Report - www.ontrklnk.com/visit/?bta=47096&nci=5661&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&qlt=true&utm

Report Overview

Visited public
2024-09-01 17:14:46
Tags
URL
www.ontrklnk.com/visit/?bta=47096&nci=5661&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&qlt=true&utm_campaign=sms
Finishing URL
ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true
IP / ASN
35.234.86.61
#396982 GOOGLE-CLOUD-PLATFORM
Title
Ninecasino - Play Slots Online for Free or Real Money

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-08-31 18:12:11	2.3 kB	6.2 kB	23.36.76.226
ninecasino.com	unknown	2016-09-15	2019-08-15 18:03:04	2024-08-24 14:29:48	53 kB	6.3 MB	104.22.15.198
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-08-31 18:27:47	1.3 kB	2.8 kB	142.250.74.131
sentry.marfa-tech.net	unknown	2021-06-03	2021-10-05 15:27:18	2024-08-30 09:15:13	1.2 kB	772 B	176.9.53.66
auth.betonliga.com	unknown	2022-11-24	2023-01-15 22:58:19	2024-08-30 09:12:25	507 B	884 B	172.67.68.177
www.ontrklnk.com	unknown	2023-09-13	2023-10-04 15:42:30	2024-08-24 14:29:46	568 B	702 B	35.234.86.61
aramuz.net	unknown	2020-09-08	2020-09-08 14:45:15	2024-08-24 14:29:50	6.9 kB	37 kB	104.22.34.217
gocasinonine.com	unknown	2024-07-08	2024-08-13 08:56:40	2024-08-24 14:29:47	649 B	39 kB	104.21.96.44
cdn.aramuz.net	unknown	2020-09-08	2021-10-13 17:55:38	2024-08-30 09:17:25	9.2 kB	984 kB	104.22.34.217
bi-metrics.aramuz.net	unknown	2020-09-08	2023-08-10 09:34:57	2024-08-30 09:16:57	1.1 kB	1.1 kB	142.132.243.105
cdn.igrand.pro	unknown	2024-01-15	2024-02-26 21:19:12	2024-04-14 07:32:25	1.4 kB	15 kB	104.26.9.58
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-08-31 18:12:11	1.6 kB	4.4 kB	23.36.76.226
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-09-01 11:06:04	1.1 kB	68 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-09-01 11:06:06	474 B	12 kB	142.250.74.74
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2024-09-01 16:31:34	494 B	20 kB	104.16.79.73

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-01	medium	ontrklnk.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (44)

	URL	From	Size	First Seen	Last Seen
	ninecasino.com/assets/register/build/1eaacaec941bf850384d.js	ScriptElement	21 kB	2024-08-17	2024-09-20
Pretty URL ninecasino.com/assets/register/build/1eaacaec941bf850384d.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-17 19:52 Last Seen2024-09-20 20:13 Times Seen29 Hash c43f1f84668dd0d00475caa3b64e2af8 d6d323a7370792e773adf399dc1cf0d0f6b5d5e8 b9768391ff04628c72f0a22ccaf857d69b85eae1fba55fbe0c5c9cb3c537d006 Loading...

	ninecasino.com/assets/cms_bo/assets/chunks/113.chunk.js	ScriptElement	5.2 MB	2024-05-30	2024-09-20
Pretty URL ninecasino.com/assets/cms_bo/assets/chunks/113.chunk.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-30 17:50 Last Seen2024-09-20 20:13 Times Seen21 Hash 46c4449df344fead6197bd73839b21b4 bbe8b9b472050cd2abf1822294b370e896f6c674 90d7fc1d09aaefc48ff99210d85e74ccf500c06c3a5cf6f3b907f4f1c74d990b Loading...

	ninecasino.com/assets/main.16cca10c38599f1e32d9.js	ScriptElement	68 kB	2024-01-20	2025-02-06
Pretty URL ninecasino.com/assets/main.16cca10c38599f1e32d9.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 23:23 Last Seen2025-02-06 21:16 Times Seen177 Hash 79fb124efb73d4d6cd64d0ccdbcbe064 b93398dd13de4c326eb5f578bd6c89c36c07ddc1 1b3215429883dbf3a129b64a2d614403206b3325d46ce336a09797748ae56139 Loading...

	ninecasino.com/assets/main.631ba3a707709718195b.js	ScriptElement	912 B	2024-08-10	2025-02-06
Pretty URL ninecasino.com/assets/main.631ba3a707709718195b.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-10 14:11 Last Seen2025-02-06 21:16 Times Seen91 Hash 5f2f0a8c8d901c158b35b56fad692112 ddc43ee8f90a72058c2e063cc2c636e7b44256d2 e7ff792a8856d81f691fad61e5762f061daaee091441ff85cf0a4e07aee54069 Loading...

	ninecasino.com/assets/main.ad44267e775aabb797a9.js	ScriptElement	3.3 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.ad44267e775aabb797a9.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash b065dfb08af38113be5cb678a3069e4f d354f0a4190ea7f6eafb398c690dc6e94ba25c45 b38efb39a62c5c773f5bca011f0eaa1ea01f94f519fd5e999f45008bcf430a05 Loading...

	ninecasino.com/assets/register/build/958e8340f858e7b75874.js	ScriptElement	875 B	2024-08-17	2024-09-20
Pretty URL ninecasino.com/assets/register/build/958e8340f858e7b75874.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-17 19:52 Last Seen2024-09-20 20:13 Times Seen29 Hash e08cef48ae1dbd116aae14400b2d077a 7f84c01110b0eaac53e66a4015f2ead70647898f e7171e7c0a2dc767d95a55f7fba2b5d26b7b263928054aaecd0fbac234593049 Loading...

	ninecasino.com/assets/main.13b0a47d57ed334cbb10.js	ScriptElement	82 kB	2024-06-12	2024-09-20
Pretty URL ninecasino.com/assets/main.13b0a47d57ed334cbb10.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:55 Last Seen2024-09-20 20:13 Times Seen66 Hash c9b55801db89e8a6974a5971b6120c46 7bf14b1b7cdf8ba8502fbc75bf9bcfb1a6457af8 0b35b84e5dde158a67c86d1a4065fd9b2540935a385647af30a4cc8c64f5969d Loading...

	ninecasino.com/assets/main.264dee95242ff64d9d2d.js	ScriptElement	52 kB	2024-08-28	2024-09-20
Pretty URL ninecasino.com/assets/main.264dee95242ff64d9d2d.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 15:50 Last Seen2024-09-20 20:13 Times Seen14 Hash 7bd2331563f33b9a71c9f290789895a6 ab8834f41245150cf06652e298f9fd5e157df092 21ab2c5d2edadab70a7fef97d28f9519061c8807e322b69e8338460f6485a13a Loading...

	ninecasino.com/assets/main.5b3ee8898426f346e98d.js	ScriptElement	1.6 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/main.5b3ee8898426f346e98d.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 13:00 Last Seen2024-09-20 20:13 Times Seen11 Hash 7610720c75ba8dc94eff8610aa7c2c86 706293741f264cd7a03eb17be21f77c1228b3bd5 dbb9893bfe2c99dc6b33296e6421fbd56acf7428bc096fda20088af3503c8ca6 Loading...

	ninecasino.com/assets/main.a5eddf3b65efaaab758d.js	ScriptElement	2.2 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.a5eddf3b65efaaab758d.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash 4efa515894f8d469c99792e8e7faa256 a3eb67baa14f07187d144da548df480d1b1e9ce3 609b37c7352c83effb1933f84e45837afe19711ce155a4d383a7baee5022bbc2 Loading...

	ninecasino.com/modernizr.client.js	ScriptElement	3.1 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/modernizr.client.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 19:59 Last Seen2024-09-20 20:13 Times Seen23 Hash 1678465ae15de0becdbb6561ff5f7d51 3b74f38ceb5581dbc96c43e9a337edfd1fe30062 2da6803cc279755f9e3ff96bd7f52cb0095d434f3d30f86e01e11eddf017a642 Loading...

	ninecasino.com/assets/main.e11312d9921965c8dc1b.js	ScriptElement	36 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/main.e11312d9921965c8dc1b.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 13:00 Last Seen2024-09-20 20:13 Times Seen11 Hash e0169e0a5aa3473c11dcc8f04aa22ea8 b04b034391584611125032d3e1e126ae6c692772 8a9e3d2e212fc19040262b961fd82c69159a92b2e8012dec3ca5f536762ae1c7 Loading...

	ninecasino.com/assets/main.a7b155e889b93dcc916d.js	ScriptElement	21 kB	2024-06-12	2024-09-20
Pretty URL ninecasino.com/assets/main.a7b155e889b93dcc916d.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:56 Last Seen2024-09-20 20:13 Times Seen66 Hash 2641bd4d7fba7f5d8f985c83eaad0c28 d65a843cfdcb741d21fc42361dc1354c3cb81135 370b2da2fb76b9c603ae799fef6f34f0a51990687c73d303a0ec8f2b27647726 Loading...

	ninecasino.com/assets/main.36fa2b823166dab2f3e9.js	ScriptElement	41 kB	2024-08-28	2024-09-20
Pretty URL ninecasino.com/assets/main.36fa2b823166dab2f3e9.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-28 15:50 Last Seen2024-09-20 20:13 Times Seen19 Hash 7517df58233cb3f05222f138f77e1337 dcbb1781bd71294b060563b7e3a984d67c530953 75169395772c21560ae938b6f0f7fb03d31f1e733714dc76553f55e85c24e865 Loading...

	ninecasino.com/assets/main.02d0a2625838efc0b6e7.js	ScriptElement	1.4 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.02d0a2625838efc0b6e7.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 19:59 Last Seen2024-09-20 20:13 Times Seen24 Hash eebcebf8d2707c2b5f2a476047959eb0 94400a7a56eccb155055da13046717b1d38e7540 0f0a5532179aa2e7ac1fa388d47eced72850cabcddd15354c3780dbef5e30c91 Loading...

	ninecasino.com/assets/main.c00c1953b33850002460.js	ScriptElement	592 B	2024-06-12	2024-10-27
Pretty URL ninecasino.com/assets/main.c00c1953b33850002460.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:55 Last Seen2024-10-27 17:44 Times Seen77 Hash 7786d22719e865ddbe03d83d61d3f7c3 2a62c906bc855ce93e0f4a1f781ab256f7ff364a ac4534d729d5c6313279e6a8064c0ea79b8e6e91da032990b177f0db58ffaa3e Loading...

	ninecasino.com/assets/main.979d7e4cd6639d976a81.js	ScriptElement	3.4 kB	2024-08-10	2024-09-20
Pretty URL ninecasino.com/assets/main.979d7e4cd6639d976a81.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-10 14:11 Last Seen2024-09-20 20:13 Times Seen38 Hash 6c402027e59b9f2f9ca129264a5cc8c8 25d02e518c5566e9eed1c8de3433d5ca65dc0af0 f0f081eced17ce1f6257c0bedc720a78e003b12fc7f94efa402783d54ebd2301 Loading...

	unknown	Function	146 B	2023-06-24	2025-04-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-06-24 05:02 Last Seen2025-04-21 09:28 Times Seen306 Hash eaf74464ec2717e88e0d3521dd86d63a c7b11a1c30899a64387f4b196c2fb35a2f9fee6b bbd85b7a3316765f9836aaee4114d52abbf9c4d099c415c60c1a2e105a8c596a Loading...

	ninecasino.com/assets/main.b8c501117d3e484cbe43.js	ScriptElement	1.1 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.b8c501117d3e484cbe43.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash 0348ea269a471c55858cbcbec765939e 85e9c6078d919caf47c4fe7dbf033127095bb40d f5bcfdfe8f36f451e0b0624a14414fdd88448e0fb7d754859ae32a05e78392f2 Loading...

	ninecasino.com/assets/cms_bo/build/remoteEntry.js?0.6831988887588578	ScriptElement	3.3 kB	2024-05-30	2025-03-24
Pretty URL ninecasino.com/assets/cms_bo/build/remoteEntry.js?0.6831988887588578 IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-30 17:50 Last Seen2025-03-24 03:04 Times Seen35 Hash ff12b2cdfbc86f69226aabaccb617688 3f7035fc3afe72ee2433404b8b4c15954ef8c792 eb4df4d68c9ab19c3d549b7eff666b13a003ca27e17297fe3073da16c79fcba4 Loading...

	ninecasino.com/assets/register/build/155eec208cd2a5e2ff9e.js	ScriptElement	20 kB	2024-07-16	2024-09-20
Pretty URL ninecasino.com/assets/register/build/155eec208cd2a5e2ff9e.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-16 08:07 Last Seen2024-09-20 20:13 Times Seen57 Hash 676c3dd7083559f2b2e8e519efa2e367 06b32f0c44f44d970e7d52a1a7db4d192e1dd3e5 23be098f99a2f0f7b1e948b408d86c6a4458284b86c93181f32ad35a81b204cb Loading...

	ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms	ScriptElement	104 B	2023-03-14	2025-04-21
Pretty URL ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 01:02 Last Seen2025-04-21 09:28 Times Seen341 Hash 21ac9cc7bc6350f0ef91cf15f5fcd0c4 a59118fe5f9e1b1b9b6b74f9f21936c0a65b950f f0cf1f9b2124dfea1706498e57be0f0a665203035d3a4a58955a550ece6ee2c4 Loading...

	ninecasino.com/assets/main.77d3821ebfe065b0b436.js	ScriptElement	37 kB	2024-06-12	2024-09-20
Pretty URL ninecasino.com/assets/main.77d3821ebfe065b0b436.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:56 Last Seen2024-09-20 20:13 Times Seen66 Hash 2251b669db938d2a8d8ad228ad7eaf3a cfa047c5ee847476608af333e0e384cbdf757492 a8a7c77b3a9e7559ccfdbf295f6429234c3c25d6227126dbe1adf071a4ade24c Loading...

	ninecasino.com/assets/main.afc9229a99f8eb10fbba.js	ScriptElement	7.1 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.afc9229a99f8eb10fbba.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash 3528b613d4ba4e7d24f56c5063451727 1541b28405bc424fbaf92f46175a8e61c3ecad19 f125f218f1e29432aee8eb29eddc3fdff4ff8c5e6480c412775f0558b6fedddd Loading...

	unknown	Function	250 B	2023-12-03	2024-09-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-03 06:20 Last Seen2024-09-20 20:02 Times Seen54 Hash c86d6dfa424df071e8e6a6e4a09c70a1 99a97ca35499c6c8c4e726fde19c932b5c5c99b8 6040361c3ba910e41edbab121a742869ad557676d413290ea58eb9e60dea1c8c Loading...

	ninecasino.com/assets/main.318277b394886d6c3b44.js	ScriptElement	982 B	2024-06-22	2024-09-20
Pretty URL ninecasino.com/assets/main.318277b394886d6c3b44.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-22 13:36 Last Seen2024-09-20 20:13 Times Seen67 Hash 82e91d1296ccbd4ef6ec570bdfc81b74 284d93fa62a3bbb59a2d53608b6a6826cfc5ec5b 8f25f7509b4e580d0b32e3ca74f9099ac4d7d0af4d0213418b05a6354512be4f Loading...

	ninecasino.com/assets/main.a548ac689c47f91ac216.js	ScriptElement	1.7 kB	2024-07-26	2024-09-20
Pretty URL ninecasino.com/assets/main.a548ac689c47f91ac216.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 19:01 Last Seen2024-09-20 20:13 Times Seen46 Hash 215183669940e7fc4d6b60acee7a3ee0 f0f1f33b078c45f578d6c6c7b48a95be6bd7183f 4e8469120d5487272790285c390ee283ca8e25cca8f7a49e968e342fe68ceece Loading...

	unknown	Function	218 B	2023-09-10	2025-04-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-09-10 00:20 Last Seen2025-04-21 09:28 Times Seen277 Hash 989614ac54a4ed061f9992e4c0741146 9510c6181ca8aee9c69fdfde9143ab84f5d72b29 65be92c50b7781079560997aaab3d61693f95402c1667c0811ddfb0b619013cf Loading...

	ninecasino.com/assets/main.c8fce02bff3e38f97822.js	ScriptElement	2.7 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.c8fce02bff3e38f97822.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 19:59 Last Seen2024-09-20 20:13 Times Seen15 Hash dc7b8daa47f06a3b5bc530c9c3642842 d530f33719ea2f5bb55b8c2e74a9856539fd254f 605248716cbbd435c0e32a1b6c95b599158f59383a2073a786a1bbb8f4c5e275 Loading...

	unknown	Function	159 B	2023-09-10	2025-04-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-09-10 00:20 Last Seen2025-04-21 09:28 Times Seen276 Hash 8021f3fb46f26f9d08ea2f4170303feb 44b2e9e96037fa5cbc8e47f0151129fdca9011e5 3571b52e25bcaa5e695c0a31b542bed6e5c2414b045ae16a9eab45ef1a57a061 Loading...

	unknown	Function	139 B	2023-06-06	2025-04-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-06-06 19:23 Last Seen2025-04-21 09:28 Times Seen293 Hash 7c3d627c2d14830554a6090ed20bec82 f404689da32e3ea6d9895b2fcbd601c5a03a9192 d561bf451dbdbe63a479e8bce3c10a247fbac8adc45c9fea9c07b53a1f179599 Loading...

	ninecasino.com/assets/register/build/fc1f2071bc03ec22c5d0.js	ScriptElement	50 kB	2024-08-13	2024-09-20
Pretty URL ninecasino.com/assets/register/build/fc1f2071bc03ec22c5d0.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-13 23:03 Last Seen2024-09-20 20:13 Times Seen33 Hash 7f824212573f99acba14fa79514c7714 d7c22748e21e85152ef7f78d345639aae2e118f0 ecb1320791de856635cb2cd6bc0329e0c6a89358e919eca8a3bb7f60371b9152 Loading...

	ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms	ScriptElement	30 kB	2024-09-20	2024-09-20
Pretty URL ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-20 20:01 Last Seen2024-09-20 20:01 Times Seen1 Hash a2d5ceff9a2bbb26d10fea2cb3485737 1343fa33edd185b1c8fc04ce4dfa9f022f065ecb 6bd35d65614e7d34b10a2e8fb78b0ebbe400c682790183b996fc32fbaa3bfdcc Loading...

	ninecasino.com/assets/main.85202ea707482059d629.js	ScriptElement	54 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/main.85202ea707482059d629.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 13:00 Last Seen2024-09-20 20:13 Times Seen11 Hash 059563db679f065356498d2b4a1e8fa4 82baae7aedc42ad12e6669cc2e596e52bb7830fe 87f74d9faeccf4089df64c2b260d6a8fd2b4fe03b1cd80b3a726d441fd84fd0a Loading...

	ninecasino.com/assets/main.34f47f504463d3f350fa.js	ScriptElement	86 kB	2024-06-12	2024-09-20
Pretty URL ninecasino.com/assets/main.34f47f504463d3f350fa.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-12 10:56 Last Seen2024-09-20 20:13 Times Seen66 Hash a33e02cf21b8910baa36ba46ba3afbf8 6b898db0d305d7e3f2dc9b5bfb5a92945eb0dfee 496e28e950094d55b7227b3b33b73ca766ad5233f3dbbdc9fba2d409226b8c87 Loading...

	ninecasino.com/assets/main.fa82552e3763c284c997.js	ScriptElement	1.9 kB	2024-07-12	2025-04-21
Pretty URL ninecasino.com/assets/main.fa82552e3763c284c997.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-12 08:59 Last Seen2025-04-21 09:28 Times Seen255 Hash 7a34b69319c63a8fdbcddd16321f26f3 d3d8b9f54e636fbac1f1bdf9a0ddd07d5bc00729 0a042a7627dbe9721cec7c8aa5be7f0cecaa7931706de9de346ebcaa3eea8654 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-04-26
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-04-26 00:19 Times Seen47464 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	ninecasino.com/assets/main.a6aae19d83225072d497.js	ScriptElement	5.8 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/main.a6aae19d83225072d497.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 13:00 Last Seen2024-09-20 20:13 Times Seen11 Hash 27e39173cba50283b4d006a35bbb8077 3b759b3aea589f252b751ea245b4a3eb13b23cf2 9459c17a446012500948acec8c15863953a336d48f5959cfc86ff7411e0cc227 Loading...

	ninecasino.com/assets/register/build/87d5d2918cfa93cb9ecb.js	ScriptElement	51 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/register/build/87d5d2918cfa93cb9ecb.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 08:29 Last Seen2024-09-20 20:13 Times Seen12 Hash 31f0c5a6028aac95cc54a05404003a17 147ef3654c53450d99c5ef3439479306860c0de9 f4f0b85da857665e7f0f50b5ba97ad3ebda60fcde287b3db4e8dd545bc901a81 Loading...

	ninecasino.com/assets/register/build/f90690b3fff846d6749c.js	ScriptElement	38 kB	2024-08-21	2024-09-20
Pretty URL ninecasino.com/assets/register/build/f90690b3fff846d6749c.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 22:00 Last Seen2024-09-20 20:13 Times Seen26 Hash f352eb864833f7e05e273ed79ffc5672 d21b135e713222672af329c229eb323d5ebda5ba 7b069db31d385393a605ae15cfaf2c0e4c64c0936ec3eb6f7da950fd458abde7 Loading...

	ninecasino.com/assets/main.1584e87908484b5d1c11.js	ScriptElement	44 kB	2024-08-19	2024-09-20
Pretty URL ninecasino.com/assets/main.1584e87908484b5d1c11.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:58 Last Seen2024-09-20 20:13 Times Seen27 Hash 13b29e25e514e3ddbc474ad4d984590c 66238d13831d8f3958c11dfdbb1f4a773b49d575 c1a90fa03284b57f42a66f4d8715fa5ceef1b4485d539b4068603a6c4e6e89eb Loading...

	ninecasino.com/assets/main.5d4fb4ed3bcd9187e0cf.js	ScriptElement	1.6 kB	2024-08-19	2024-09-20
Pretty URL ninecasino.com/assets/main.5d4fb4ed3bcd9187e0cf.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:58 Last Seen2024-09-20 20:13 Times Seen21 Hash 546d43e42f6ea8b7b37aec280eae6a7e 0ddaa2ae8d042b307e3d18903574ac99bb1f9cd9 3bf5e5cef23b25baba963797b24dbf4167d383ecfc5cb4a20363707af491cdd9 Loading...

	ninecasino.com/assets/main.a5157e267787bd7666a5.js	ScriptElement	7.2 kB	2024-08-25	2024-09-20
Pretty URL ninecasino.com/assets/main.a5157e267787bd7666a5.js IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-25 20:00 Last Seen2024-09-20 20:13 Times Seen24 Hash 950dd2e96fb2da4bc3bd7dcf28ab774d f1ff7b0a66ba4d45837b170208d4624691aa2757 ca8cce675d23328e6103ea7af43bcbf0d7c5da1092862b40f535543b104912d7 Loading...

	ninecasino.com/assets/register/build/remoteEntry.js?0.5318734166344883	ScriptElement	8.5 kB	2024-08-30	2024-09-20
Pretty URL ninecasino.com/assets/register/build/remoteEntry.js?0.5318734166344883 IP 104.22.15.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-30 08:29 Last Seen2024-09-20 20:13 Times Seen12 Hash 9cdc1067cf1da4b27deec7eb5840cf40 95353f021c23fbea67916e11781dda2ddc1d623b bd11f422293c684f544f26485c5dcc84685f1703982deae82a4e9e7a8fe1416f Loading...

HTTP Transactions (119)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
404e3e4520c09fcce1358b1a21f6b171
040aa03460f3d7ec6f75cae0bf5a462a4bb9798d
f6fc34acb6b2d60bb37dd5caf92b0988cdd52927d80d1f5e7bc23b7db9e8209a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F6FC34ACB6B2D60BB37DD5CAF92B0988CDD52927D80D1F5E7BC23B7DB9E8209A"
Last-Modified: Sat, 31 Aug 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4124
Expires: Sun, 01 Sep 2024 18:22:57 GMT
Date: Sun, 01 Sep 2024 17:14:13 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9af7a8cd532ef5aaf31ca93238520c04
f072b79c778c47733bbd3377e03f716ecdfc14ea
36e32e96e96ff13975dfb765119ad431a8a3bedc9cdd8f16bbe7460664ee177c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "36E32E96E96FF13975DFB765119AD431A8A3BEDC9CDD8F16BBE7460664EE177C"
Last-Modified: Sat, 31 Aug 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6061
Expires: Sun, 01 Sep 2024 18:55:14 GMT
Date: Sun, 01 Sep 2024 17:14:13 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a69a40edecaf5262aa4492b7259eb1dd
8241174bc1b8840baf20b3ce2950114dbb539871
a89a6e1e8de96ae61eb24e9a672d112a1b8f8f28f583a5335bc744a6b43fc7ac

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A89A6E1E8DE96AE61EB24E9A672D112A1B8F8F28F583A5335BC744A6B43FC7AC"
Last-Modified: Sat, 31 Aug 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9781
Expires: Sun, 01 Sep 2024 19:57:14 GMT
Date: Sun, 01 Sep 2024 17:14:13 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9d2c063731a46a7e1548540195080de0
dd1924ebf7697509a10f3f07604f28f96b4fc498
0d414ed4850119c53fae9ddd19ee1dd95783fd08f7389c3e8ec95215023e298e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0D414ED4850119C53FAE9DDD19EE1DD95783FD08F7389C3E8EC95215023E298E"
Last-Modified: Sat, 31 Aug 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11376
Expires: Sun, 01 Sep 2024 20:23:49 GMT
Date: Sun, 01 Sep 2024 17:14:13 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cd37924483feac1aaf87d9d4690d3012
39af530103b62e55a6ecd351f3331c149588d165
e586b571db73e49ee15b7a46cba8fda10272fe6e0cce8cdca867670569545151

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E586B571DB73E49EE15B7A46CBA8FDA10272FE6E0CCE8CDCA867670569545151"
Last-Modified: Sat, 31 Aug 2024 16:36:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7530
Expires: Sun, 01 Sep 2024 19:19:44 GMT
Date: Sun, 01 Sep 2024 17:14:14 GMT
Connection: keep-alive

www.ontrklnk.com/visit/?bta=47096&nci=5661&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&qlt=true&utm_campaign=sms

35.234.86.61

302 Moved Temporarily

3 B

URL User Request GET HTTP/1.1
www.ontrklnk.com/visit/?bta=47096&nci=5661&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&qlt=true&utm_campaign=sms
IP
35.234.86.61:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjecttrack.chillipartners.com
FingerprintBB:A5:0B:7D:77:8F:15:D9:B8:70:AD:EE:BB:B1:C3:1A:DD:59:1D:9D
ValiditySat, 24 Aug 2024 03:02:48 GMT - Fri, 22 Nov 2024 03:02:47 GMT

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
43e819cfbef2c8fc69c227513504087b
3ea645da8b9c23cfcf4e75e45b2ea79c5ec89c4a
82985617ce795510ad965737efe6b5a76411b26a6d7453ff4ba680e856377bc8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /visit/?bta=47096&nci=5661&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&qlt=true&utm_campaign=sms HTTP/1.1
Host: www.ontrklnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: rhino-core-shield
Date: Sun, 01 Sep 2024 17:14:14 GMT
Content-Type: application/octet-stream
Content-Length: 3
Connection: keep-alive
Set-cookie: ninecasino-v=1738133; Max-Age=2678400; Path=/; Expires=Wed, 02 Oct 2024 17:14:14 GMT; HttpOnly
expires: 0
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
surrogate-control: no-store
location: https://gocasinonine.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
referer: 
X-Cache-Status: MISS
access-control-allow-origin: *, *

ninecasino.com/dot.png

104.22.15.198

200 OK

34 B

URL GET HTTP/2
ninecasino.com/dot.png
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
RIFF (little-endian) data, Web/P image
Size
34 B (34 bytes)
Hash
a65c84bc93182dcacb41776f2bd764f5
268bf9ab04e18012afee8b16c23f548fd958a158
b0ff5420a87b7117d944273dafe43684066c6cae95533df2fbada29cf1523a9f

HTTP Headers

GET /dot.png HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: image/webp
content-length: 34
cache-control: public, max-age=300
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=103
content-disposition: inline; filename="dot.webp"
etag: W/"67-191a1fb2e43"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e5444cf11c0e-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13a0b3087b2cdad637a1530765944caf
1fe7d53d5307b28b9ba805e7098345075d5172c6
2bca0d22640349c90aed454e1baead9cbc2e597f6279cd29c5d88571b77183e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Sep 2024 17:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13a0b3087b2cdad637a1530765944caf
1fe7d53d5307b28b9ba805e7098345075d5172c6
2bca0d22640349c90aed454e1baead9cbc2e597f6279cd29c5d88571b77183e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Sep 2024 17:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd0cba0be026b652bbffe7b1677f7a50
14e043560f93c989426b59a5ce88ba1758ef3d1f
ec79b16ec123b0034a02b557ad26892d404fcd5c573f516ead9bcc3f585702b9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Sep 2024 17:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ninecasino.com/modernizr.client.js

104.22.15.198

200 OK

35 kB

URL GET HTTP/2
ninecasino.com/modernizr.client.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (3113), with no line terminators
Size
35 kB (34570 bytes)
Hash
1678465ae15de0becdbb6561ff5f7d51
3b74f38ceb5581dbc96c43e9a337edfd1fe30062
2da6803cc279755f9e3ff96bd7f52cb0095d434f3d30f86e01e11eddf017a642

HTTP Headers

GET /modernizr.client.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=300
cf-bgj: minify
cf-polished: origSize=3116
etag: W/"c2c-191a1fb2e47"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5444cef1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd0cba0be026b652bbffe7b1677f7a50
14e043560f93c989426b59a5ce88ba1758ef3d1f
ec79b16ec123b0034a02b557ad26892d404fcd5c573f516ead9bcc3f585702b9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Sep 2024 17:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ninecasino.com/assets/style.77652cdf.css

104.22.15.198

200 OK

45 kB

URL GET HTTP/2
ninecasino.com/assets/style.77652cdf.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (58447), with no line terminators
Size
45 kB (45185 bytes)
Hash
c834ca80881d7e7873a0a63d88bb6c0c
3e7b4dae1018e20bc7a45761359b4760923f8abb
b388586291b148902f6d023dc1465fe053937e2d4e552e8aeb20dec98d5cac61

HTTP Headers

GET /assets/style.77652cdf.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=58456
etag: W/"e458-191a1fb2d3f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 1237
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5443cdb1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.264dee95242ff64d9d2d.js

104.22.15.198

200 OK

20 kB

URL GET HTTP/2
ninecasino.com/assets/main.264dee95242ff64d9d2d.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (52090), with no line terminators
Size
20 kB (19451 bytes)
Hash
7bd2331563f33b9a71c9f290789895a6
ab8834f41245150cf06652e298f9fd5e157df092
21ab2c5d2edadab70a7fef97d28f9519061c8807e322b69e8338460f6485a13a

HTTP Headers

GET /assets/main.264dee95242ff64d9d2d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"cb7a-191a1fb2d13"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 28404
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af421c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a51a261c185bcd604611cfbb67096dfa
d366e8bb22f89140c9047da6a42524d46a7565f2
64d3d00cda2b2ce31fdd3faca82b82b95ef30efe31ce921e06270971b0826397

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "64D3D00CDA2B2CE31FDD3FACA82B82B95EF30EFE31CE921E06270971B0826397"
Last-Modified: Fri, 30 Aug 2024 07:40:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3138
Expires: Sun, 01 Sep 2024 18:06:33 GMT
Date: Sun, 01 Sep 2024 17:14:15 GMT
Connection: keep-alive

ninecasino.com/cdn-cgi/rum?

104.22.15.198

204 No Content

0 B

URL POST HTTP/2
ninecasino.com/cdn-cgi/rum?
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1250
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 01 Sep 2024 17:14:15 GMT
access-control-allow-origin: https://ninecasino.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8bc6e547db091c0e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0

176.9.53.66

200 OK

2 B

URL POST HTTP/1.1
sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0
IP
176.9.53.66:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectsentry.marfa-tech.net
FingerprintB3:7B:12:1F:CA:B6:F4:E1:D9:99:68:84:D2:1C:CA:6A:1E:6B:C0:94
ValiditySun, 25 Aug 2024 06:18:00 GMT - Sat, 23 Nov 2024 06:17:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0 HTTP/1.1
Host: sentry.marfa-tech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 458
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Sun, 01 Sep 2024 17:14:15 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
vary: origin, access-control-request-method, access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin

ninecasino.com/assets/main.b8c501117d3e484cbe43.js

104.22.15.198

200 OK

724 B

URL GET HTTP/2
ninecasino.com/assets/main.b8c501117d3e484cbe43.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1061), with no line terminators
Size
724 B (724 bytes)
Hash
0348ea269a471c55858cbcbec765939e
85e9c6078d919caf47c4fe7dbf033127095bb40d
f5bcfdfe8f36f451e0b0624a14414fdd88448e0fb7d754859ae32a05e78392f2

HTTP Headers

GET /assets/main.b8c501117d3e484cbe43.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"425-191a1fb2d27"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 15429
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e546d93c1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0

176.9.53.66

200 OK

2 B

URL POST HTTP/1.1
sentry.marfa-tech.net/api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0
IP
176.9.53.66:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectsentry.marfa-tech.net
FingerprintB3:7B:12:1F:CA:B6:F4:E1:D9:99:68:84:D2:1C:CA:6A:1E:6B:C0:94
ValiditySun, 25 Aug 2024 06:18:00 GMT - Sat, 23 Nov 2024 06:17:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/11/envelope/?sentry_key=204271b68b8b41c6b6ff8453b0fa31ae&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.73.0 HTTP/1.1
Host: sentry.marfa-tech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 459
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Sun, 01 Sep 2024 17:14:15 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
vary: origin, access-control-request-method, access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0168428bb5ce98881397607e957a8900
b6f2f9c69872023a1b0a13c010baf1bc5a22606c
5c52fde3215825de11768c3fc2bf32090a2e1f80bb3cf7b7373d13ceaf8f1e8b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C52FDE3215825DE11768C3FC2BF32090A2E1F80BB3CF7B7373D13CEAF8F1E8B"
Last-Modified: Sat, 31 Aug 2024 03:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5821
Expires: Sun, 01 Sep 2024 18:51:16 GMT
Date: Sun, 01 Sep 2024 17:14:15 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0168428bb5ce98881397607e957a8900
b6f2f9c69872023a1b0a13c010baf1bc5a22606c
5c52fde3215825de11768c3fc2bf32090a2e1f80bb3cf7b7373d13ceaf8f1e8b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C52FDE3215825DE11768C3FC2BF32090A2E1F80BB3CF7B7373D13CEAF8F1E8B"
Last-Modified: Sat, 31 Aug 2024 03:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5821
Expires: Sun, 01 Sep 2024 18:51:16 GMT
Date: Sun, 01 Sep 2024 17:14:15 GMT
Connection: keep-alive

ninecasino.com/api/setCookie

104.22.15.198

200 OK

0 B

URL POST HTTP/2
ninecasino.com/api/setCookie
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/setCookie HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 27
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-length: 0
x-powered-by: Express
set-cookie: isPwa=false; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 23:03:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6e5488bef1c0e-OSL
X-Firefox-Spdy: h2

bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino

142.132.243.105

204 No Content

0 B

URL OPTIONS HTTP/2
bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino
IP
142.132.243.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectbi-metrics.aramuz.net
Fingerprint80:DC:10:E7:9F:B2:EA:24:EC:6F:1D:A7:2D:3D:E9:99:2E:D4:B1:DB
ValidityFri, 26 Jul 2024 10:46:45 GMT - Thu, 24 Oct 2024 10:46:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /topics/aramuz_fe_ninecasino HTTP/1.1
Host: bi-metrics.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 01 Sep 2024 17:14:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://ninecasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en

104.22.34.217

200 OK

0 B

URL OPTIONS HTTP/2
aramuz.net/frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAajkSyr5r1YF; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:15 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e548bf84997e-CPH
X-Firefox-Spdy: h2

ninecasino.com/assets/main.631ba3a707709718195b.js

104.22.15.198

200 OK

596 B

URL GET HTTP/2
ninecasino.com/assets/main.631ba3a707709718195b.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (912), with no line terminators
Size
596 B (596 bytes)
Hash
5f2f0a8c8d901c158b35b56fad692112
ddc43ee8f90a72058c2e063cc2c636e7b44256d2
e7ff792a8856d81f691fad61e5762f061daaee091441ff85cf0a4e07aee54069

HTTP Headers

GET /assets/main.631ba3a707709718195b.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"390-191a1fb2d1b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54739f71c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/cms/page?url=welcome-offer&locale=en

104.22.34.217

200 OK

0 B

URL GET HTTP/2
aramuz.net/frontapi/ninecasino/cms/page?url=welcome-offer&locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/cms/page?url=welcome-offer&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAajkSyr5r1YF; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:15 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e548bf92997e-CPH
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cd17cb634dff900a1abd17dd730b0151
1c8c3d220db108bce3fa89adf307e60dedb6d1f8
258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779"
Last-Modified: Sat, 31 Aug 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13319
Expires: Sun, 01 Sep 2024 20:56:14 GMT
Date: Sun, 01 Sep 2024 17:14:15 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cd17cb634dff900a1abd17dd730b0151
1c8c3d220db108bce3fa89adf307e60dedb6d1f8
258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779"
Last-Modified: Sat, 31 Aug 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13319
Expires: Sun, 01 Sep 2024 20:56:14 GMT
Date: Sun, 01 Sep 2024 17:14:15 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cd17cb634dff900a1abd17dd730b0151
1c8c3d220db108bce3fa89adf307e60dedb6d1f8
258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779"
Last-Modified: Sat, 31 Aug 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13319
Expires: Sun, 01 Sep 2024 20:56:14 GMT
Date: Sun, 01 Sep 2024 17:14:15 GMT
Connection: keep-alive

ninecasino.com/assets/main.afc9229a99f8eb10fbba.js

104.22.15.198

200 OK

1.9 kB

URL GET HTTP/2
ninecasino.com/assets/main.afc9229a99f8eb10fbba.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (7140), with no line terminators
Size
1.9 kB (1882 bytes)
Hash
3528b613d4ba4e7d24f56c5063451727
1541b28405bc424fbaf92f46175a8e61c3ecad19
f125f218f1e29432aee8eb29eddc3fdff4ff8c5e6480c412775f0558b6fedddd

HTTP Headers

GET /assets/main.afc9229a99f8eb10fbba.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"1be4-191a1fb2d27"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54739f31c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cd17cb634dff900a1abd17dd730b0151
1c8c3d220db108bce3fa89adf307e60dedb6d1f8
258b4750ae88b4ec55c156020ceae77b64bc5042990ac9502780b59faa8f3779

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "258B4750AE88B4EC55C156020CEAE77B64BC5042990AC9502780B59FAA8F3779"
Last-Modified: Sat, 31 Aug 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13319
Expires: Sun, 01 Sep 2024 20:56:14 GMT
Date: Sun, 01 Sep 2024 17:14:15 GMT
Connection: keep-alive

ninecasino.com/assets/main.85202ea707482059d629.js

104.22.15.198

200 OK

18 kB

URL GET HTTP/2
ninecasino.com/assets/main.85202ea707482059d629.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (54450), with no line terminators
Size
18 kB (18005 bytes)
Hash
059563db679f065356498d2b4a1e8fa4
82baae7aedc42ad12e6669cc2e596e52bb7830fe
87f74d9faeccf4089df64c2b260d6a8fd2b4fe03b1cd80b3a726d441fd84fd0a

HTTP Headers

GET /assets/main.85202ea707482059d629.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"d4b2-191a1fb2d1f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10250
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af2a1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.0dcef775.css

104.22.15.198

200 OK

302 B

URL GET HTTP/2
ninecasino.com/assets/style.0dcef775.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (666), with no line terminators
Size
302 B (302 bytes)
Hash
287c90958c387882e88bd1564b4fe9d7
10d8d761dc19b58e072c6092d9432e35d8838d04
a2a943042375986feb907965f0d7dbb285759926ca2c468650d1c3d25c7568a8

HTTP Headers

GET /assets/style.0dcef775.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"29a-191a1fb2d33"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e548fcb91c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.c00c1953b33850002460.js

104.22.15.198

200 OK

890 B

URL GET HTTP/2
ninecasino.com/assets/main.c00c1953b33850002460.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (592), with no line terminators
Size
890 B (890 bytes)
Hash
7786d22719e865ddbe03d83d61d3f7c3
2a62c906bc855ce93e0f4a1f781ab256f7ff364a
ac4534d729d5c6313279e6a8064c0ea79b8e6e91da032990b177f0db58ffaa3e

HTTP Headers

GET /assets/main.c00c1953b33850002460.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"250-191a1fb2d27"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5488be41c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.d220d85a.css

104.22.15.198

200 OK

11 kB

URL GET HTTP/2
ninecasino.com/assets/style.d220d85a.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (2980), with no line terminators
Size
11 kB (11165 bytes)
Hash
43408de228897cb2889235f4f15812f7
82f61a4791f6a01d9c950aecf4d16e27363da704
e77a8c5e868ab4e6da37789ccd060aec96bf64f6d6d76e216a2a41491861ff8a

HTTP Headers

GET /assets/style.d220d85a.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"ba4-191a1fb2d43"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10072
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5443ce11c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/api/updateUGID

104.22.15.198

200 OK

33 kB

URL POST HTTP/2
ninecasino.com/api/updateUGID
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with no line terminators
Size
33 kB (33118 bytes)
Hash
4d0a6158419f8479f35cccf84600650f
9f40b71e371a6d94bb87338a1c88f75d558ebb1c
47007b4d04fcf0e08ac92fe157280fbb10a75917743d10141e5ce59ae8bb3521

HTTP Headers

POST /api/updateUGID HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 37
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6e54a4e791c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/feedback?locale=en

104.22.34.217

200 OK

71 B

URL OPTIONS HTTP/2
aramuz.net/frontapi/ninecasino/feedback?locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
JSON text data
Size
71 B (71 bytes)
Hash
8b5cdb3fef7e05c3f7dc184fe1712f29
6ae96a9e40d546a841684f86ce0b3623af12a1bb
2033b5856217d01865830200128bdedef402cb660bf5ee16bfd6bf6b584464b9

HTTP Headers

GET /frontapi/ninecasino/feedback?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Visitor-Uuid: b0a32549-ac49-4380-ab24-d40557b00066
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAauT7zeuLcom; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:16 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e549f8df997e-CPH
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en

104.22.34.217

200 OK

18 kB

URL OPTIONS HTTP/2
aramuz.net/frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
gzip compressed data, from Unix
Size
18 kB (18535 bytes)
Hash
3f252f8528e768c8b7d23f86b6d83e0d
e0ca127d1d092c41ce64f31480c89df747411e18
53c5475d943af2f1869349df1d42f0b787bbfc54c0c9513d19616fd88ad24682

HTTP Headers

GET /frontapi/ninecasino/footerPaymentMethodList?country=NO&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Visitor-Uuid: b0a32549-ac49-4380-ab24-d40557b00066
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAajkSyr5r1YF; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:16 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e549a893997e-CPH
X-Firefox-Spdy: h2

gocasinonine.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms

104.21.96.44

302 Found

38 kB

URL User Request GET HTTP/2
gocasinonine.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
IP
104.21.96.44:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgocasinonine.com
Fingerprint97:58:87:C8:1F:4B:BC:86:21:0F:D6:96:16:64:30:48:90:74:7F:98
ValidityMon, 08 Jul 2024 16:29:31 GMT - Sun, 06 Oct 2024 16:29:30 GMT

File type
data
Size
38 kB (37691 bytes)
Hash
ff700e98a0b2683fad83e43481b4b672
7945a2679b6997dea90b4b7d231867043cec7d31
6614e8c195156748972c12b9871590beadeaaed60b59142d3300da8e934a1f45

HTTP Headers

GET /landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms HTTP/1.1
Host: gocasinonine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 01 Sep 2024 17:14:14 GMT
content-type: text/html; charset=UTF-8
location: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms&rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiI0NzA5Nl8xNzM4MTMzX3xhZnAxOnRya2JSVjV0elFvYndJRlJ2TGVMRHpYeUd4UnRya3xhZnAxMDpzbXMiLCJhZnAxIjoidHJrYlJWNXR6UW9id0lGUnZMZUxEelh5R3hSdHJrIiwiYWZwMTAiOiJzbXMiLCJidGEiOiI0NzA5NiIsIm5jaSI6IjU2NjEiLCJxbHQiOiJ0cnVlIiwidXRtX2NhbXBhaWduIjoic21zIiwicm90YXRvcklkIjoiODZjZjY0ZGYwOWJkNjA3NDdkN2ZiY2M1MDllYTFjZDg0ZWNiZjg4ZGE3MTk4ZWJhNTc0NzU0MTI5MmE0NjJhMyIsInJvdGF0b3JSb3V0ZXIiOiJnb2Nhc2lub25pbmUuY29tIn0%253D
cache-control: no-cache, private
set-cookie: rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; expires=Mon, 01 Sep 2025 17:14:14 GMT; Max-Age=31536000; path=/; secure; httponly; samesite=lax
access-control-expose-headers: x-meta-count
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EN6t20OCHjc7zq8ljf7d9QF3Z%2BxHVi0HhtpsbuxntdXFhSE3OnFH6sdl9C0M2JYojVid9x8Cq3u%2BfktClS74P%2F3yzBfni9TuEb5a3V2uzoYA5J%2B9HFCxj8dajttqfydyZgZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bc6e53efc021c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/cms/page?url=welcome-offer&locale=en

104.22.34.217

200 OK

1.1 kB

URL GET HTTP/2
aramuz.net/frontapi/ninecasino/cms/page?url=welcome-offer&locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
JSON text data
Size
1.1 kB (1101 bytes)
Hash
6aa1de98e4675886acf10949e3af0387
c3de1352b1dcb7dca79757d9e6a4168f928ac7cb
852c864cd8169549cb3d2c1f561c3f1c2370ee080385f7ad12f90fa6890d907d

HTTP Headers

GET /frontapi/ninecasino/cms/page?url=welcome-offer&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Visitor-Uuid: b0a32549-ac49-4380-ab24-d40557b00066
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAajkSyr5r1YF; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:16 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e549b8a9997e-CPH
X-Firefox-Spdy: h2

ninecasino.com/assets/cms_bo/build/remoteEntry.js?0.6831988887588578

104.22.15.198

200 OK

1.7 kB

URL GET HTTP/2
ninecasino.com/assets/cms_bo/build/remoteEntry.js?0.6831988887588578
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (3348), with no line terminators
Size
1.7 kB (1711 bytes)
Hash
ff12b2cdfbc86f69226aabaccb617688
3f7035fc3afe72ee2433404b8b4c15954ef8c792
eb4df4d68c9ab19c3d549b7eff666b13a003ca27e17297fe3073da16c79fcba4

HTTP Headers

GET /assets/cms_bo/build/remoteEntry.js?0.6831988887588578 HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript
x-powered-by: Express
etag: W/"66d0758d-d14"
last-modified: Thu, 29 Aug 2024 13:20:13 GMT
cache-control: public, max-age=300
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54aef3f1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.fa82552e3763c284c997.js

104.22.15.198

200 OK

4.1 kB

URL GET HTTP/2
ninecasino.com/assets/main.fa82552e3763c284c997.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1889), with no line terminators
Size
4.1 kB (4127 bytes)
Hash
7a34b69319c63a8fdbcddd16321f26f3
d3d8b9f54e636fbac1f1bdf9a0ddd07d5bc00729
0a042a7627dbe9721cec7c8aa5be7f0cecaa7931706de9de346ebcaa3eea8654

HTTP Headers

GET /assets/main.fa82552e3763c284c997.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"761-191a1fb2d33"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e547fb411c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino

142.132.243.105

204 No Content

48 B

URL OPTIONS HTTP/2
bi-metrics.aramuz.net/topics/aramuz_fe_ninecasino
IP
142.132.243.105:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectbi-metrics.aramuz.net
Fingerprint80:DC:10:E7:9F:B2:EA:24:EC:6F:1D:A7:2D:3D:E9:99:2E:D4:B1:DB
ValidityFri, 26 Jul 2024 10:46:45 GMT - Thu, 24 Oct 2024 10:46:44 GMT

File type
JSON text data
Size
48 B (48 bytes)
Hash
4231c89097f5b0e9a8a4bd87fbb0e3a4
11b10ac65a8cabe504488a8b34ca4a11335ddcf9
ffecf0be6933ec6aec80b4482170c227faabdd00319e5ad78d1cfabec0410fb5

HTTP Headers

POST /topics/aramuz_fe_ninecasino HTTP/1.1
Host: bi-metrics.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ninecasino.com/
Content-Type: application/vnd.kafka.json.v2+json
Authorization: Basic dWk6d0t2NzJCcThpWDBIbkhXbWphcGdQbEhx
Content-Length: 405
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/vnd.kafka.v2+json
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://ninecasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
X-Firefox-Spdy: h2

ninecasino.com/assets/main.02d0a2625838efc0b6e7.js

104.22.15.198

200 OK

1.4 kB

URL GET HTTP/2
ninecasino.com/assets/main.02d0a2625838efc0b6e7.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (1382), with no line terminators
Size
1.4 kB (1390 bytes)
Hash
eebcebf8d2707c2b5f2a476047959eb0
94400a7a56eccb155055da13046717b1d38e7540
0f0a5532179aa2e7ac1fa388d47eced72850cabcddd15354c3780dbef5e30c91

HTTP Headers

GET /assets/main.02d0a2625838efc0b6e7.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"566-191a1fb2d0f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5488be61c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/api/setCookie

104.22.15.198

200 OK

0 B

URL POST HTTP/2
ninecasino.com/api/setCookie
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/setCookie HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 26
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false; UGID=805709014697002508
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-length: 0
x-powered-by: Express
set-cookie: width=1280; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 23:03:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6e54be89f1c0e-OSL
X-Firefox-Spdy: h2

ninecasino.com/assets/main.979d7e4cd6639d976a81.js

104.22.15.198

200 OK

1.4 kB

URL GET HTTP/2
ninecasino.com/assets/main.979d7e4cd6639d976a81.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (3409), with no line terminators
Size
1.4 kB (1441 bytes)
Hash
6c402027e59b9f2f9ca129264a5cc8c8
25d02e518c5566e9eed1c8de3433d5ca65dc0af0
f0f081eced17ce1f6257c0bedc720a78e003b12fc7f94efa402783d54ebd2301

HTTP Headers

GET /assets/main.979d7e4cd6639d976a81.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"d51-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 4927
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5490cc81c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/geoInfo?cxd=47096_1738133_%7Cafp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10:sms&mobile=0&affiliate=1&locale=en

104.22.34.217

200 OK

0 B

URL OPTIONS HTTP/2
aramuz.net/frontapi/ninecasino/geoInfo?cxd=47096_1738133_%7Cafp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10:sms&mobile=0&affiliate=1&locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/geoInfo?cxd=47096_1738133_%7Cafp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10:sms&mobile=0&affiliate=1&locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid,x-user-origin
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAauT7zeuLcom; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:16 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e54bfb13997e-CPH
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en

104.22.34.217

200 OK

0 B

URL POST HTTP/2
aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/analyticsEvent?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAauT7zeuLcom; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:16 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e54c0b1f997e-CPH
X-Firefox-Spdy: h2

ninecasino.com/assets/cms_bo/assets/chunks/113.chunk.js

104.22.15.198

200 OK

5.2 MB

URL GET HTTP/2
ninecasino.com/assets/cms_bo/assets/chunks/113.chunk.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (65469)
Size
5.2 MB (5227284 bytes)
Hash
46c4449df344fead6197bd73839b21b4
bbe8b9b472050cd2abf1822294b370e896f6c674
90d7fc1d09aaefc48ff99210d85e74ccf500c06c3a5cf6f3b907f4f1c74d990b

HTTP Headers

GET /assets/cms_bo/assets/chunks/113.chunk.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false; UGID=805709014697002508
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-length: 5227284
x-powered-by: Express
cache-control: public, max-age=31536000
last-modified: Mon, 27 May 2024 12:17:38 GMT
cf-cache-status: HIT
age: 4518269
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54be8a71c0e-OSL
X-Firefox-Spdy: h2

cdn.aramuz.net/images/file/uploads/236540010414549037.png

104.22.34.217

200 OK

32 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/236540010414549037.png
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 500 x 200, 8-bit/color RGBA, non-interlaced
Size
32 kB (31965 bytes)
Hash
4ac7ab994f738297011207fc326b19eb
8431b900d559c6187890969eb914a3195c20cb1c
6e1d7a51e100e54e7b90df8381c3a12e0893667fdea2aeba8a53be2cb3cd8153

HTTP Headers

GET /images/file/uploads/236540010414549037.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/png
content-length: 31965
cf-bgj: imgq:85,h2pri
cf-polished: origSize=36212, status=vary_header_present
etag: "f7791973c9aee9cbb7f6c98293a405b1"
last-modified: Tue, 17 Oct 2023 13:43:36 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-id: lgZkhGT-VvLoY-k-KuNDbweGoTgTNN7dnQsI5ddMLEtI0mx-JptK-g==
x-amz-cf-pop: CPH50-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 6628
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e5521acd8f57-CPH
X-Firefox-Spdy: h2

ninecasino.com/assets/style.e7c8a118.css

104.22.15.198

200 OK

12 kB

URL GET HTTP/2
ninecasino.com/assets/style.e7c8a118.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (563), with no line terminators
Size
12 kB (12482 bytes)
Hash
2596641988fcc25d2a36eca9ddd7d25d
bbd9c86f011c5bc231d59b8c64efd8ed87ed2273
23bf56e6ec5bc7d86d8353e32898d586c3b1a4666e2bc337d60ab325930bec57

HTTP Headers

GET /assets/style.e7c8a118.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"233-191a1fb2d47"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 9694
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5490cc31c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.131

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 22:25:10 GMT
expires: Fri, 29 Aug 2025 22:25:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 240547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.aramuz.net/images/file/uploads/122057468840600363.png

104.22.34.217

200 OK

2.8 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/122057468840600363.png
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 403 x 80, 8-bit colormap, non-interlaced
Size
2.8 kB (2832 bytes)
Hash
c74fb041d62761c2a793825ce1f20fdb
4c57f0b8fdfc585bcfbc08436b8b248269aa0330
9529a9cc0c10f700a08089f54694aee1ba4a9009b604634f23ce11f799b0be5f

HTTP Headers

GET /images/file/uploads/122057468840600363.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/png
content-length: 2832
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2982, status=vary_header_present
etag: "facf2ca5f6fe5349eb2fa755cbfd927f"
last-modified: Fri, 06 Oct 2023 13:46:03 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 d6095b4d9fa82f5d25465246e397ad4e.cloudfront.net (CloudFront)
x-amz-cf-id: OhUA3vDNscQuWI6ny75Xz5oDvti4_ljvH1nGD2OtQ-uWUCphFOJN0g==
x-amz-cf-pop: HEL51-P1
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 6628
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e5523b228f57-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/file/uploads/847807566006253247.png

104.22.34.217

200 OK

78 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/847807566006253247.png
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 580 x 800, 8-bit colormap, non-interlaced
Size
78 kB (78285 bytes)
Hash
365275576ed6c9ada5f34d65ba3f424a
35b33d536ab020a6ebd29fe214995ffdc42e14a4
662e64477eff0906f89863abf6b71a5d82e03c0acaacc752281b88b32a2aac8f

HTTP Headers

GET /images/file/uploads/847807566006253247.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/png
content-length: 78285
cf-bgj: imgq:85,h2pri
cf-polished: origSize=82447, status=vary_header_present
etag: "882ae37922ed3a2eaabe76f5dfb0051a"
last-modified: Fri, 06 Oct 2023 14:05:43 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 a4d1081d5075bd9587a6e3981d5f5592.cloudfront.net (CloudFront)
x-amz-cf-id: ghAY7Z0BVvMVR0TkMLCBAApOYfsA8J1YaSER9VRAY07RRyCIQ3Aycw==
x-amz-cf-pop: CPH50-C2
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 6628
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e5523b148f57-CPH
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/958e8340f858e7b75874.js

104.22.15.198

200 OK

83 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/958e8340f858e7b75874.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (875), with no line terminators
Size
83 kB (82697 bytes)
Hash
e08cef48ae1dbd116aae14400b2d077a
7f84c01110b0eaac53e66a4015f2ead70647898f
e7171e7c0a2dc767d95a55f7fba2b5d26b7b263928054aaecd0fbac234593049

HTTP Headers

GET /assets/register/build/958e8340f858e7b75874.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false; UGID=805709014697002508
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
x-powered-by: Express
etag: W/"66bf1e86-36b"
last-modified: Fri, 16 Aug 2024 09:40:22 GMT
cf-cache-status: HIT
age: 1408839
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54bc86f1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.131

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint83:B4:3A:CF:52:DA:10:B6:EA:48:49:6C:BD:57:5C:44:4E:10:A8:97
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Aug 2024 22:25:10 GMT
expires: Fri, 29 Aug 2025 22:25:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 240547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.aramuz.net/images/file/uploads/293497565996856991.png

104.22.34.217

200 OK

473 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/293497565996856991.png
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 1920 x 800, 8-bit colormap, non-interlaced
Size
473 kB (473015 bytes)
Hash
34f54aeafe691ec3ea2f660be90a31dc
f4dee5f4a6c929fdf005b91550d2f3225cae0f29
2ee9d4b9749dbe3bdd284baacb80a8e5008b38a073bfc563a6bf8d7302ccaded

HTTP Headers

GET /images/file/uploads/293497565996856991.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/png
content-length: 473015
cf-bgj: imgq:85,h2pri
cf-polished: origSize=539226, status=vary_header_present
etag: "e2d8a96350c88dbb76710f56420863f9"
last-modified: Fri, 06 Oct 2023 13:48:16 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 189195040524c10f245e98f5f10485e0.cloudfront.net (CloudFront)
x-amz-cf-id: uJY9V9SzYlcNg7nhbrZEuF9QdZAHWb7bSdw5SZDeY_g079dqhDhfWQ==
x-amz-cf-pop: CPH50-C2
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 6628
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e5522b058f57-CPH
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en

104.22.34.217

200 OK

0 B

URL POST HTTP/2
aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/analyticsEvent?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:20 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAbaFp3tBK3sq; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:20 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e5662969997e-CPH
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en

104.22.34.217

200 OK

0 B

URL POST HTTP/2
aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/analyticsEvent?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:20 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAbaFp3tBK3sq; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:20 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e5670a31997e-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Paysafecard.svg

104.22.34.217

200 OK

7.9 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Paysafecard.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
7.9 kB (7943 bytes)
Hash
1e4822cf726cab748cd792a94c34f80c
75d28ff9094453c380949e4a39a6a823d3d1f703
cfeb59586f48cc505355cb6b835b2c7f905ebe1a5374590247930660dcfa0470

HTTP Headers

GET /images/footer-payment-methods/Paysafecard.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:51 GMT
etag: W/"1e4822cf726cab748cd792a94c34f80c"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 169057b8db0fb379ccba5daa74680acc.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: hkvT52dZLnEPh8mY17K3Kj4bSQSN38pA8SDZZWF1Xmup5ms1tn0lMQ==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 6931
server: cloudflare
cf-ray: 8bc6e553ede18f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en

104.22.34.217

200 OK

6.3 kB

URL POST HTTP/2
aramuz.net/frontapi/ninecasino/analyticsEvent?locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
gzip compressed data, from Unix
Size
6.3 kB (6323 bytes)
Hash
e45b9739a7a72767372b2776a8a465c2
cd1d2a08c706efbdc266e8eeaa8a803520fb24a8
b8aff4c7208a447290bcaf2f44f6348c049f4d7f4ce24fdd06e81a7ba44e0903

HTTP Headers

POST /frontapi/ninecasino/analyticsEvent?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Visitor-Uuid: b0a32549-ac49-4380-ab24-d40557b00066
Content-Length: 1588
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:20 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAbaFp3tBK3sq; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:20 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e56699c4997e-CPH
X-Firefox-Spdy: h2

ninecasino.com/assets/main.5d4fb4ed3bcd9187e0cf.js

104.22.15.198

200 OK

1.6 kB

URL GET HTTP/2
ninecasino.com/assets/main.5d4fb4ed3bcd9187e0cf.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1673), with no line terminators
Size
1.6 kB (1645 bytes)
Hash
4f8202c24fde9854b9059d2cb429bdef
98c65e0061eab078b8343938c71c8b7756a691b4
233cc3c088595b73aed5c70ca36bf54ff8962c3133fa1e4036cd5315a374f98c

HTTP Headers

GET /assets/main.5d4fb4ed3bcd9187e0cf.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"66d-191a1fb2d1b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 15279
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5485bbd1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/currencyList?locale=en

104.22.34.217

200 OK

195 B

URL GET HTTP/2
aramuz.net/frontapi/ninecasino/currencyList?locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
195 B (195 bytes)
Hash
2e61fcf251cf419416f9a0ac916e94d5
24f127bfb3d01ccf810ae9c930715e6d56eb4e41
33735ea3c11b45f4d1888ae7d99ec31e15f87b901406fd9984593e0644848b97

HTTP Headers

GET /frontapi/ninecasino/currencyList?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Visitor-Uuid: b0a32549-ac49-4380-ab24-d40557b00066
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAauT7zeuLcom; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:16 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e549f8e1997e-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Bitcoin.svg

104.22.34.217

200 OK

1.4 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Bitcoin.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1411 bytes)
Hash
60b5e4af66b5ee2b3827a842b4989f21
2c8149cff8a3a88ae5672003d3d11eb2fbe3909a
439593fdddc821b12eead92bfb6def28d79ae1964ed8db1bb8a80d34035fd457

HTTP Headers

GET /images/footer-payment-methods/Bitcoin.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:47 GMT
etag: W/"87ee92e352f02740ef73dd11803f57b0"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 7f622a03884391c882cecf21040073ea.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: NaEmY1j8iEzhYUj_4rbp95gjUYZFZq_abKgwGm1833GmM8J8FgQAFw==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 4847
server: cloudflare
cf-ray: 8bc6e553bd978f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

aramuz.net/frontapi/ninecasino/currencyList?locale=en

104.22.34.217

200 OK

0 B

URL OPTIONS HTTP/2
aramuz.net/frontapi/ninecasino/currencyList?locale=en
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /frontapi/ninecasino/currencyList?locale=en HTTP/1.1
Host: aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: visitor-uuid
Referer: https://ninecasino.com/
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/plain
content-length: 0
access-control-expose-headers: x-meta-count, x-meta-next-page-token, Content-Location, Visitor-Uuid, x-meta-prev-page-token
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, HEAD, POST, PUT, DELETE, PATCH
access-control-allow-headers: Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with, Visitor-Uuid, x-meta-prev-page-token, x-user-origin, x-color-depth, x-language, x-screen-height, x-screen-width, x-time-zone, x-time-zone-offset, x-java-enabled, x-java-script-enabled
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=04dToXVkAecfWGh327S7oDbbJ28dvxAajkSyr5r1YF; SameSite=Lax; path=/; expires=Sun, 01-Sep-24 18:14:15 GMT; HttpOnly
server: cloudflare
cf-ray: 8bc6e549685d997e-CPH
X-Firefox-Spdy: h2

ninecasino.com/assets/main.c8fce02bff3e38f97822.js

104.22.15.198

200 OK

2.7 kB

URL GET HTTP/2
ninecasino.com/assets/main.c8fce02bff3e38f97822.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2701), with no line terminators
Size
2.7 kB (2665 bytes)
Hash
eb7b0e8f84c18c923cc86e4dde9f780a
143aa1f6e3ef65b48e0f49b54922e8fcb967a6ef
93179575726c9b57cecda6775810d8f4b135f59eeae615fd605055bdd62f886b

HTTP Headers

GET /assets/main.c8fce02bff3e38f97822.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"a69-191a1fb2d2b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5493d071c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/1eaacaec941bf850384d.js

104.22.15.198

200 OK

21 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/1eaacaec941bf850384d.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (20998), with no line terminators
Size
21 kB (20998 bytes)
Hash
c43f1f84668dd0d00475caa3b64e2af8
d6d323a7370792e773adf399dc1cf0d0f6b5d5e8
b9768391ff04628c72f0a22ccaf857d69b85eae1fba55fbe0c5c9cb3c537d006

HTTP Headers

GET /assets/register/build/1eaacaec941bf850384d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false; UGID=805709014697002508
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
x-powered-by: Express
etag: W/"66bf1e86-5206"
last-modified: Fri, 16 Aug 2024 09:40:22 GMT
cf-cache-status: HIT
age: 1408765
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54bc8781c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.igrand.pro/backoffice/cms/affiliate_landing/stepThree.svg

104.26.9.58

200 OK

7.4 kB

URL GET HTTP/2
cdn.igrand.pro/backoffice/cms/affiliate_landing/stepThree.svg
IP
104.26.9.58:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectigrand.pro
Fingerprint3D:BB:D8:FD:C4:7D:07:22:A3:58:AD:5F:BA:A4:37:2A:68:CF:16:07
ValidityFri, 16 Aug 2024 05:45:09 GMT - Thu, 14 Nov 2024 05:45:08 GMT

File type
SVG Scalable Vector Graphics image
Size
7.4 kB (7358 bytes)
Hash
34e0c288c154a4bd4586d2de79217f45
ebad2226169d59771237660ecc9d05191f3bdd59
eea355a42ee9aba3ba8933c594ed08692c619e81c9bd9250e4e31aec3ab951b3

HTTP Headers

GET /backoffice/cms/affiliate_landing/stepThree.svg HTTP/1.1
Host: cdn.igrand.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
x-amz-id-2: 0mB2G8kmrLMFW/UXN5Gh9fP4SfaW692MjzOH/VvAJrC0CqvHkjoHD9YqXcnMLeVU28s8/dolSNZNKstP+6ykww==
x-amz-request-id: KZA7HXPXX5HCWXEJ
last-modified: Wed, 24 Jan 2024 20:19:16 GMT
etag: W/"0558c6508defac42c1683d37dd0b0189"
cache-control: max-age=3600
cf-cache-status: HIT
age: 3189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BF7ABhhi35NLHDt0Qd5EkL96z7tNehGcYAXEY2OtXorMaEi6ztbJe%2BECbuuJy0KMQpcPyTBLLlZHrnm49pH7lx03iIpJl%2ByDh7ZCzoUcE7c8jIo26e0f0iwfpMigZEaU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5547d35568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/favicons/apple-touch-icon.png

104.22.15.198

200 OK

2.0 kB

URL GET HTTP/2
ninecasino.com/favicons/apple-touch-icon.png
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.0 kB (2000 bytes)
Hash
fd9deac346dac407f7c5e8551e587688
30d3bcb70cae03bb2352d2b9e4939cc5125bf781
0968e140dcdafcd8d3e8bb6182c94cc8b6a64b6ee3f86e1974a9677b925c30f7

HTTP Headers

GET /favicons/apple-touch-icon.png HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: image/webp
content-length: 2000
cache-control: public, max-age=300
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2169
content-disposition: inline; filename="apple-touch-icon.webp"
etag: W/"879-191a1fb2e43"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e546a8ee1c0e-OSL
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/fc1f2071bc03ec22c5d0.js

104.22.15.198

200 OK

50 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/fc1f2071bc03ec22c5d0.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
50 kB (49633 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/register/build/fc1f2071bc03ec22c5d0.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=49636
x-powered-by: Express
etag: W/"66bb3104-c1e4"
last-modified: Tue, 13 Aug 2024 10:10:12 GMT
cf-cache-status: HIT
age: 1665919
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54b0f5e1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Jeton.svg

104.22.34.217

200 OK

5.5 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Jeton.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
5.5 kB (5525 bytes)
Hash
f8d8a0101ea6580e5fc985ec5da1e96e
440f43b2f80c246dd5253057b81bd8167be684fa
4550b665e7e1dc2d5fbcd458ad1ef509edde39d9a2a512be4fdcb4221456405f

HTTP Headers

GET /images/footer-payment-methods/Jeton.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:38 GMT
etag: W/"89ef9095423785031f93fe7c9b3cdcef"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 c126163fdc452c400ffe65744c8b6612.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: hPHOY_H9ITNtbk8g4UNnvlkx_hasFLfVm8LBhWt_qt4T_0iEErLmJA==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 4847
server: cloudflare
cf-ray: 8bc6e553bd9f8f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.318277b394886d6c3b44.js

104.22.15.198

200 OK

982 B

URL GET HTTP/2
ninecasino.com/assets/main.318277b394886d6c3b44.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (992), with no line terminators
Size
982 B (982 bytes)
Hash
280511a58a259ba8f84769bc1754dd41
dabbaff82d55a1815ac08ae65cf5dfb2bd229715
3216cb59351c23736008fbb80718dd4ca7b91f41526179968c558f983cc870ce

HTTP Headers

GET /assets/main.318277b394886d6c3b44.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"3d6-191a1fb2d13"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 14118
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54739f91c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.2a1d6cf7.css

104.22.15.198

200 OK

122 B

URL GET HTTP/2
ninecasino.com/assets/style.2a1d6cf7.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with no line terminators
Size
122 B (122 bytes)
Hash
350d5660dc216480a4c5539f382966e6
bb3b6aeb26f31d8407bb8980899e7d168a9fe2c0
8ffffed597da1378b7f5e658868d5c764e68b0eb5cf604da2abb49e256cbb05d

HTTP Headers

GET /assets/style.2a1d6cf7.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=124
etag: W/"7c-191a1fb2d37"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 15405
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5443cdf1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/backoffice/cms/affiliate_landing/default_ssl-logo.svg

104.22.34.217

200 OK

13 kB

URL GET HTTP/2
cdn.aramuz.net/backoffice/cms/affiliate_landing/default_ssl-logo.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
13 kB (13150 bytes)
Hash
a693386c72fa6f6940e5d7032e8ab87a
91f19aaf1b180770d813f8ac7b78dc2f530e123e
b20f80874f200b9c2e36ce10f593b173da1d9103656635b164f2b4218fe8979a

HTTP Headers

GET /backoffice/cms/affiliate_landing/default_ssl-logo.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jun 2023 07:55:58 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
etag: W/"a693386c72fa6f6940e5d7032e8ab87a"
vary: accept-encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 3282be13995871d1c682f618f37df606.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: 5m6fUzkNV06DsOVyS9Xzw_E7NwX8Q6ITuocxsc2Up1FSpFf5TsLjsw==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8bc6e5520abb8f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.e11312d9921965c8dc1b.js

104.22.15.198

200 OK

36 kB

URL GET HTTP/2
ninecasino.com/assets/main.e11312d9921965c8dc1b.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (35716), with no line terminators
Size
36 kB (35716 bytes)
Hash
e0169e0a5aa3473c11dcc8f04aa22ea8
b04b034391584611125032d3e1e126ae6c692772
8a9e3d2e212fc19040262b961fd82c69159a92b2e8012dec3ca5f536762ae1c7

HTTP Headers

GET /assets/main.e11312d9921965c8dc1b.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"8b84-191a1fb2d2f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10250
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5444cf31c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.1584e87908484b5d1c11.js

104.22.15.198

200 OK

44 kB

URL GET HTTP/2
ninecasino.com/assets/main.1584e87908484b5d1c11.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (44501), with no line terminators
Size
44 kB (44501 bytes)
Hash
13b29e25e514e3ddbc474ad4d984590c
66238d13831d8f3958c11dfdbb1f4a773b49d575
c1a90fa03284b57f42a66f4d8715fa5ceef1b4485d539b4068603a6c4e6e89eb

HTTP Headers

GET /assets/main.1584e87908484b5d1c11.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=44506
etag: W/"adda-191a1fb2d13"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 15232
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af2d1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.004c9237.css

104.22.15.198

200 OK

59 B

URL GET HTTP/2
ninecasino.com/assets/style.004c9237.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with no line terminators
Size
59 B (59 bytes)
Hash
62233e26d7e00f6dd7e7f4698a180218
dc860bfe1d9c96e7a2bf3eb3a1a9dcd9e3616544
b48d3b5631eb1b3da6275b657d39968ad04f078313c47534b6372785b9a1ce40

HTTP Headers

GET /assets/style.004c9237.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"3b-191a1fb2d33"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 9695
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54a2e3a1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.igrand.pro/backoffice/cms/affiliate_landing/stepOne.svg

104.26.9.58

200 OK

515 B

URL GET HTTP/2
cdn.igrand.pro/backoffice/cms/affiliate_landing/stepOne.svg
IP
104.26.9.58:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectigrand.pro
Fingerprint3D:BB:D8:FD:C4:7D:07:22:A3:58:AD:5F:BA:A4:37:2A:68:CF:16:07
ValidityFri, 16 Aug 2024 05:45:09 GMT - Thu, 14 Nov 2024 05:45:08 GMT

File type
SVG Scalable Vector Graphics image
Size
515 B (515 bytes)
Hash
9173d15aaf77b0405281d491473d5866
0add872cb4383a1e17fbad0fcde7fce2055fe1a6
ffd6f5fbbd1249ffd66513ab1d921f22c3bd03d6d679b59c0d6c0533447973c9

HTTP Headers

GET /backoffice/cms/affiliate_landing/stepOne.svg HTTP/1.1
Host: cdn.igrand.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
x-amz-id-2: sH65ubbO70IxK0aoRuXqpGKvF6Ijy2GS95hcyvBNJe38cMNyM6Om8MwS/qlyapbCiuA2yvqHKS3Nj6M53t1dYo188vSw1gECtmdOQVUTwKI=
x-amz-request-id: D2B3X6EX5FBXSCS9
last-modified: Wed, 24 Jan 2024 20:19:09 GMT
etag: W/"f51c03d0a69fa17c25cb664a04b2f295"
cache-control: max-age=3600
cf-cache-status: HIT
age: 3189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrixBQuVq%2BUImUO5p1TMUZPVP0Y%2FLs6D9oUP0r%2Fbmxg8NLcbv%2BYcJ0dPXfO3solopGkfwi76WomASvTlzDO3%2F9D3vUAH6A19RUPZK6A4eORePy1mn7tQOEiHo5Hb32FX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5547d31568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.68570695.css

104.22.15.198

200 OK

4.2 kB

URL GET HTTP/2
ninecasino.com/assets/style.68570695.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (4224), with no line terminators
Size
4.2 kB (4224 bytes)
Hash
5261950e8f93ff00b3a33cc6f691ec51
219af4f18e644ad9cf030cd8c44545e6512f1e62
e52a42cddd7745d41f07f10a154cfb1c0917d971e657021c045a5961a9c18d76

HTTP Headers

GET /assets/style.68570695.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"1080-191a1fb2d3b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 10072
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5443ce21c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/backoffice/cms/affiliate_landing/default_18plus-logo.svg

104.22.34.217

200 OK

1.7 kB

URL GET HTTP/2
cdn.aramuz.net/backoffice/cms/affiliate_landing/default_18plus-logo.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1739 bytes)
Hash
c25197c09f73336d431d321f28218dff
0e04f3b1f47b773b92a15d3e7f1d6cc029244aa1
20b884a99f67eab13d2441b388d695efa22149475e089ca16dae5c9ab2be01ce

HTTP Headers

GET /backoffice/cms/affiliate_landing/default_18plus-logo.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Jun 2023 08:26:16 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
etag: W/"48374886480ae959a4217e8ce145713d"
vary: accept-encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 732d3ca1627bbec3dcfe750ff23e18bc.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: xCtFd1A9Z4bOmIjNkLHMvqkf-cudE1GRlw_vTiF-q_m9B7tT2hWjYA==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8bc6e5520ac08f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/theme.css?v=^0.1.54

104.22.15.198

200 OK

65 kB

URL GET HTTP/2
ninecasino.com/theme.css?v=^0.1.54
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
65 kB (64919 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /theme.css?v=^0.1.54 HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2400000
cf-bgj: minify
etag: W/"fd97-19192f65696"
last-modified: Tue, 27 Aug 2024 08:31:43 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 460008
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5443cd91c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/remoteEntry.js?0.5318734166344883

104.22.15.198

200 OK

8.5 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/remoteEntry.js?0.5318734166344883
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (8783), with no line terminators
Size
8.5 kB (8452 bytes)
Hash
b7890ed24b6ad8a70bff4bbfcde323c0
03ce05f5ccd0ec97ced435dd31ab3184b543572f
c06810974cf53a6990a1fae6bac8f846acec8765778b2cc5c2889d6254300b62

HTTP Headers

GET /assets/register/build/remoteEntry.js?0.5318734166344883 HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript
x-powered-by: Express
etag: W/"66d03ff3-2104"
last-modified: Thu, 29 Aug 2024 09:31:31 GMT
cache-control: public, max-age=300
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e549edec1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms&rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiI0NzA5Nl8xNzM4MTMzX3xhZnAxOnRya2JSVjV0elFvYndJRlJ2TGVMRHpYeUd4UnRya3xhZnAxMDpzbXMiLCJhZnAxIjoidHJrYlJWNXR6UW9id0lGUnZMZUxEelh5R3hSdHJrIiwiYWZwMTAiOiJzbXMiLCJidGEiOiI0NzA5NiIsIm5jaSI6IjU2NjEiLCJxbHQiOiJ0cnVlIiwidXRtX2NhbXBhaWduIjoic21zIiwicm90YXRvcklkIjoiODZjZjY0ZGYwOWJkNjA3NDdkN2ZiY2M1MDllYTFjZDg0ZWNiZjg4ZGE3MTk4ZWJhNTc0NzU0MTI5MmE0NjJhMyIsInJvdGF0b3JSb3V0ZXIiOiJnb2Nhc2lub25pbmUuY29tIn0%253D

104.22.15.198

302 Found

33 kB

URL User Request GET HTTP/2
ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms&rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiI0NzA5Nl8xNzM4MTMzX3xhZnAxOnRya2JSVjV0elFvYndJRlJ2TGVMRHpYeUd4UnRya3xhZnAxMDpzbXMiLCJhZnAxIjoidHJrYlJWNXR6UW9id0lGUnZMZUxEelh5R3hSdHJrIiwiYWZwMTAiOiJzbXMiLCJidGEiOiI0NzA5NiIsIm5jaSI6IjU2NjEiLCJxbHQiOiJ0cnVlIiwidXRtX2NhbXBhaWduIjoic21zIiwicm90YXRvcklkIjoiODZjZjY0ZGYwOWJkNjA3NDdkN2ZiY2M1MDllYTFjZDg0ZWNiZjg4ZGE3MTk4ZWJhNTc0NzU0MTI5MmE0NjJhMyIsInJvdGF0b3JSb3V0ZXIiOiJnb2Nhc2lub25pbmUuY29tIn0%253D
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
33 kB (33064 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms&rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiI0NzA5Nl8xNzM4MTMzX3xhZnAxOnRya2JSVjV0elFvYndJRlJ2TGVMRHpYeUd4UnRya3xhZnAxMDpzbXMiLCJhZnAxIjoidHJrYlJWNXR6UW9id0lGUnZMZUxEelh5R3hSdHJrIiwiYWZwMTAiOiJzbXMiLCJidGEiOiI0NzA5NiIsIm5jaSI6IjU2NjEiLCJxbHQiOiJ0cnVlIiwidXRtX2NhbXBhaWduIjoic21zIiwicm90YXRvcklkIjoiODZjZjY0ZGYwOWJkNjA3NDdkN2ZiY2M1MDllYTFjZDg0ZWNiZjg4ZGE3MTk4ZWJhNTc0NzU0MTI5MmE0NjJhMyIsInJvdGF0b3JSb3V0ZXIiOiJnb2Nhc2lub25pbmUuY29tIn0%253D HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 01 Sep 2024 17:14:14 GMT
location: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
x-powered-by: Express
set-cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 23:03:26 GMT
rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 23:03:26 GMT
rotatorRouter=gocasinonine.com; Max-Age=31556952; Path=/; Expires=Mon, 01 Sep 2025 23:03:26 GMT
cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; Max-Age=604800; Path=/; Expires=Sun, 08 Sep 2024 17:14:14 GMT
qlt=true; Max-Age=604800; Path=/; Expires=Sun, 08 Sep 2024 17:14:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6e53fbd391c0e-OSL
X-Firefox-Spdy: h2

ninecasino.com/assets/style.33dc8d7c.css

104.22.15.198

200 OK

179 B

URL GET HTTP/2
ninecasino.com/assets/style.33dc8d7c.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
16acd926458bedbc045f317ea53f31d8
d50d57c36817ab2f3b21d0f103f3f8c991dac722
449853cd611da42b730f628f17c4b3f17818180bc7ce850820f775f709b54a2d

HTTP Headers

GET /assets/style.33dc8d7c.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"b3-191a1fb2d37"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 3598
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5443cde1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800;900&display=swap

142.250.74.74

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800;900&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint67:2C:47:03:FC:2F:6C:04:CD:B8:61:4D:97:F1:C4:EA:71:E9:9E:11
ValidityMon, 05 Aug 2024 07:18:20 GMT - Mon, 28 Oct 2024 07:18:19 GMT

File type
ASCII text
Size
11 kB (10980 bytes)
Hash
2654a9f83638e3c228ae6f778b6952ee
d1316cd791aad53e1cc170343c5d5018719b0496
a95a220a98893e07ffb415f50c9aaac2ed078d15300534e0e82d3b27e7eb3a7c

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 01 Sep 2024 17:14:15 GMT
date: Sun, 01 Sep 2024 17:14:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ninecasino.com/assets/main.36fa2b823166dab2f3e9.js

104.22.15.198

200 OK

41 kB

URL GET HTTP/2
ninecasino.com/assets/main.36fa2b823166dab2f3e9.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
41 kB (40607 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/main.36fa2b823166dab2f3e9.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"9e9f-191a1fb2d17"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 28404
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af3a1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/MasterCard.svg

104.22.34.217

200 OK

866 B

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/MasterCard.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
866 B (866 bytes)
Hash
fd22c01a8c80ef387ea74163c6223530
b6ec6380a468cebb6f3175cbc2cbcb2b94d239f6
1eb0c2e49e97c75176678574e7d49d4342000bef51db1e176412f44a88d73830

HTTP Headers

GET /images/footer-payment-methods/MasterCard.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:49 GMT
etag: W/"e845e6bf8b1764d1d9d6cf06fb8fd755"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
via: 1.1 c77c2d645cbeae90b436c4ed3b9c4718.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: s1cc7BblV11B00t-M9QagcvFS7z4ZDojafJLp4nQPcYQRQRzwkPwQg==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
cache-control: max-age=3600
cf-cache-status: HIT
age: 4847
server: cloudflare
cf-ray: 8bc6e5539d478f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.08279b29.css

104.22.15.198

200 OK

224 B

URL GET HTTP/2
ninecasino.com/assets/style.08279b29.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with no line terminators
Size
224 B (224 bytes)
Hash
9488d90f31908d1bed0a493de2d298a7
565b16c3cb7bac2e7db726e34d6716920676e9c7
7605203d34ffb108ea85970080e3e04ada4f9dedfc39936468f8f76dded42b97

HTTP Headers

GET /assets/style.08279b29.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"e0-191a1fb2d33"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 14882
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5443ce41c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

auth.betonliga.com/

172.67.68.177

200 OK

310 B

URL GET HTTP/2
auth.betonliga.com/
IP
172.67.68.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectbetonliga.com
FingerprintA4:26:88:C1:EC:25:C3:E4:CF:86:61:81:D5:41:50:52:1C:66:9A:29
ValiditySun, 28 Jul 2024 05:02:04 GMT - Sat, 26 Oct 2024 05:02:03 GMT

File type
HTML document, ASCII text, with very long lines (335), with no line terminators
Size
310 B (310 bytes)
Hash
b713fa9c48720e5b04080f6948d64afc
dd8a9795e5edb7f622d428b846a76b66fa02b58f
d6bc931432d40fa0413b6c09a2220331084b1b7c5dfa5d3d2f24285d67c6ce15

HTTP Headers

GET / HTTP/1.1
Host: auth.betonliga.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: text/html
last-modified: Thu, 09 Nov 2023 10:32:56 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TAzOpEaWCKQL96GMZVLikBs1z876DvjskyEX0oOOYDDYdiB3IhyPdhkLgGe8lYpWq1TduHAaJiQd%2FaBSCwjv%2BOn81GcMovIAQ9wWtLfLVn1pG3I7%2BtpLDvpB3kHpqiUOGLChg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8bc6e549eeb91c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.10e1d8ac.css

104.22.15.198

200 OK

1.6 kB

URL GET HTTP/2
ninecasino.com/assets/style.10e1d8ac.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (1608), with no line terminators
Size
1.6 kB (1608 bytes)
Hash
30db6a1f28a71420d302fb02ecedaa1e
5b908fc89cf73e7a87ff8358ddf0222d329f8c6f
a2b245320e08d74da681740009317b46308dbb59d240fa3f6b98f68e4e976483

HTTP Headers

GET /assets/style.10e1d8ac.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"648-191a1fb2d33"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e548fcb81c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/favicons/favicon-32x32.png

104.22.15.198

200 OK

378 B

URL GET HTTP/2
ninecasino.com/favicons/favicon-32x32.png
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
RIFF (little-endian) data, Web/P image
Size
378 B (378 bytes)
Hash
1821494944bdba95a65e108d1b9f410e
b58a2dad8de5b0ea9977dd5484c49d33309429d7
cfb1c762b034e93371dee70b3e44bf9cefa9520ec7d5f046d7d761098b1bed8b

HTTP Headers

GET /favicons/favicon-32x32.png HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: image/webp
content-length: 378
cache-control: public, max-age=300
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=517
content-disposition: inline; filename="favicon-32x32.webp"
etag: W/"205-191a1fb2e47"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e546a8f21c0e-OSL
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/155eec208cd2a5e2ff9e.js

104.22.15.198

200 OK

20 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/155eec208cd2a5e2ff9e.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (19844), with no line terminators
Size
20 kB (19844 bytes)
Hash
676c3dd7083559f2b2e8e519efa2e367
06b32f0c44f44d970e7d52a1a7db4d192e1dd3e5
23be098f99a2f0f7b1e948b408d86c6a4458284b86c93181f32ad35a81b204cb

HTTP Headers

GET /assets/register/build/155eec208cd2a5e2ff9e.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false; UGID=805709014697002508
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
x-powered-by: Express
etag: W/"66912083-4d84"
last-modified: Fri, 12 Jul 2024 12:24:35 GMT
cf-cache-status: HIT
age: 4165756
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54bc8731c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.igrand.pro/backoffice/cms/affiliate_landing/stepTwo.svg

104.26.9.58

200 OK

5.0 kB

URL GET HTTP/2
cdn.igrand.pro/backoffice/cms/affiliate_landing/stepTwo.svg
IP
104.26.9.58:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectigrand.pro
Fingerprint3D:BB:D8:FD:C4:7D:07:22:A3:58:AD:5F:BA:A4:37:2A:68:CF:16:07
ValidityFri, 16 Aug 2024 05:45:09 GMT - Thu, 14 Nov 2024 05:45:08 GMT

File type
SVG Scalable Vector Graphics image
Size
5.0 kB (4996 bytes)
Hash
7c54d7445bced6b9e42c6cd60f594029
bdcaa10900909404c943e15181dac1f23092b5f9
d2dc60c41ef556e382b8ebf8f831c84c6680342df4112724303a2d8918f5d798

HTTP Headers

GET /backoffice/cms/affiliate_landing/stepTwo.svg HTTP/1.1
Host: cdn.igrand.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
x-amz-id-2: ErZvbhK9QKSJ6tCfb29RlCNCqT3A6JPIS7Mmwb2GvVQeXZZ0t5XOtM3qhxciYVuNqmYN0aA5Rhiv4L9sJkmFrfyOajw8WDzBDduse9lC8Zg=
x-amz-request-id: KZA09P620S7KHPF8
last-modified: Wed, 24 Jan 2024 20:19:09 GMT
etag: W/"939d2549a38ed7e2d9cf4b2ae34139ef"
cache-control: max-age=3600
cf-cache-status: HIT
age: 3189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BU3x09qnTjV1aYA9je5JfJ9YoTd8CvsfnSo%2Fj58g6d1QSanZaUUclfN%2Bf0hI%2FK4HzAyTUWKOo7waL%2BUhIN%2F15%2FzBugs381oFutlIVVWWhP12Wvzy9Ml0o1kKS1IUT6%2BW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5548d3c568b-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/file/uploads/280067566000393932.png

104.22.34.217

200 OK

82 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/280067566000393932.png
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 580 x 800, 8-bit colormap, non-interlaced
Size
82 kB (82214 bytes)
Hash
a67a9f35310ccebb5b28944608873b9b
8fd86da9bb2acc6be843d3659780356d628a5aae
bf87fc68c84ec59ac2909f7228d623e79d80e574c3abe66c6aa569a551ce12c3

HTTP Headers

GET /images/file/uploads/280067566000393932.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/png
content-length: 82214
cf-bgj: imgq:85,h2pri
cf-polished: origSize=86781, status=vary_header_present
etag: "4addb71e0d879a593b951c1ead64c80f"
last-modified: Fri, 06 Oct 2023 13:47:55 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 52185ea0de4fc3b9a693955c5e065bbe.cloudfront.net (CloudFront)
x-amz-cf-id: kOFl7R-PBG3nqeQvH6vOafMlUMV4ARfleOx4D_hb5sW_wvLi6ixKWQ==
x-amz-cf-pop: CPH50-C2
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 6628
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e5523b1a8f57-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/BankTransfer.svg

104.22.34.217

200 OK

14 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/BankTransfer.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
14 kB (13798 bytes)
Hash
11eb5d7c4f53afcb6da9e51d212aff1b
b26b7cf4afbf6730810f018c6891ed80cafd0342
8d83815395300f68134a0277acdadf03dce4e2500db8af89709bbfa2b0d3c3ba

HTTP Headers

GET /images/footer-payment-methods/BankTransfer.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:39 GMT
etag: W/"11eb5d7c4f53afcb6da9e51d212aff1b"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 36350dd697b9af80be27aaf4296fbde4.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: ERhzGtNRfEtOrliipdAEZC4eGhCY_KmXRpFcCXo2KOUrEVCmI6WK8w==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 5401
server: cloudflare
cf-ray: 8bc6e553bda68f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.16cca10c38599f1e32d9.js

104.22.15.198

200 OK

68 kB

URL GET HTTP/2
ninecasino.com/assets/main.16cca10c38599f1e32d9.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
68 kB (67519 bytes)
Hash
79fb124efb73d4d6cd64d0ccdbcbe064
b93398dd13de4c326eb5f578bd6c89c36c07ddc1
1b3215429883dbf3a129b64a2d614403206b3325d46ce336a09797748ae56139

HTTP Headers

GET /assets/main.16cca10c38599f1e32d9.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"107bf-191a1fb2d13"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af301c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.a7b155e889b93dcc916d.js

104.22.15.198

200 OK

21 kB

URL GET HTTP/2
ninecasino.com/assets/main.a7b155e889b93dcc916d.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (21165), with no line terminators
Size
21 kB (21165 bytes)
Hash
2641bd4d7fba7f5d8f985c83eaad0c28
d65a843cfdcb741d21fc42361dc1354c3cb81135
370b2da2fb76b9c603ae799fef6f34f0a51990687c73d303a0ec8f2b27647726

HTTP Headers

GET /assets/main.a7b155e889b93dcc916d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=21168
etag: W/"52b0-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 14119
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af3e1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

104.22.15.198

200 OK

33 kB

URL User Request GET HTTP/2
ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
HTML document, ASCII text, with very long lines (30188)
Size
33 kB (33064 bytes)
Hash
ce1e93cfad6cd9480b905f095bd1165d
02912461062bbad6b592bd66b90c73ca5673b01e
85498594d06a72ca7276342d6e26b3b9bb882cdf4bd8390457642041ae0ba62f

HTTP Headers

GET /landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:14 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: no-store
set-cookie: lastActivityTime=1725210854532; Path=/
i18n_redirected=en; Path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6e5406e521c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/lokalise/ninecasino/en.json?timestamp=1725210081

104.22.34.217

200 OK

220 kB

URL GET HTTP/2
cdn.aramuz.net/lokalise/ninecasino/en.json?timestamp=1725210081
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
JSON text data
Size
220 kB (220256 bytes)
Hash
9d0b2ba3f6fd89cd8b5f90bdd026e640
66f402550fed587b56eb78bf278e6ca266fdcacf
05e610874df638bc370d372882b3ee9da87acea03a1ef2b10375bd1b392d3bd2

HTTP Headers

GET /lokalise/ninecasino/en.json?timestamp=1725210081 HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Sun, 01 Sep 2024 01:00:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6QlvzqfrjK6AmhpU99M_VxqX5hKLfuRy
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 52185ea0de4fc3b9a693955c5e065bbe.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: U74FeT3c24d3ZkNYonfeniftvih-j8m_rTjYtWqaD56ENrb_y_PKvQ==
age: 597
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8bc6e5474b7d8f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/file/uploads/400437744436645551.png

104.22.34.217

200 OK

2.8 kB

URL GET HTTP/2
cdn.aramuz.net/images/file/uploads/400437744436645551.png
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
PNG image data, 403 x 80, 8-bit colormap, non-interlaced
Size
2.8 kB (2832 bytes)
Hash
c74fb041d62761c2a793825ce1f20fdb
4c57f0b8fdfc585bcfbc08436b8b248269aa0330
9529a9cc0c10f700a08089f54694aee1ba4a9009b604634f23ce11f799b0be5f

HTTP Headers

GET /images/file/uploads/400437744436645551.png HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/png
content-length: 2832
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2982, status=vary_header_present
etag: "facf2ca5f6fe5349eb2fa755cbfd927f"
last-modified: Fri, 06 Oct 2023 13:48:10 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Origin, Accept-Encoding
via: 1.1 2c37157ce416bf23a28e186191d1fd2a.cloudfront.net (CloudFront)
x-amz-cf-id: U53KD3ctlbBJs0dAVzxNk8uRg7szuE76pqyPrmaCo7MbWax_tPLEUA==
x-amz-cf-pop: CPH50-C2
x-amz-meta-server-side-encryption: AES256
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=3600
cf-cache-status: HIT
age: 6628
accept-ranges: bytes
server: cloudflare
cf-ray: 8bc6e5521ad58f57-CPH
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Neteller.svg

104.22.34.217

200 OK

1.3 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Neteller.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1286 bytes)
Hash
7a96eafa0f09b1ffaf8586ea65ced4f8
a5dd338ff277ec458d1d7d8abc0f5b78840847f5
751d210ef98436fd1f12c528642a9e7447f37dee486c5b03e223b5722aa5ee45

HTTP Headers

GET /images/footer-payment-methods/Neteller.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:46 GMT
etag: W/"31d4f86af52d5d01d37a6e087c10fb9d"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 66fb345923f3acbd40f99fbda8e88694.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: _h9CDk8Bb9CsdeO9R9ILaSq72uZ4lfU07LGQoOG78gfidkV5XfHyFQ==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 7088
server: cloudflare
cf-ray: 8bc6e553ddd18f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.a6aae19d83225072d497.js

104.22.15.198

200 OK

5.8 kB

URL GET HTTP/2
ninecasino.com/assets/main.a6aae19d83225072d497.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (5871), with no line terminators
Size
5.8 kB (5785 bytes)
Hash
e86b605580e1fbf865e503aae4fb384f
cc65bcdfb41a567fe9fc6c468a77f657ef74c767
08c84320acd19032cba2c67899d0c60fa85523dd0a65780e4b84c70cb40571b5

HTTP Headers

GET /assets/main.a6aae19d83225072d497.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"1699-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 3189
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e546c9301c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Visa.svg

104.22.34.217

200 OK

1.7 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Visa.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1676 bytes)
Hash
ff762d27cdfc025cb1fff2e1bca89f6e
21c1a16ef4d30d04e2db91f0dbce513b0504cc90
7bcce617d511339255d3ec290dae0a7c85bb88f4e6cbcca7851664dec7a4998a

HTTP Headers

GET /images/footer-payment-methods/Visa.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:42 GMT
etag: W/"57efb5facba1ad4d5022cd8d4d94aa1a"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 7354b4c15a208a3cdb89df1d3154015a.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: M4fYY3S3fTON5HM5q__LOXvZrxVZPGFRdyxtwsJ9Kcf1AuleFfVdWg==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 4847
server: cloudflare
cf-ray: 8bc6e5537d248f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.77d3821ebfe065b0b436.js

104.22.15.198

200 OK

37 kB

URL GET HTTP/2
ninecasino.com/assets/main.77d3821ebfe065b0b436.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
37 kB (37023 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/main.77d3821ebfe065b0b436.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=37026
etag: W/"90a2-191a1fb2d1f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af341c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/87d5d2918cfa93cb9ecb.js

104.22.15.198

200 OK

51 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/87d5d2918cfa93cb9ecb.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (51021), with no line terminators
Size
51 kB (51021 bytes)
Hash
31f0c5a6028aac95cc54a05404003a17
147ef3654c53450d99c5ef3439479306860c0de9
f4f0b85da857665e7f0f50b5ba97ad3ebda60fcde287b3db4e8dd545bc901a81

HTTP Headers

GET /assets/register/build/87d5d2918cfa93cb9ecb.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
x-powered-by: Express
etag: W/"66d03ff3-c74d"
last-modified: Thu, 29 Aug 2024 09:31:31 GMT
cf-cache-status: HIT
age: 284798
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54b0f671c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/style.e322bcb6.css

104.22.15.198

200 OK

422 B

URL GET HTTP/2
ninecasino.com/assets/style.e322bcb6.css
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
ASCII text, with very long lines (422), with no line terminators
Size
422 B (422 bytes)
Hash
0410292dfd08086ba7c46261ae7d9002
66ea96296778bf6fcdbbaec4c337f2b8c2f985d8
e94bd5a245fba780c125a5b33d2bdba99fd74f822ced587d389243ffade3cf12

HTTP Headers

GET /assets/style.e322bcb6.css HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"1a6-191a1fb2d47"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 15405
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5443ce91c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.a548ac689c47f91ac216.js

104.22.15.198

200 OK

1.7 kB

URL GET HTTP/2
ninecasino.com/assets/main.a548ac689c47f91ac216.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1757), with no line terminators
Size
1.7 kB (1745 bytes)
Hash
1afef88fb8b4f4dc3892baaf30c3c678
5a3c9068fd529331e683aa418c5304b853b61197
b505b363a514bece068222a4c4a00d96a633e1b420070c133923f8728e541143

HTTP Headers

GET /assets/main.a548ac689c47f91ac216.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"6d1-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e548fcb61c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/register/build/f90690b3fff846d6749c.js

104.22.15.198

200 OK

38 kB

URL GET HTTP/2
ninecasino.com/assets/register/build/f90690b3fff846d6749c.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (38356), with no line terminators
Size
38 kB (38356 bytes)
Hash
f352eb864833f7e05e273ed79ffc5672
d21b135e713222672af329c229eb323d5ebda5ba
7b069db31d385393a605ae15cfaf2c0e4c64c0936ec3eb6f7da950fd458abde7

HTTP Headers

GET /assets/register/build/f90690b3fff846d6749c.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_|afp1:trkbRV5tzQobwIFRvLeLDzXyGxRtrk|afp10:sms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false; UGID=805709014697002508
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
x-powered-by: Express
etag: W/"66c5aa93-95d4"
last-modified: Wed, 21 Aug 2024 08:51:31 GMT
cf-cache-status: HIT
age: 979031
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54bd8791c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintEB:6E:FA:69:A4:FA:21:AE:59:5E:1B:46:84:BD:81:51:55:62:5B:04
ValiditySat, 06 Jul 2024 05:58:05 GMT - Fri, 04 Oct 2024 05:58:04 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ninecasino.com
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5447f2e0b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ninecasino.com/assets/main.13b0a47d57ed334cbb10.js

104.22.15.198

200 OK

82 kB

URL GET HTTP/2
ninecasino.com/assets/main.13b0a47d57ed334cbb10.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type

Size
82 kB (82211 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/main.13b0a47d57ed334cbb10.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=82214
etag: W/"14126-191a1fb2d0f"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af281c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Ezeewallet.svg

104.22.34.217

200 OK

4.3 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Ezeewallet.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
4.3 kB (4301 bytes)
Hash
e1c85fc43444d911d6bf776c420a93d4
454319ec2ec301d7ac805e399fcc5a8393a07578
1c29a3e7bf9303f739ed50d6b5c0821cb79c6c1c38dd067040018c0c4757b03d

HTTP Headers

GET /images/footer-payment-methods/Ezeewallet.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:44 GMT
etag: W/"3f66c9fe10e8229bfb9854599c2f6daa"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 14ac9ebde59a0d49d111dc4e4f5e846c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: pFwqLFT4koWiQ7LkI5SRHLu8g_t69-3m0HO4DtEsmgBOmRc0jx9WuA==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 4847
server: cloudflare
cf-ray: 8bc6e553bd9a8f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.a5eddf3b65efaaab758d.js

104.22.15.198

200 OK

2.2 kB

URL GET HTTP/2
ninecasino.com/assets/main.a5eddf3b65efaaab758d.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2190), with no line terminators
Size
2.2 kB (2174 bytes)
Hash
8f87357d7a5aa1a98bd4366d3cb49774
d9b4f2138fcc9396b32d120e009c3f001d0a8ae9
c7e519006994c53d24d6631122c4d54d1d5e63cf75565250f4812d0a1faee0da

HTTP Headers

GET /assets/main.a5eddf3b65efaaab758d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"87e-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e5486bd21c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/AstroPay.svg

104.22.34.217

200 OK

4.6 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/AstroPay.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
4.6 kB (4625 bytes)
Hash
f62cfd12e4df1815725c00208f5b81b5
49783eec56c6eb9c7ea96fbb48cb43868f31edce
c79a87259f2b612296fe014ae3ae77ff9b12963ec6badf16bcf18095339f6583

HTTP Headers

GET /images/footer-payment-methods/AstroPay.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:43 GMT
etag: W/"094f6bc0355174784ded53e60243064a"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 66fb345923f3acbd40f99fbda8e88694.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: l4iQpTZlG3E4GKW0gWipltXVVx3Wqrj8ZF3Er-Yr25_2qRrFKLiB9w==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 4847
server: cloudflare
cf-ray: 8bc6e553ede58f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/front/logos/ninecasino/loader.svg

104.22.34.217

200 OK

18 kB

URL GET HTTP/2
cdn.aramuz.net/front/logos/ninecasino/loader.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
18 kB (17698 bytes)
Hash
dec21e47f989764e1f6acfb6a9649bad
195e8c594bf76c35feb44f6ce16929a9e3c765cf
81ebe52f76c939e7d10ab0d8cbb00b49155e6659f385a2436c2803b9f1feb69d

HTTP Headers

GET /front/logos/ninecasino/loader.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: image/svg+xml
last-modified: Mon, 11 Mar 2024 15:22:01 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: Epe_W4mZwk5Fqh96WmWDlnqlXQh9W35s
etag: W/"dec21e47f989764e1f6acfb6a9649bad"
vary: accept-encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 7599c9263666c70e7c78c161a02a07f8.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: Yjih6JW6QkZCh-BsLOB8gidUv1tggFAZ3DY-OG_nw11a8z76XrTKvQ==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 4733
server: cloudflare
cf-ray: 8bc6e544f80f8f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

cdn.aramuz.net/images/footer-payment-methods/Skrill.svg

104.22.34.217

200 OK

1.7 kB

URL GET HTTP/2
cdn.aramuz.net/images/footer-payment-methods/Skrill.svg
IP
104.22.34.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerLet's Encrypt
Subjectaramuz.net
FingerprintAF:51:3B:43:CB:D5:FF:AE:66:8E:E0:EA:B2:7A:9A:34:40:DA:16:7F
ValiditySun, 04 Aug 2024 11:15:40 GMT - Sat, 02 Nov 2024 11:15:39 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1661 bytes)
Hash
0e1c491d09d5927d47e9d99b69080b24
212432a6180ece8847067aeac7f2f49839d5fcaa
0b9b1ad347f4e3d281cfb67a2dfc403e11cb3971c22227c5e8bf45092eb311e9

HTTP Headers

GET /images/footer-payment-methods/Skrill.svg HTTP/1.1
Host: cdn.aramuz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:17 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Oct 2023 04:55:49 GMT
etag: W/"b2297595972000eafc64916f1286aed6"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
x-amz-version-id: null
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
via: 1.1 169057b8db0fb379ccba5daa74680acc.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: ETgUBZsoSFnmJto2X5HtUUUG0Fvar5Syv0hjsDCOpQ9Tc4CjL-Z0Tg==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=3600
cf-cache-status: HIT
age: 3780
server: cloudflare
cf-ray: 8bc6e553bda38f57-CPH
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.34f47f504463d3f350fa.js

104.22.15.198

200 OK

86 kB

URL GET HTTP/2
ninecasino.com/assets/main.34f47f504463d3f350fa.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85850 bytes)
Hash
a33e02cf21b8910baa36ba46ba3afbf8
6b898db0d305d7e3f2dc9b5bfb5a92945eb0dfee
496e28e950094d55b7227b3b33b73ca766ad5233f3dbbdc9fba2d409226b8c87

HTTP Headers

GET /assets/main.34f47f504463d3f350fa.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
cf-polished: origSize=85854
etag: W/"14f5e-191a1fb2d17"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e545af401c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.5b3ee8898426f346e98d.js

104.22.15.198

200 OK

1.6 kB

URL GET HTTP/2
ninecasino.com/assets/main.5b3ee8898426f346e98d.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1641), with no line terminators
Size
1.6 kB (1617 bytes)
Hash
63562333783280661eb48b0ae324aeb2
1d97b665b51e4dfcfab6ff7ca94ede0be7c6ccf8
cac77a64dce4e8114f124ed7f05ece45c32de0f919d8bc4d23418ac053800cd1

HTTP Headers

GET /assets/main.5b3ee8898426f346e98d.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"651-191a1fb2d1b"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 9219
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e546c9261c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.a5157e267787bd7666a5.js

104.22.15.198

200 OK

7.2 kB

URL GET HTTP/2
ninecasino.com/assets/main.a5157e267787bd7666a5.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (7442), with no line terminators
Size
7.2 kB (7221 bytes)
Hash
8eb9153475f31ee623d1503d2d69e67b
973dce3080c5d1c8c35bb8453000cdb133aa5d1d
5a153881e09b292c1f6d115b25040609c568760e7fc5554c31e54e4cbc7aa012

HTTP Headers

GET /assets/main.a5157e267787bd7666a5.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"1c35-191a1fb2d23"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 16319
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e548fcbd1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

ninecasino.com/assets/main.ad44267e775aabb797a9.js

104.22.15.198

200 OK

3.3 kB

URL GET HTTP/2
ninecasino.com/assets/main.ad44267e775aabb797a9.js
IP
104.22.15.198:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Certificate
IssuerGoogle Trust Services
Subjectninecasino.com
Fingerprint1A:92:25:E6:7D:D4:11:DD:4F:65:7E:E7:20:29:23:10:DE:A5:DE:12
ValidityWed, 17 Jul 2024 02:14:57 GMT - Tue, 15 Oct 2024 02:14:56 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (3398), with no line terminators
Size
3.3 kB (3268 bytes)
Hash
e4cf234de9bcb596bb9572a8a4b41a25
4c8b13c09cca5273f654aa6216b476253fcc9fc0
45768ca8744c7aa253fab6411d8f64f6455bd9bf474b492ead3d677b852de51e

HTTP Headers

GET /assets/main.ad44267e775aabb797a9.js HTTP/1.1
Host: ninecasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ninecasino.com/landings/welcome-offer?cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms&afp1=trkbRV5tzQobwIFRvLeLDzXyGxRtrk&afp10=sms&bta=47096&nci=5661&qlt=true&utm_campaign=sms
Cookie: UUID=b0a32549-ac49-4380-ab24-d40557b00066; rotatorId=86cf64df09bd60747d7fbcc509ea1cd84ecbf88da7198eba5747541292a462a3; rotatorRouter=gocasinonine.com; cxd=47096_1738133_%7Cafp1%3AtrkbRV5tzQobwIFRvLeLDzXyGxRtrk%7Cafp10%3Asms; qlt=true; lastActivityTime=1725210854532; i18n_redirected=en; isPwa=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 01 Sep 2024 17:14:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536
cf-bgj: minify
etag: W/"cc4-191a1fb2d27"
last-modified: Fri, 30 Aug 2024 06:31:18 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 9695
vary: Accept-Encoding
server: cloudflare
cf-ray: 8bc6e54a3e4f1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by