urlscan.io logo urlscan.io
SecurityTrails logo

harvestrains.live Open in urlscan Pro
2606:4700:3032::6815:c51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/soukglobally/mdsjl3.html#redirect.php/c17831RkpEF5020375LkBC188WnV8566quTU1002
Effective URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Submission: On March 10 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3032::6815:c51, located in United States and belongs to CLOUDFLARENET, US. The main domain is harvestrains.live.
TLS certificate: Issued by GTS CA 1P5 on February 27th 2023. Valid for: 3 months.
This is the only time harvestrains.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 2 94.102.4.223 51559 (NETINTERN...)
1 195.54.167.231 49392 (ASBAXETN)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
28 9
1    2a00:1450:4001:808::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    94.102.4.223 (Turkey)

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: enviro.concept-websites.co.uk
emanhtap.arfiandi.me
1    195.54.167.231 (Russian Federation)

ASN49392 (ASBAXETN, RU)
microfilmnsaps.com
1    2606:4700:3037::ac43:d80a (United States)

ASN13335 (CLOUDFLARENET, US)
gridlockgates.com
15    2606:4700:3032::6815:c51 (United States)

ASN13335 (CLOUDFLARENET, US)
harvestrains.live
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-epicurei.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-epicurei.com
Apex Domain
Subdomains		 Transfer
15 harvestrains.live
harvestrains.live
210 KB
5 trk-epicurei.com
trk-epicurei.com — Cisco Umbrella Rank: 161831
event.trk-epicurei.com — Cisco Umbrella Rank: 212669
3 KB
3 gstatic.com
fonts.gstatic.com
68 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 396
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 305
35 KB
2 arfiandi.me
emanhtap.arfiandi.me
597 B
1 gridlockgates.com
gridlockgates.com
698 B
1 microfilmnsaps.com
microfilmnsaps.com
421 B
28 7
Domain Requested by
15 harvestrains.live microfilmnsaps.com
harvestrains.live
4 event.trk-epicurei.com trk-epicurei.com
3 fonts.gstatic.com fonts.googleapis.com
2 emanhtap.arfiandi.me 1 redirects storage.googleapis.com
1 trk-epicurei.com harvestrains.live
1 ajax.googleapis.com harvestrains.live
1 fonts.googleapis.com harvestrains.live
1 gridlockgates.com 1 redirects
1 microfilmnsaps.com emanhtap.arfiandi.me
1 storage.googleapis.com
28 10

This site contains links to these domains. Also see Links.

Domain
www.gambleaware.co.uk
www.gamcare.org.uk
Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
microfilmnsaps.com
R3		 2023-02-17 -
2023-05-18		 3 months crt.sh
*.harvestrains.live
GTS CA 1P5		 2023-02-27 -
2023-05-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-07 -
2024-02-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Frame ID: DE869312F5BC997AF9305270FCC56A46
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TitanSpins

Page URL History Show full URLs

  1. https://storage.googleapis.com/soukglobally/mdsjl3.html Page URL
  2. http://emanhtap.arfiandi.me/redirect.php/c17831RkpEF5020375LkBC188WnV8566quTU1002 Page URL
  3. http://emanhtap.arfiandi.me/track/c17831RkpEF5020375LkBC188WnV8566quTU1002 HTTP 302
    https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-188-8566 Page URL
  4. https://gridlockgates.com/?s1=350977&s2=942530694&s3=2383&s10=1403 HTTP 302
    https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

80 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

317 kB
Transfer

4177 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/soukglobally/mdsjl3.html Page URL
  2. http://emanhtap.arfiandi.me/redirect.php/c17831RkpEF5020375LkBC188WnV8566quTU1002 Page URL
  3. http://emanhtap.arfiandi.me/track/c17831RkpEF5020375LkBC188WnV8566quTU1002 HTTP 302
    https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-188-8566 Page URL
  4. https://gridlockgates.com/?s1=350977&s2=942530694&s3=2383&s10=1403 HTTP 302
    https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://emanhtap.arfiandi.me/track/c17831RkpEF5020375LkBC188WnV8566quTU1002 HTTP 302
  • https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-188-8566

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
mdsjl3.html
storage.googleapis.com/soukglobally/ 		274 B
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/soukglobally/mdsjl3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
274
content-type
text/html
date
Fri, 10 Mar 2023 10:16:02 GMT
etag
"ac1ca4e8ee8e94cba92eb2562ae317d4"
expires
Fri, 10 Mar 2023 11:16:02 GMT
last-modified
Wed, 22 Jun 2022 16:59:20 GMT
server
UploadServer
x-goog-generation
1655917160797467
x-goog-hash
crc32c=1MKBPA== md5=rByk6O6OlMupLrJWKuMX1A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
274
x-guploader-uploadid
ADPycdtxHEt0wC5WWp2LKBDN7FDvkpqg9nhBtiJWFdz0jYTRJMDFPLBz_nNT5mArWoXc_FEaLY4M1GhisWaanJAiHiWQdJ252l6F
c17831RkpEF5020375LkBC188WnV8566quTU1002
emanhtap.arfiandi.me/redirect.php/ 		253 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
http://emanhtap.arfiandi.me/redirect.php/c17831RkpEF5020375LkBC188WnV8566quTU1002
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/soukglobally/mdsjl3.html
Protocol
HTTP/1.1
Server
94.102.4.223 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
enviro.concept-websites.co.uk
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
253
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Mar 2023 10:38:36 GMT
5020375-188-8566
microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/
Redirect Chain
  • http://emanhtap.arfiandi.me/track/c17831RkpEF5020375LkBC188WnV8566quTU1002
  • https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-188-8566
129 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-188-8566
Requested by
Host: emanhtap.arfiandi.me
URL: http://emanhtap.arfiandi.me/redirect.php/c17831RkpEF5020375LkBC188WnV8566quTU1002
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.167.231 , Russian Federation, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://emanhtap.arfiandi.me/redirect.php/c17831RkpEF5020375LkBC188WnV8566quTU1002
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
129
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 10:45:55 GMT
server
Apache

Redirect headers

Content-Length
118
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Mar 2023 10:38:37 GMT
Location
https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-188-8566
Primary Request 8df592e211f8c61d63ca8861f41e7108
harvestrains.live/
Redirect Chain
  • https://gridlockgates.com/?s1=350977&s2=942530694&s3=2383&s10=1403
  • https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Requested by
Host: microfilmnsaps.com
URL: https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-188-8566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4969106ab6f930811d67f22fcefd6a47c5fd280f22d32b945b1b5915fbc1659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-188-8566
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a5af8967fe437f1-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 10:45:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGmfUxM847lnLZ1W9JJU6F%2BVmZwlO8Rblz5WEHoWqWxh4vqKX5iZ0KoTjGC9m8HFOC%2FI83lfHzsw%2BmpQFeCWL3IiNmXa8iB0TLRstMS203tKqA%2FVoMPvGWRHv7DiJyNJUaKTbuIQkE5AisHDCGwzxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7a5af89239b437fe-FRA
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 10:45:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyGdrPnkr8h17izJPz%2FFIn1arPdWchIzUZtBxGKgTNTlpmtobX7%2F7yd%2BbXU6Ho%2BxvRzEYHpthLAwb5EpziDhfxEnaRm2L01DOl1A96AlS7n7aP2QQ7Vj0Ok9zlcKPYfKyKFjHBm6%2BHH0G0sp2YJYww%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
harvestrains.live/fim/62d6d698a22f107f71dba1943cd45a2d/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/fim/62d6d698a22f107f71dba1943cd45a2d/bootstrap.min.css
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v1/assets/bootstrap.min.css"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVSSo872TyVfzs7jmXmYnCNCdmo09jp4cafHGOuM5wXj4TkA1NSq5IfA7Ljkctl911VZhBymURmyd%2Bq8IK%2FHoqdHt0FrtGTWjcfqHHNr9sYDBGeJyo4DhBcItcpawJAVynsLOfZ4Mr%2Bj4ZKXyLGF2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5af899fcca37f1-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
css
fonts.googleapis.com/ 		3 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Mar 2023 10:45:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 10:45:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Mar 2023 10:45:57 GMT
style.css
harvestrains.live/fim/62d6d698a22f107f71dba1943cd45a2d/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/fim/62d6d698a22f107f71dba1943cd45a2d/style.css?v1.05
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a040933cb5dc29937509e87e348bbbd111024182ad2a3109c4a711aaa05c1e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v1/assets/style.css"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqAHc44lgLr6SdUKqJ1x4eoYMG7rtEZMr5tDqccjqt%2B7KlYGOr%2FEP3268pqlAbdg6xzwyiEZz5efWH5rZ1QIeQtqVCOZmwh6vgrRsOwl%2F0Iilhe6zI8zsLgd2I3m8DmIZ3G%2FauwYEOvs6%2FCTkwKflQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5af899fccb37f1-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
msg.js
harvestrains.live/inc/ 		942 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/inc/msg.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87684
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 12:25:37 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5MLPECWrgq40qCbSi8rb7g1QyGkBndhJOdA4QueNhKV%2FWSVAeuFIS4rZQYlfdpL6pSVL9rou3ltDDtQ6eeiOpyWamyyjT4CHwwq5OqQ%2FjFyix4j6s1GLwo3YIzS9kIWxidB%2F%2BQ5nSNAZ%2BCe0NtRXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7a5af899fccc37f1-FRA
expires
Thu, 16 Mar 2023 10:24:33 GMT
50e6ef3f5f29e69bfec73f27f4f67d15.png
harvestrains.live/fim/1403/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1403/50e6ef3f5f29e69bfec73f27f4f67d15.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39898
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 09:31:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9n4GTacy149d121oCw%2FxVRCqLutPmqumly7%2FPx%2BozN7HZ%2FXAPaui%2BvRivMgP5JrVc3fSyjO6%2Fuff8Df4JmvJs1p7zLU%2FG3sEZV20jTiidN015bm8EwC9i5BOcBfsLBwubyy%2F7eWJgaJ1sZ5T9nGPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5af89e1be3373c-FRA
expires
Fri, 17 Mar 2023 10:45:58 GMT
7113d493a4419f1d3206af20d80f3727.png
harvestrains.live/fim/1403/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1403/7113d493a4419f1d3206af20d80f3727.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24575
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 09:31:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsG4ctfQf0ohMehtROQBRU1iNW03dfQ4lmh3HKMb70r6xjI3a5AiFXq4Imja1EDdWDA22olnRJHPdc%2FVIKVXsBGhrWDpC5cZFwy0rGfEsz8fQcofDmvp%2Fm3YwWJedfKNLbODZtf177NoPbLq0w8FSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5af89e1be6373c-FRA
expires
Fri, 17 Mar 2023 10:45:58 GMT
c746260d5110b6ae0bac6dd1ba70f02a.png
harvestrains.live/fim/1403/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1403/c746260d5110b6ae0bac6dd1ba70f02a.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3458
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 09:31:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgUyeHs5vdV8tBFWMqiVe6qcTBoENAUxdnwublzOeWlFzpzjSVdxexuvs4GmAPWxcVX8CqsaGUG9%2FqFhb1aR3%2BsurMvS8wrPePTSKLWiN2dlhY0UE%2B6p4O9GogfZquJ9PJWmlc60uWe7ktkbbk7%2BxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5af89e1be7373c-FRA
expires
Fri, 17 Mar 2023 10:45:58 GMT
1af7a1369646573d10204cd76da68080.png
harvestrains.live/fim/1403/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1403/1af7a1369646573d10204cd76da68080.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3661
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 09:31:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bp1LSkAANb1s2rLCPzyDX7hRpPC0aZmg54cEzK1O2HN9Cp8kfwv7PNt7Gl47YJ3VG9ClnAe6F%2BO2GPepcQTwKmyZyW%2FEJ7t%2BAXKjPCayUIRVkwrug1%2FegRlytuLD3SEjYLO28zQ7sQKRxcCsdJRpMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5af89e1be8373c-FRA
expires
Fri, 17 Mar 2023 10:45:58 GMT
e57bc73df675f1985d2e1d9f90c0d736.png
harvestrains.live/fim/1403/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1403/e57bc73df675f1985d2e1d9f90c0d736.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3613
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 09:31:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3TvXDRfIAaGXJp2JUMHTv7ggaenNZ56anFnbubx0w8yF5ZAcYbV1dELqCuHmwCkSc67YPbWtS6r50%2FSGMUf1mrKQwQS8c%2B9Z1IkT9H%2BSyulJ%2F3JUsu8faqurjJmxsudzynAFMPNY%2Bbeb3tlZjahqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5af89e1beb373c-FRA
expires
Fri, 17 Mar 2023 10:45:58 GMT
510eaf3bc74eae92cabe1a9c9e12ee90.png
harvestrains.live/fim/1403/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1403/510eaf3bc74eae92cabe1a9c9e12ee90.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12169
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 09:31:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRF43VaUyCKN1mUBgZ%2FHAxb%2BazHP5OO6Xqitb0l7PN9Q3NI2p%2FnbuzFxNJwJiuyopVqmx1BvlUgn3SWapMmnwk3RcAmucFaZqYP40f3%2B2G6O3i0SpmNfrTCJfiJUKSt319wJ9DKu80iTwhEctZEz%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5af89e1bec373c-FRA
expires
Fri, 17 Mar 2023 10:45:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 09:40:42 GMT
bootstrap.js
harvestrains.live/fim/62d6d698a22f107f71dba1943cd45a2d/ 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/fim/62d6d698a22f107f71dba1943cd45a2d/bootstrap.js?v=1.0
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d140144d75fee3c058ac806a2bc7f9fa4ecb778d00b31f02710513e61e71ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v1/assets/bootstrap.js"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BXqTuiv7VVWUfSIVQN4wInikrok7cs9U%2BZu6L5LZf2hL2ORHt9JYOUOmZq598yPNbQZYh22TCKSjX%2FgwCJsVWb8S%2BKD4H1YSAqBWLLgRlJ9K5j1A7nz%2B9i3Y8CeT%2B9ajDaitb%2BG%2B%2FIFpZtvhjAUKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5af89e1bda373c-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
common.js
harvestrains.live/fim/62d6d698a22f107f71dba1943cd45a2d/ 		768 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/fim/62d6d698a22f107f71dba1943cd45a2d/common.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1669a1f2809856365657b64b61614f40ea490d99156733ec137cd55e095f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v1/assets/common.js"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ic%2FS99tG%2FU9YR6nQKx22IllqwQBop7Dw38cdyq5i5JF3Csp76cUEcMslqI9beMSlz3Aaw5mMh5os%2BubJGsiUaGyUOko%2Fq020NJXKnwbvS0bcDIfYYgPakNRxFjPIFIGivhLC7BmFx6XO97Xb6bkyOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5af89e1bdd373c-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
v9e118mez8
trk-epicurei.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-epicurei.com/scripts/push/v9e118mez8
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1658
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 10 Mar 2023 10:18:20 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=No3gR1EdB1lJagOhTBYRoCzQtL5NquWRlx39yLTs%2BJJalkklU3KRqdPSelRkHUq6W7HozuSEsmQ38jbLGKzwRbtRYs471c3xO20jBUYPKQXsA2tQ4v7GWofOUUiyDeXvEoL5SDys8ouHlbd9XneW"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5af89ebb5490af-FRA
expires
0
295500b47127780d0dc75f71fedbadc2.jpg
harvestrains.live/fim/1403/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1403/295500b47127780d0dc75f71fedbadc2.jpg
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
72488
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 09:31:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1pk6jVG2Qfrk2tylzC%2FbFjVwKMKvMzJ6X7cuDWpfYrgPlgdCpnmwY%2FQEY5oKZuwErJY61Ve4xEOeCQj4Epl0k3aNjEHEWiqiLAD0UWeH%2FLFE7GTVPHZ%2F%2FQ86%2FsAGMCm0otfrC26kB8ER1f70T5Wdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5af89e1bef373c-FRA
expires
Fri, 17 Mar 2023 10:45:58 GMT
612b96ac860536760de38d346e84e71d.png
harvestrains.live/fim/1403/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1403/612b96ac860536760de38d346e84e71d.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1312
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 09:31:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N71PQHtv%2FsGY0yqmzrlQJBfFjBvTIFkCexeOPlGJz%2BFmx28PT5RZH%2FVBqbjDnBtORaYIPn7CZaTWKfp8tWbKGKfINGCRBK2R9DydTdtQrcGDyoS7Orp6KD6nKzChbae%2BemxAMZJFetC%2B3bRx3sBuAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5af89e1bf8373c-FRA
expires
Fri, 17 Mar 2023 10:45:58 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 22:41:28 GMT
x-content-type-options
nosniff
age
43470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 22:41:28 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 10:49:32 GMT
x-content-type-options
nosniff
age
604586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 10:49:32 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 04:48:09 GMT
x-content-type-options
nosniff
age
107869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 04:48:09 GMT
bg-video.mp4
harvestrains.live/views/casino/titanspins-casino-us-v1/assets/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/views/casino/titanspins-casino-us-v1/assets/bg-video.mp4
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:c51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 10 Mar 2023 10:45:58 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-4765376/4765377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4765377
x-xss-protection
1; mode=block
last-modified
Tue, 15 Feb 2022 20:06:20 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEK5GKwkyubBjvF0b6QijRe9NImg1CuzPGpLdUebhSiDx2SE7UwJMyJzJKWvGjjgu%2FNV7W9cpOFyWIb6RFJOv50YDU%2FjPP9p14lsZFQZ1ca3AOXcINS11xQAoJuire1MZJp7ZtcnoiZSkjVN14XvEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7a5af89e3c1b373c-FRA
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 10 Mar 2023 10:45:59 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s34%2BUi6qr7TflM0OT9eRwSL6TAuPcTAHH8GG9vwKaoQaS5zfbXr3gvtUyow5wBjvyvUHMUaVx4FuGznIPaRa%2FQdEWgKZo85oSblX5Oi7gDbe41iUUPGcbjyFAtdJz5Xu9WX%2BWihcrIljgLxkioM%2B4OR%2FbaG7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5af8a3cefa363f-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://harvestrains.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a5af8a25d12363f-FRA
content-length
0
date
Fri, 10 Mar 2023 10:45:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrfU0sJMOx2KqjOlld1TdKQ4rLDuTYiZYy5aeZngZpHC3fBTN45j6l4WJndOYVp%2BugmxV7eUsFgOjBWgppGNoRHmGo%2Fu%2Fzq65i04armkTrUaeTq1PhJy0pM4jOtHi9jWZPK7mTaTJ8ROlHlBlaPrVWojNnLK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 10 Mar 2023 10:45:59 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1ySSb90DnodydjYp0OTyEpVHZENm4enQTJG91EShBRQYe116eWUqS1tBCKC58aS8pJaM6RB1%2FVlgZ2ME9ARQlFKnCNxPR%2BaQIDJldVbi0eM60GQ6v3PlC6u8c%2B9fYfbiBDSoVROKOnw3K3OwTfQQU040yfI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5af8a3cef4363f-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://harvestrains.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a5af8a25d15363f-FRA
content-length
0
date
Fri, 10 Mar 2023 10:45:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbP5ve7tMV4s61QpCaOIW0B1HBAmBhf3Yv5%2Bg7TvW50O%2FhWoVsUr54y6IoyrHgzCGRlu7E%2FhcRsmN6L%2FtQ2i80u7e6SP0w37PJSLts8orwdMJIl1%2FkWi3Ph2lRxBXrC%2FK54fhVb2zpbDjMMArh15B3bvscOP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| $ function| jQuery function| backSubmit object| jQuery111306158221386368374

3 Cookies

Domain/Path Name / Value
microfilmnsaps.com/ Name: uid2383
Value: 942530694-20230310054555-19319c73e48507c62d19020b569ec526-
gridlockgates.com/ Name: PHPSESSID
Value: 6fae60fae28babb9bf241f6099252141
harvestrains.live/ Name: PHPSESSID
Value: 53f27cf44c0898355fdb9fe9bfbb8591

1 Console Messages

Source Level URL
Text
other error URL: https://harvestrains.live/8df592e211f8c61d63ca8861f41e7108
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
emanhtap.arfiandi.me
event.trk-epicurei.com
fonts.googleapis.com
fonts.gstatic.com
gridlockgates.com
harvestrains.live
microfilmnsaps.com
storage.googleapis.com
trk-epicurei.com
195.54.167.231
2606:4700:3032::6815:c51
2606:4700:3037::ac43:d80a
2a00:1450:4001:806::2003
2a00:1450:4001:808::2010
2a00:1450:4001:828::200a
2a00:1450:4001:830::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
94.102.4.223
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
85d140144d75fee3c058ac806a2bc7f9fa4ecb778d00b31f02710513e61e71ca
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
a040933cb5dc29937509e87e348bbbd111024182ad2a3109c4a711aaa05c1e7a
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
f4969106ab6f930811d67f22fcefd6a47c5fd280f22d32b945b1b5915fbc1659
fc1669a1f2809856365657b64b61614f40ea490d99156733ec137cd55e095f93
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d