950fd458abde7

HTTP Headers

GET /assets/register/build/f90690b3fff846d6749c.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkOApUVQwbSJDFAzXCWDWnJsf2trk|afp10:sms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en; isPwa=false; UGID=698949009036474147
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:18 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
x-powered-by: Express
etag: W/"66c5aa93-95d4"
last-modified: Wed, 21 Aug 2024 08:51:31 GMT
cf-cache-status: HIT
age: 973633
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6618348c0569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.85202ea707482059d629.js

172.67.39.215

200 OK

54 kB

URL GET HTTP/2
ninecasino.com/assets/main.85202ea707482059d629.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (54450), with no line terminators
Size
54 kB (54450 bytes)
Hash
059563db679f065356498d2b4a1e8fa4
82baae7aedc42ad12e6669cc2e596e52bb7830fe
87f74d9faeccf4089df64c2b260d6a8fd2b4fe03b1cd80b3a726d441fd84fd0a

HTTP Headers

GET /assets/main.85202ea707482059d629.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"d4b2-191a1fb2d1f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 4852
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617ac91a569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.igrand.pro/backoffice/cms/affiliate_landing/stepThree.svg

104.26.9.58

200 OK

7.4 kB

URL GET HTTP/2
cdn.igrand.pro/backoffice/cms/affiliate_landing/stepThree.svg
IP
104.26.9.58:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectigrand.pro
Fingerprint3D:BB:D8:FD:C4:7D:07:22:A3:58:AD:5F:BA:A4:37:2A:68:CF:16:07
ValidityFri, 16 Aug 2024 05:45:09 GMT - Thu, 14 Nov 2024 05:45:08 GMT

File type
SVG Scalable Vector Graphics image
Size
7.4 kB (7358 bytes)
Hash
34e0c288c154a4bd4586d2de79217f45
ebad2226169d59771237660ecc9d05191f3bdd59
eea355a42ee9aba3ba8933c594ed08692c619e81c9bd9250e4e31aec3ab951b3

HTTP Headers

GET /backoffice/cms/affiliate_landing/stepThree.svg HTTP/1.1
Host: cdn.igrand.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
x-amz-id-2: 0mB2G8kmrLMFW/UXN5Gh9fP4SfaW692MjzOH/VvAJrC0CqvHkjoHD9YqXcnMLeVU28s8/dolSNZNKstP+6ykww==
x-amz-request-id: KZA7HXPXX5HCWXEJ
last-modified: Wed, 24 Jan 2024 20:19:16 GMT
etag: W/"0558c6508defac42c1683d37dd0b0189"
cache-control: max-age=3600
cf-cache-status: HIT
age: 7148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=72toCLsDXleEr3tuPft4LaaP2wMHNoFBh2qP%2BjyALhNFJsBg88O6p462DyHdQS64CfZx0uYC5uvYT5qZo2GPhKrnAGWDOMWt8eyowHI3HnLA0xW8SVchG%2BujSR6f%2F3Tw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc661894b57b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.36fa2b823166dab2f3e9.js

172.67.39.215

200 OK

41 kB

URL GET HTTP/2
ninecasino.com/assets/main.36fa2b823166dab2f3e9.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
41 kB (40607 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/main.36fa2b823166dab2f3e9.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"9e9f-191a1fb2d17"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 23006
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617af9a2569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.631ba3a707709718195b.js

172.67.39.215

200 OK

912 B

URL GET HTTP/2
ninecasino.com/assets/main.631ba3a707709718195b.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (932), with no line terminators
Size
912 B (912 bytes)
Hash
aadfbacde8823c84e570d507ba5ef31f
2849aa412a73dcd115d7889ec983766a5f1299a5
1b20da4033f6b3298181d45c2443bce00a2aa2b50e7a0f14d29c58a032ff9cd2

HTTP Headers

GET /assets/main.631ba3a707709718195b.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"390-191a1fb2d1b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10921
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617c8cff569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Visa.svg

104.22.35.217

200 OK

1.7 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Visa.svg
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1676 bytes)
Hash
ff762d27cdfc025cb1fff2e1bca89f6e
21c1a16ef4d30d04e2db91f0dbce513b0504cc90
7bcce617d511339255d3ec290dae0a7c85bb88f4e6cbcca7851664dec7a4998a

HTTP Headers

GET /images/footer-payment-methods/Visa.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:42 GMT
etag: W/"57efb5facba1ad4d5022cd8d4d94aa1a"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 7354b4c15a208a3cdb89df1d3154015a.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: M4fYY3S3fTON5HM5q__LOXvZrxVZPGFRdyxtwsJ9Kcf1AuleFfVdWg==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 6746
server: cloudflare
cf-ray: 8bc66189099f8f60-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.264dee95242ff64d9d2d.js

172.67.39.215

200 OK

52 kB

URL GET HTTP/2
ninecasino.com/assets/main.264dee95242ff64d9d2d.js
IP
172.67.39.215:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (52090), with no line terminators
Size
52 kB (52090 bytes)
Hash
7bd2331563f33b9a71c9f290789895a6
ab8834f41245150cf06652e298f9fd5e157df092
21ab2c5d2edadab70a7fef97d28f9519061c8807e322b69e8338460f6485a13a

HTTP Headers

GET /assets/main.264dee95242ff64d9d2d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=a4b22ee8-8de1-43b4-a39f-fad4fd78191f; rotatorId=fb7477fa2b5bc1273cb95b4e05cc2fa935283c4109951be532de554686df5d73; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725205456204; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"cb7a-191a1fb2d13"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 23006
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6617af9b1569f-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/backoffice/cms/affiliate_landing/default_18plus-logo.svg

104.22.35.217

200 OK

1.7 kB

URL GET HTTP/2
cdn.aramuz.net/backoffice/cms/affiliate_landing/default_18plus-logo.svg
IP
104.22.35.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkOApUVQwbSJDFAzXCWDWnJsf2trk%7Cafp10%3Asms&afp1=trkOApUVQwbSJDFAzXCWDWnJsf2trk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1739 bytes)
Hash
c25197c09f73336d431d321f28218dff
0e04f3b1f47b773b92a15d3e7f1d6cc029244aa1
20b884a99f67eab13d2441b388d695efa22149475e089ca16dae5c9ab2be01ce

HTTP Headers

GET /backoffice/cms/affiliate_landing/default_18plus-logo.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 15:44:19 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jun 2023 08:26:16 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
etag: W/"48374886480ae959a4217e8ce145713d"
vary: accept-encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 732d3ca1627bbec3dcfe750ff23e18bc.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: xCtFd1A9Z4bOmIjNkLHMvqkf-cudE1GRlw_vTiF-q_m9B7tT2hWjYA==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 1971
server: cloudflare
cf-ray: 8bc6618878d78f60-CPH
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by