www.verajohncasino.com Open in urlscan Pro
104.18.32.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://play.verajohn.com/
Effective URL:
https://www.verajohncasino.com/
Submission: On July 23 via api (July 23rd 2024, 6:52:13 am UTC) from US — Scanned from IT

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 35 HTTP transactions. The main IP is 104.18.32.76, located in and belongs to CLOUDFLARENET, US. The main domain is www.verajohncasino.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 11th 2023. Valid for: a year.

This is the only time www.verajohncasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.242.229 104.18.242.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.32.76 104.18.32.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
1	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1	104.18.31.27 104.18.31.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	91.228.74.244 91.228.74.244	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.28 18.245.60.28	16509 (AMAZON-02) (AMAZON-02)
3	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	34.120.240.48 34.120.240.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	66.254.122.39 66.254.122.39	29789 (REFLECTED) (REFLECTED)
1 5	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
2	18.173.205.115 18.173.205.115	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.66 18.66.102.66	16509 (AMAZON-02) (AMAZON-02)
1	104.18.30.27 104.18.30.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
2 4	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1	18.66.112.5 18.66.112.5	16509 (AMAZON-02) (AMAZON-02)
4	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1	34.111.214.180 34.111.214.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	66.254.114.220 66.254.114.220	29789 (REFLECTED) (REFLECTED)
35	20

1 104.18.242.229 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

play.verajohn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.32.76 (None, )

ASN13335 (CLOUDFLARENET, US)

www.verajohncasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.31.27 (None, )

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-28.fra60.r.cloudfront.net

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.240.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.240.120.34.bc.googleusercontent.com

edge.eu1.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.122.39 (United States)

ASN29789 (REFLECTED, US)

hw-cdn2.adtng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.78 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.205.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-115.fra56.r.cloudfront.net

wa.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-66.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.30.27 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.23 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

asia.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-5.fra56.r.cloudfront.net

wa.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.214.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.214.111.34.bc.googleusercontent.com

rs.eu1.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.254.114.220 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

sync.atsptp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 8814 asia.adform.net — Cisco Umbrella Rank: 60937 a2.adform.net — Cisco Umbrella Rank: 9003	36 KB
5	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 104	911 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
3	fullstory.com edge.eu1.fullstory.com — Cisco Umbrella Rank: 60684 rs.eu1.fullstory.com — Cisco Umbrella Rank: 47396	79 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	78 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	308 KB
2	atsptp.com sync.atsptp.com — Cisco Umbrella Rank: 70241	1 KB
2	onelink.me wa.onelink.me — Cisco Umbrella Rank: 14229	881 B
2	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 7603 wa.appsflyer.com — Cisco Umbrella Rank: 10250	15 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2337 pixel.quantserve.com — Cisco Umbrella Rank: 1616	10 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 59288 pixel.prdredir.com — Cisco Umbrella Rank: 139109	942 B
2	verajohncasino.com www.verajohncasino.com	70 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2075	1 KB
1	adtng.com hw-cdn2.adtng.com — Cisco Umbrella Rank: 8360	54 KB
1	verajohn.com 1 redirects play.verajohn.com	370 B
35	15

	Domain	Requested by
5	www.google-analytics.com	1 redirects www.verajohncasino.com
4	www.facebook.com	www.verajohncasino.com
4	a2.adform.net	2 redirects www.verajohncasino.com
3	connect.facebook.net	www.verajohncasino.com connect.facebook.net
3	www.googletagmanager.com	www.verajohncasino.com www.googletagmanager.com
2	sync.atsptp.com	hw-cdn2.adtng.com
2	asia.adform.net	1 redirects www.verajohncasino.com
2	wa.onelink.me	websdk.appsflyer.com
2	edge.eu1.fullstory.com	www.verajohncasino.com edge.eu1.fullstory.com
2	www.verajohncasino.com
1	rs.eu1.fullstory.com	edge.eu1.fullstory.com
1	pixel.quantserve.com	www.verajohncasino.com
1	wa.appsflyer.com	websdk.appsflyer.com
1	pixel.prdredir.com	scripts.prdredir.com
1	rules.quantcount.com	secure.quantserve.com
1	hw-cdn2.adtng.com	www.googletagmanager.com
1	websdk.appsflyer.com	www.verajohncasino.com
1	secure.quantserve.com	www.verajohncasino.com
1	scripts.prdredir.com	www.verajohncasino.com
1	s2.adform.net	www.verajohncasino.com
1	play.verajohn.com	1 redirects
35	21

This site contains no links.

Subject Issuer	Validity	Valid
*.verajohncasino.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-11` - `2024-08-11`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
prdredir.com WE1	`2024-06-24` - `2024-09-22`	3 months	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.appsflyer.com Amazon RSA 2048 M03	`2024-02-04` - `2025-03-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-01` - `2024-07-30`	3 months	crt.sh
edge.eu1.fullstory.com WR3	`2024-06-30` - `2024-09-28`	3 months	crt.sh
*.adtng.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-07-26`	a year	crt.sh
*.onelink.me Amazon RSA 2048 M02	`2024-05-05` - `2025-06-02`	a year	crt.sh
rs.eu1.fullstory.com WR3	`2024-07-14` - `2024-10-12`	3 months	crt.sh
atsptp.com E6	`2024-06-12` - `2024-09-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.verajohncasino.com/
Frame ID: DE6C481577DDE8B5A4BDD20EA2ACD7A9
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vera&John | Restricted

Page URL History Show full URLs

https://play.verajohn.com/ HTTP 302
https://www.verajohncasino.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

35
Requests

89 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

5
Countries

655 kB
Transfer

1977 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://play.verajohn.com/ HTTP 302
https://www.verajohncasino.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google-analytics.com/g/collect?v=2&tid=G-E9R8VVFT7F&gtm=45je47h0v9118542631z876617595za200zb76617595&_p=1721717525304&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=73344764.1721717526&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721717526&sct=1&seg=0&dl=https%3A%2F%2Fwww.verajohncasino.com%2F&dt=Vera%26John%20%7C%20Restricted&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=1694&_z=fetch HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=73344764.1721717526&dbk=16040596848624790709&dma=0&en=page_view&gtm=45je47h0v9118542631z876617595za200zb76617595&npa=0&tid=G-E9R8VVFT7F&dl=https%3A%2F%2Fwww.verajohncasino.com%3F

Request Chain 18

https://asia.adform.net/Serving/TrackPoint/?pm=2551712&ADFPageName=Catch%20All&ADFdivider=%7C&ord=144713146821&ADFtpmode=2&itm=eyJzdjEiOiI8aW5zZXJ0IHN2MSB2YWx1ZSBoZXJlPiJ9&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24 HTTP 302
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2551712&ADFPageName=Catch%20All&ADFdivider=%7C&ord=144713146821&ADFtpmode=2&itm=eyJzdjEiOiI8aW5zZXJ0IHN2MSB2YWx1ZSBoZXJlPiJ9&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24

Request Chain 19

https://a2.adform.net/Serving/TrackPoint/?pm=2905160&ADFPageName=Home%20Page&ADFdivider=%7C&ord=911941075024&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2905160&ADFPageName=Home%20Page&ADFdivider=%7C&ord=911941075024&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24

Request Chain 20

https://a2.adform.net/Serving/TrackPoint/?pm=2905160&ADFPageName=Catch%20All&ADFdivider=%7C&ord=71921571197&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2905160&ADFPageName=Catch%20All&ADFdivider=%7C&ord=71921571197&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24

35 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

Primary Request / Show response
www.verajohncasino.com/
Redirect Chain

https://play.verajohn.com/
https://www.verajohncasino.com/

47 KB
35 KB

296ms
133ms

Document
text/html

104.18.32.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.verajohncasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c7c27328349caaf5379fa2355d1829c4fd25e27351554a48426299a541931d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=15
cf-ray: 8a79bee41fc30e53-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 Jul 2024 06:52:05 GMT
expires: Tue, 23 Jul 2024 06:52:20 GMT
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8a79bee2bd930e6f-MXP
content-length: 143
content-type: text/html
date: Tue, 23 Jul 2024 06:52:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://www.verajohncasino.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 480 KB
119 KB 496ms
76ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK6GHKF

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0b57a13fe0a72726100d6d2c06d7ab557d38cda054d9df77a2450ac8264f6b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121521
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Jul 2024 06:52:05 GMT

GET
DATA 200
OK truncated
/ 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8a1a09ca6bcabb09edfa830eba078cf878418b76f32bb030dc419bbc0a8e80c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dbba65ea90939f3c5a13788de89f6456c5f0a01b56f4a71c5a7cc0b5753a77e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
99 KB 130ms
119ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5QWBMJ8SMD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6GHKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

eb6621b11ba25e329a5076a0aae09838f91204119462e051d29c90771c2d7cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101171
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 06:52:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
90 KB 96ms
89ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E9R8VVFT7F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6GHKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d900339ccfd64e69ef2a9540942655d283b24ddafd9526516d9b06171547c47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 23 Jul 2024 06:52:06 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 80 KB
31 KB 491ms
173ms Script
application/javascript 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:06 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 07:02:31 GMT
server: nginx
x-amz-request-id: tx000007a6a6bdd57f74c56-0066964345-329773f2-default
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 k_verajohn.js Show response
scripts.prdredir.com/scripts/ 978 B
762 B 802ms
232ms Script
text/javascript 104.18.31.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_verajohn.js
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb18cc46b73cbcc7da74feeac46b78a30e41b3445a4e8875f682107b478f52d4

Request headers

Referer
Origin: https://www.verajohncasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.032632
date: Tue, 23 Jul 2024 06:52:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"eb18cc46b73cbcc7da74feeac46b78a3"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a79beedd8804beb-MXP
x-request-id: 7db821c9-cc9a-4038-b94f-a02264409c13

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 685ms
116ms Script
application/javascript 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:06 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 30 Jul 2024 06:52:06 GMT

GET
H2 200 / Show response
websdk.appsflyer.com/ 51 KB
14 KB 489ms
186ms Script
application/javascript 18.245.60.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-28.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce6d7f008824d9f6af00150bf70a49369a24381165b5808efa74e68518e6d58d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:27:02 GMT
content-encoding: br
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 06:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 1505
x-amz-server-side-encryption: AES256
etag: W/"ad6e8ace01357e7c84957fc6fc296d42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 51CNx2wdrt6WsTt2Hsh2dAfNNZrL7vVAL8XbUZb6ecS7E_CjOPU_Vw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 615ms
49ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 06:52:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=14, mss=1288, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 9aB75QVT0Yxoz4cmYqk08A/UjhJ+2lCwazpac4r5treeIEsT5OA+OMR8+Z7K64/k1heE1lvZDbIHMnL/CaGHLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.eu1.fullstory.com/s/ 281 KB
76 KB 487ms
201ms Script
application/javascript 34.120.240.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.eu1.fullstory.com/s/fs.js
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.240.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.240.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 584b0c5a70dd36b502b998fd6dd74bbc19e4f956241f9bdc220906e9f52cc672

Request headers

Referer
Origin: https://www.verajohncasino.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:51:56 GMT
content-encoding: br
age: 10
x-guploader-uploadid: ACJd0NpcOl6E4ne9WS1z_YGjN1zV40IF3uL9CIshSJBCjX-EFdQeRL7zhiZ3fEIxFxLqorYDegq_1h6zzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77295
last-modified: Wed, 17 Jul 2024 16:21:26 GMT
server: UploadServer
etag: "095e0583b9f0b77dcfabda986e21c5e4"
vary: Accept-Encoding
x-goog-generation: 1721233286285093
x-goog-hash: crc32c=oVnvFg==, md5=CV4Fg7nwt33Pq9qYbiHF5A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 77295
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 23 Jul 2024 07:51:56 GMT

GET
H2 200 idsync.min.js Show response
hw-cdn2.adtng.com/delivery/idsync/ 53 KB
54 KB 485ms
186ms Script
application/javascript 66.254.122.39
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6GHKF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.122.39 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 96c3e540c808068a73164179ad0e1cbdefd4a4415b1d5c4fa953af833977e401

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:06 GMT
last-modified: Thu, 27 Jun 2024 13:47:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10378322
x-cdn-diag: fra1-11001-1-20367-h-0-0---;11045-46-2123163----0-0-0
accept-ranges: bytes
content-length: 54565
expires: Fri, 25 Oct 2024 16:43:39 GMT

GET
H2

204

https://www.google-analytics.com/g/collect?v=2&tid=G-E9R8VVFT7F&gtm=45je47h0v9118542631z876617595za200zb76617595&_p=1721717525304&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=73344764.1721717526&ul=it-...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=73344764.1721717526&dbk=16040596848624790709&dma=0&en=page_view&gtm=45je47h0v9118542631z876617595za200zb76617595&npa=0&...

0
0

64ms
45ms

Fetch
text/plain

142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=73344764.1721717526&dbk=16040596848624790709&dma=0&en=page_view&gtm=45je47h0v9118542631z876617595za200zb76617595&npa=0&tid=G-E9R8VVFT7F&dl=https%3A%2F%2Fwww.verajohncasino.com%3F
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=73344764.1721717526&dbk=16040596848624790709&dma=0&en=page_view&gtm=45je47h0v9118542631z876617595za200zb76617595&npa=0&tid=G-E9R8VVFT7F&dl=https%3A%2F%2Fwww.verajohncasino.com%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 485
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 844ms
33ms Fetch
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5QWBMJ8SMD&gtm=45je47h0v9121860487z876617595za200zb76617595&_p=1721717525304&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=73344764.1721717526&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721717526&sct=1&seg=0&dl=https%3A%2F%2Fwww.verajohncasino.com%2F&dt=Vera%26John%20%7C%20Restricted&en=page_view&_fv=1&_ss=1&ep.page_url=https%3A%2F%2Fwww.verajohncasino.com%2F&ep.hash_fragment=%2F&up.current_state=&up.current_state_hit=&up.supplier=&up.referrer=&tfd=1795&_z=fetch
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.verajohncasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 705ms
32ms Fetch
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5QWBMJ8SMD&gtm=45je47h0v9121860487z876617595za200zb76617595&_p=1721717525304&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=73344764.1721717526&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1721717526&sct=1&seg=0&dl=https%3A%2F%2Fwww.verajohncasino.com%2F&dt=Vera%26John%20%7C%20Restricted&en=start_position&ep.page_url=https%3A%2F%2Fwww.verajohncasino.com%2F&ep.hash_fragment=%2F&ep.label_event=Landscape&_et=37&tfd=1930&_z=fetch
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.verajohncasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 onelink Show response
wa.onelink.me/v1/ 13 B
368 B 434ms
85ms XHR
application/json 18.173.205.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-115.fra56.r.cloudfront.net
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:07 GMT
via: 1.1 506bffda4b1949c4425629ce0bdce052.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.verajohncasino.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 13
x-amz-cf-id: tUe9GpFIzCuJyK-sHYEwWO1Iiltb3oAo83KTQ9z1Jj3XAilObS802w==

GET
H2 200 rules-p-kSNkdxu0sXy54.js Show response
rules.quantcount.com/ 3 KB
1 KB 658ms
54ms Script
application/javascript 18.66.102.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-kSNkdxu0sXy54.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94aa97d9b5c5a14935860d1f8bf3869412001e73d9fe91cc3b06531eb6b3c3a3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:28:03 GMT
content-encoding: gzip
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:29:02 GMT
server: AmazonS3
etag: W/"d5e08a027244b621bd8aec71dfa242d9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 3GbzSP8DTWPtEL9jYvOUez1Po_aIV0Ekma2nO3jU1uUxyzlG8xkEvQ==

GET
H2 200 verajohn Show response
pixel.prdredir.com/rtg/sync/ 0
180 B 732ms
197ms Script
text/javascript 104.18.30.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.prdredir.com/rtg/sync/verajohn?lp=https%3A%2F%2Fwww.verajohncasino.com%2F&ref=&ts=1721717527
Requested by: Host: scripts.prdredir.com
URL: https://scripts.prdredir.com/scripts/k_verajohn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.verajohncasino.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.016565
date: Tue, 23 Jul 2024 06:52:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8a79bef32fecba8b-MXP
content-length: 0
x-request-id: b32b7a72-c841-468d-a1c9-f6d118146c62

GET
H2

200

/ Show response
asia.adform.net/Serving/TrackPoint/
Redirect Chain

https://asia.adform.net/Serving/TrackPoint/?pm=2551712&ADFPageName=Catch%20All&ADFdivider=%7C&ord=144713146821&ADFtpmode=2&itm=eyJzdjEiOiI8aW5zZXJ0IHN2MSB2YWx1ZSBoZXJlPiJ9&loc=https%3A%2F%2Fwww.ver...
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2551712&ADFPageName=Catch%20All&ADFdivider=%7C&ord=144713146821&ADFtpmode=2&itm=eyJzdjEiOiI8aW5zZXJ0IHN2MSB2YWx1ZSBoZXJlPiJ9&loc=https%3A%2F%2Fww...

110 B
713 B

288ms
286ms

Script
text/javascript

185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2551712&ADFPageName=Catch%20All&ADFdivider=%7C&ord=144713146821&ADFtpmode=2&itm=eyJzdjEiOiI8aW5zZXJ0IHN2MSB2YWx1ZSBoZXJlPiJ9&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0052e595226afdfc2fb5dd9f226c8b9ec8d467b872d6ddc10137a8bb2d7c0619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 184
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2551712&ADFPageName=Catch%20All&ADFdivider=%7C&ord=144713146821&ADFtpmode=2&itm=eyJzdjEiOiI8aW5zZXJ0IHN2MSB2YWx1ZSBoZXJlPiJ9&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2905160&ADFPageName=Home%20Page&ADFdivider=%7C&ord=911941075024&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2905160&ADFPageName=Home%20Page&ADFdivider=%7C&ord=911941075024&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1...

110 B
713 B

169ms
164ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2905160&ADFPageName=Home%20Page&ADFdivider=%7C&ord=911941075024&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ab8b32163c95870a6c4595741968ee41cfede9644a4a91be60e5d4c3a744fb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 184
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2905160&ADFPageName=Home%20Page&ADFdivider=%7C&ord=911941075024&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2905160&ADFPageName=Catch%20All&ADFdivider=%7C&ord=71921571197&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2905160&ADFPageName=Catch%20All&ADFdivider=%7C&ord=71921571197&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x12...

110 B
713 B

170ms
164ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2905160&ADFPageName=Catch%20All&ADFdivider=%7C&ord=71921571197&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

44761bc00aceaf915b845720f52a99ee1df01c755d5d6e82648ea6701e1a1506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 184
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2905160&ADFPageName=Catch%20All&ADFdivider=%7C&ord=71921571197&ADFtpmode=2&loc=https%3A%2F%2Fwww.verajohncasino.com%2F&Set1=it-IT%7Cit-IT%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

POST
H2 200 events Show response
wa.appsflyer.com/ 82 B
541 B 430ms
101ms XHR
application/json 18.66.112.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=3cd00933-521a-4aad-bbc1-6df8234a5c9d
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-5.fra56.r.cloudfront.net
Software: /
Resource Hash: f299d2a09075c07f3c58a83aba883ff16e83033f1d4dcc2b482afeae851d871c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 23 Jul 2024 06:52:08 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.verajohncasino.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 82
x-amz-cf-id: cLKCraPgDs57oAsyI9sQPO38EOyPbG--iMAbv0b0hhPSu2EcAIhcLQ==

GET
H2 200 822231972794792 Show response
connect.facebook.net/signals/config/ 60 KB
13 KB 151ms
148ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/822231972794792?v=2.9.162&r=stable&domain=www.verajohncasino.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

341e12bbb8a3b557b99bf3d8c1b21e4a9a0dc396d0c97477df80f1d07ea602a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 06:52:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=63, mss=1288, tbw=64222, tp=-1, tpl=-1, uplat=78, ullat=0
pragma: public
x-fb-debug: i8isInqTvK9v6eJQM93iebjJGa12tvjaGu2acwgrS7puIFd2sLo6mJufTQoMPB227lPXUMS53CjndSULU1mVQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web Show response
edge.eu1.fullstory.com/s/settings/o-2X61-eu1/v1/ 10 KB
3 KB 94ms
70ms XHR
application/json 34.120.240.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.eu1.fullstory.com/s/settings/o-2X61-eu1/v1/web
Requested by: Host: edge.eu1.fullstory.com
URL: https://edge.eu1.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.240.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.240.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8b8f66d9db9fd1498a0d33e442044993f34a59534ee2e03e67cbf94fce9c4b41

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:51:23 GMT
content-encoding: gzip
age: 44
x-guploader-uploadid: ACJd0Nrm91tgiv3u03uFBpLWPBdnUtsxg8rjibbRC0QFed6joguVP04hxNY1FI6765jvVfpCcrYGh87U5Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2306
last-modified: Tue, 23 Jul 2024 06:51:07 GMT
server: UploadServer
etag: "5d423c87b4c8107a8fd472d904d88bb6"
x-goog-generation: 1721715367892208
x-goog-hash: crc32c=DJZmBQ==, md5=XUI8h7TIEHqP1HLZBNiLtg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 2306
accept-ranges: bytes
content-type: application/json
expires: Tue, 23 Jul 2024 07:06:23 GMT

GET
H2 200 pixel;r=249667822;labels=_fp.event.Default;rf=0;a=p-kSNkdxu0sXy54;url=https%3A%2F%2Fwww.verajohncasino.com%2F;uht=2;fpan=1;fpa=P0-2138614431-1721717527001;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-202407031...
pixel.quantserve.com/ 35 B
516 B 84ms
63ms Image
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=249667822;labels=_fp.event.Default;rf=0;a=p-kSNkdxu0sXy54;url=https%3A%2F%2Fwww.verajohncasino.com%2F;uht=2;fpan=1;fpa=P0-2138614431-1721717527001;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;ref=;d=verajohncasino.com;dst=1;et=1721717527908;tzo=-120;ogl=;ses=73503bd2-2622-47fb-abb4-dcfdea838650;mdl=

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:07 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["XIs9cXuHhiR3L4rY6hRZdQ=="],"pcode":["p-kSNkdxu0sXy54"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 828171075756011 Show response
connect.facebook.net/signals/config/ 31 KB
5 KB 166ms
160ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/828171075756011?v=2.9.162&r=stable&domain=www.verajohncasino.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C223%2C157%2C113%2C129%2C117%2C146

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

c42abb6b1389d0c5546983fe8c58a99b1f69821bdf9e0adb8c64e5249111743c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jul 2024 06:52:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=76, mss=1288, tbw=77503, tp=-1, tpl=-1, uplat=92, ullat=0
pragma: public
x-fb-debug: nZ7bU+mfqGDs+sNbIuwRiTAr4AEm+k3PRdil8+cfuLzUKg9/cYJYkBkB2AckF9NjWUbFhAbRluyc/QuY8ouL4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 485ms
49ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=822231972794792&ev=PageView&dl=https%3A%2F%2Fwww.verajohncasino.com%2F&rl=&if=false&ts=1721717528106&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721717528078.235916025570939266&ler=empty&cdl=API_unavailable&it=1721717527805&coo=false&rqm=GET

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1288, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 23 Jul 2024 06:52:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 523ms
87ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=822231972794792&ev=PageView&dl=https%3A%2F%2Fwww.verajohncasino.com%2F&rl=&if=false&ts=1721717528106&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721717528078.235916025570939266&ler=empty&cdl=API_unavailable&it=1721717527805&coo=false&rqm=FGET

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 23 Jul 2024 06:52:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394720476498722206", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=13, mss=1288, tbw=3194, tp=-1, tpl=-1, uplat=43, ullat=0
pragma: no-cache
x-fb-debug: hdlpM5vwhnlXwrC9+iIlOfMTYRQDmiLo4jJ3cGPD/Vsk+Zymkt8TNBPLK2vkp1VlVlDQFAC8SIywrqZ//XQhPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394720476498722206"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 202 page Show response
rs.eu1.fullstory.com/rec/ 84 B
287 B 283ms
79ms XHR
text/plain 34.111.214.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.eu1.fullstory.com/rec/page

Requested by

Host: edge.eu1.fullstory.com
URL: https://edge.eu1.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.214.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.214.111.34.bc.googleusercontent.com

Software

Resource Hash

ccbe3d98fca656f1f7748f1c365d512d836b0575aabd4e538ab3a3d210d0e012

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jul 2024 06:52:08 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.verajohncasino.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84

GET
H2 200 onelink Show response
wa.onelink.me/v1/ 51 B
513 B 97ms
94ms XHR
application/json 18.173.205.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink?af_id=d0f23c8c-a2cc-4fbd-ab33-b9ac69272924-p
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-115.fra56.r.cloudfront.net
Software: /
Resource Hash: 7e07a9bcd3d8b1d8a78ca6e6b93dfc3283fc34854b49691c17abb768179bc2d4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:08 GMT
via: 1.1 506bffda4b1949c4425629ce0bdce052.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.verajohncasino.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 51
x-amz-cf-id: GPdQNHrGYoMVdXh5AHpXiF_eQ0v3nr90-w92JH06znoaEmzNbg_2Gw==

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 256ms
51ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=828171075756011&ev=PageView&dl=https%3A%2F%2Fwww.verajohncasino.com%2F&rl=&if=false&ts=1721717528354&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721717528078.235916025570939266&ler=empty&cdl=API_unavailable&cs_est=true&it=1721717527805&coo=false&rqm=GET

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1288, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 23 Jul 2024 06:52:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1023 B 300ms
95ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=828171075756011&ev=PageView&dl=https%3A%2F%2Fwww.verajohncasino.com%2F&rl=&if=false&ts=1721717528354&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721717528078.235916025570939266&ler=empty&cdl=API_unavailable&cs_est=true&it=1721717527805&coo=false&rqm=FGET

Requested by

Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 23 Jul 2024 06:52:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394720476793430523", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=13, mss=1288, tbw=6166, tp=-1, tpl=-1, uplat=40, ullat=0
pragma: no-cache
x-fb-debug: hdG61X22SlUfb8ywOsFcdIK45hPuFoFjLL6Z08QQwJitvH6MCQxvjFPW4sRMdUkWfljeUlRQumNcpUR2FetytQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394720476793430523"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b6a74176701ee922fa3483d60a52206a Show response
sync.atsptp.com/d/jsfp/ 36 B
563 B 384ms
188ms XHR
text/plain 66.254.114.220
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.atsptp.com/d/jsfp/b6a74176701ee922fa3483d60a52206a
Requested by: Host: hw-cdn2.adtng.com
URL: https://hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.220 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: /
Resource Hash: a7ead9e690dea2efeffd227cd839bb6cd726b0ccfff6afba075e937b28b0723a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:08 GMT
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-trace: 2B1747C2CA1A9557F05AB1DB4BB987D13FB1B7433E000000000000000000
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.verajohncasino.com
access-control-allow-credentials: true
content-length: 36

GET
H2 403 favicon.ico
www.verajohncasino.com/ 47 KB
35 KB 81ms
80ms Other
text/html 104.18.32.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.verajohncasino.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10c7c27328349caaf5379fa2355d1829c4fd25e27351554a48426299a541931d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.verajohncasino.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 06:52:08 GMT
content-encoding: gzip
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=15
cf-ray: 8a79befa6b6f0e53-MXP
expires: Tue, 23 Jul 2024 06:52:23 GMT

POST
H2 200 5935b8b7-c564-a042-0ad9-7d9c93293f05 Show response
sync.atsptp.com/link/5935b8b7-c564-a042-0ad9-7d9c93293f05/origin/a/oldd/ 36 B
562 B 193ms
179ms XHR
text/plain 66.254.114.220
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.atsptp.com/link/5935b8b7-c564-a042-0ad9-7d9c93293f05/origin/a/oldd/5935b8b7-c564-a042-0ad9-7d9c93293f05
Requested by: Host: hw-cdn2.adtng.com
URL: https://hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.220 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: /
Resource Hash: a7ead9e690dea2efeffd227cd839bb6cd726b0ccfff6afba075e937b28b0723a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 23 Jul 2024 06:52:09 GMT
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-trace: 2BBBE1147878915CFC9E31A422D4995E1CA971EDE9000000000000000000
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.verajohncasino.com
access-control-allow-credentials: true
content-length: 36

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 289ms
289ms Fetch
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5QWBMJ8SMD&gtm=45je47h0v9121860487za200zb76617595&_p=1721717525304&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=73344764.1721717526&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1721717526&sct=1&seg=0&dl=https%3A%2F%2Fwww.verajohncasino.com%2F&dt=Vera%26John%20%7C%20Restricted&en=scroll&ep.page_url=https%3A%2F%2Fwww.verajohncasino.com%2F&ep.hash_fragment=%2F&epn.percent_scrolled=90&_et=25&tfd=6931&_z=fetch
Requested by: Host: www.verajohncasino.com
URL: https://www.verajohncasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jul 2024 06:52:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.verajohncasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.verajohncasino.com/	1970-01-20 22:15:19	Name: __cf_bm Value: 4VDbGy0SH5GUn.qtHpRnPhIvcTWIdd1_1xx7AHsWxs0-1721717525-1.0.1.1-EblLnPkPfwzmo1taL0lyP9WWH0et_UgwUf06Xwewlucm9sQ6GG6BD6T9N2aVDOgIHj5FI94WmMNEKtb7k.cMGA
.verajohncasino.com/	1970-01-21 00:24:53	Name: _gcl_au Value: 1.1.323673618.1721717526
.verajohncasino.com/	1970-01-21 07:51:17	Name: _ga_E9R8VVFT7F Value: GS1.1.1721717526.1.0.1721717526.0.0.0
.verajohncasino.com/	1970-01-21 07:51:17	Name: _ga Value: GA1.1.73344764.1721717526
.verajohncasino.com/	1970-01-21 07:51:17	Name: _ga_5QWBMJ8SMD Value: GS1.1.1721717526.1.0.1721717526.0.0.0
.adform.net/	1970-01-20 22:59:55	Name: C Value: 1
.adform.net/	1970-01-20 23:41:41	Name: uid Value: 8378127886345123169
.quantserve.com/	1970-01-21 07:45:31	Name: mc Value: 669f5317-ed3fc-15474-0ab60
.verajohncasino.com/	1970-01-21 07:39:46	Name: __qca Value: P0-2138614431-1721717527001
.verajohncasino.com/	1970-01-21 00:24:53	Name: _fbp Value: fb.1.1721717528078.235916025570939266
.appsflyer.com/	1970-01-21 07:44:05	Name: af_id Value: d0f23c8c-a2cc-4fbd-ab33-b9ac69272924-p
.verajohncasino.com/	1970-01-21 07:51:17	Name: afUserId Value: d0f23c8c-a2cc-4fbd-ab33-b9ac69272924-p
.onelink.me/	1970-01-21 07:51:17	Name: af_id Value: d0f23c8c-a2cc-4fbd-ab33-b9ac69272924-p
.verajohncasino.com/	1970-01-20 22:25:22	Name: AF_SYNC Value: 1721717528355
.verajohncasino.com/	1969-12-31 23:59:59	Name: d_fs Value: 1
.verajohncasino.com/	1970-01-20 22:58:29	Name: d_uid Value: 5935b8b7-c564-a042-0ad9-7d9c93293f05
.verajohncasino.com/	1970-01-20 22:58:29	Name: d_uidb Value: 5935b8b7-c564-a042-0ad9-7d9c93293f05

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.verajohncasino.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.verajohncasino.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.adform.net
asia.adform.net
connect.facebook.net
edge.eu1.fullstory.com
hw-cdn2.adtng.com
pixel.prdredir.com
pixel.quantserve.com
play.verajohn.com
rs.eu1.fullstory.com
rules.quantcount.com
s2.adform.net
scripts.prdredir.com
secure.quantserve.com
sync.atsptp.com
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.verajohncasino.com
104.18.242.229
104.18.30.27
104.18.31.27
104.18.32.76
142.250.181.232
142.250.185.78
157.240.252.13
157.240.252.35
18.173.205.115
18.245.60.28
18.66.102.66
18.66.112.5
185.167.164.39
185.84.60.23
34.111.214.180
34.120.240.48
37.157.6.245
66.254.114.220
66.254.122.39
91.228.74.244
0052e595226afdfc2fb5dd9f226c8b9ec8d467b872d6ddc10137a8bb2d7c0619
0b57a13fe0a72726100d6d2c06d7ab557d38cda054d9df77a2450ac8264f6b82
10c7c27328349caaf5379fa2355d1829c4fd25e27351554a48426299a541931d
2dbba65ea90939f3c5a13788de89f6456c5f0a01b56f4a71c5a7cc0b5753a77e
341e12bbb8a3b557b99bf3d8c1b21e4a9a0dc396d0c97477df80f1d07ea602a2
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
44761bc00aceaf915b845720f52a99ee1df01c755d5d6e82648ea6701e1a1506
584b0c5a70dd36b502b998fd6dd74bbc19e4f956241f9bdc220906e9f52cc672
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
7e07a9bcd3d8b1d8a78ca6e6b93dfc3283fc34854b49691c17abb768179bc2d4
8b8f66d9db9fd1498a0d33e442044993f34a59534ee2e03e67cbf94fce9c4b41
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
94aa97d9b5c5a14935860d1f8bf3869412001e73d9fe91cc3b06531eb6b3c3a3
96c3e540c808068a73164179ad0e1cbdefd4a4415b1d5c4fa953af833977e401
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a7ead9e690dea2efeffd227cd839bb6cd726b0ccfff6afba075e937b28b0723a
a8a1a09ca6bcabb09edfa830eba078cf878418b76f32bb030dc419bbc0a8e80c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab8b32163c95870a6c4595741968ee41cfede9644a4a91be60e5d4c3a744fb16
c42abb6b1389d0c5546983fe8c58a99b1f69821bdf9e0adb8c64e5249111743c
ccbe3d98fca656f1f7748f1c365d512d836b0575aabd4e538ab3a3d210d0e012
ce6d7f008824d9f6af00150bf70a49369a24381165b5808efa74e68518e6d58d
d900339ccfd64e69ef2a9540942655d283b24ddafd9526516d9b06171547c47a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eb18cc46b73cbcc7da74feeac46b78a30e41b3445a4e8875f682107b478f52d4
eb6621b11ba25e329a5076a0aae09838f91204119462e051d29c90771c2d7cd2
f299d2a09075c07f3c58a83aba883ff16e83033f1d4dcc2b482afeae851d871c

www.verajohncasino.com Open in urlscan Pro 104.18.32.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

89 %HTTPS

0 %IPv6

15 Domains

21 Subdomains

20 IPs

5 Countries

655 kBTransfer

1977 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.verajohncasino.com Open in urlscan Pro
104.18.32.76 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

89 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

20
IPs

5
Countries

655 kB
Transfer

1977 kB
Size

17
Cookies

35 HTTP transactions
2 data transactions