Submitted URL: https://storage.googleapis.com/soukglobally/mdsjl3.html#redirect.php/c17831poefA5020375Vkpf715ncB8566OYib1002
Effective URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Submission: On March 10 via api from BE — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3030::ac43:97eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is harvestrains.live.
TLS certificate: Issued by GTS CA 1P5 on February 27th 2023. Valid for: 3 months.
This is the only time harvestrains.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 2 94.102.4.223 51559 (NETINTERN...)
1 195.54.167.231 49392 (ASBAXETN)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
28 8
Apex Domain
Subdomains
Transfer
15 harvestrains.live
harvestrains.live
210 KB
5 trk-epicurei.com
trk-epicurei.com — Cisco Umbrella Rank: 161831
event.trk-epicurei.com — Cisco Umbrella Rank: 212669
3 KB
3 gstatic.com
fonts.gstatic.com
68 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 396
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 305
35 KB
2 arfiandi.me
emanhtap.arfiandi.me
597 B
1 gridlockgates.com
gridlockgates.com
708 B
1 microfilmnsaps.com
microfilmnsaps.com
421 B
28 7
Domain Requested by
15 harvestrains.live microfilmnsaps.com
harvestrains.live
4 event.trk-epicurei.com trk-epicurei.com
3 fonts.gstatic.com fonts.googleapis.com
2 emanhtap.arfiandi.me 1 redirects storage.googleapis.com
1 trk-epicurei.com harvestrains.live
1 ajax.googleapis.com harvestrains.live
1 fonts.googleapis.com harvestrains.live
1 gridlockgates.com 1 redirects
1 microfilmnsaps.com emanhtap.arfiandi.me
1 storage.googleapis.com
28 10

This site contains links to these domains. Also see Links.

Domain
www.gambleaware.co.uk
www.gamcare.org.uk
Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
microfilmnsaps.com
R3
2023-02-17 -
2023-05-18
3 months crt.sh
*.harvestrains.live
GTS CA 1P5
2023-02-27 -
2023-05-28
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-07 -
2024-02-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Frame ID: F037130DDF8D14FE076AEED08AC0F5DF
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

TitanSpins

Page URL History Show full URLs

  1. https://storage.googleapis.com/soukglobally/mdsjl3.html Page URL
  2. http://emanhtap.arfiandi.me/redirect.php/c17831poefA5020375Vkpf715ncB8566OYib1002 Page URL
  3. http://emanhtap.arfiandi.me/track/c17831poefA5020375Vkpf715ncB8566OYib1002 HTTP 302
    https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-715-8566 Page URL
  4. https://gridlockgates.com/?s1=350977&s2=942798010&s3=2383&s10=1403 HTTP 302
    https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

8
IPs

4
Countries

317 kB
Transfer

5214 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/soukglobally/mdsjl3.html Page URL
  2. http://emanhtap.arfiandi.me/redirect.php/c17831poefA5020375Vkpf715ncB8566OYib1002 Page URL
  3. http://emanhtap.arfiandi.me/track/c17831poefA5020375Vkpf715ncB8566OYib1002 HTTP 302
    https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-715-8566 Page URL
  4. https://gridlockgates.com/?s1=350977&s2=942798010&s3=2383&s10=1403 HTTP 302
    https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://emanhtap.arfiandi.me/track/c17831poefA5020375Vkpf715ncB8566OYib1002 HTTP 302
  • https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-715-8566

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
mdsjl3.html
storage.googleapis.com/soukglobally/
274 B
857 B
Document
General
Full URL
https://storage.googleapis.com/soukglobally/mdsjl3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3416
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
274
content-type
text/html
date
Fri, 10 Mar 2023 16:39:38 GMT
etag
"ac1ca4e8ee8e94cba92eb2562ae317d4"
expires
Fri, 10 Mar 2023 17:39:38 GMT
last-modified
Wed, 22 Jun 2022 16:59:20 GMT
server
UploadServer
x-goog-generation
1655917160797467
x-goog-hash
crc32c=1MKBPA== md5=rByk6O6OlMupLrJWKuMX1A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
274
x-guploader-uploadid
ADPycdtEb_amak00Uq1LMgJ3vTR2k21YOpu7Wo5TFZyuH8fgFXGuVlTx6Orw1hT1602ze_toUcEucGP1IPoQ-wh7qZnik2I27jYB
c17831poefA5020375Vkpf715ncB8566OYib1002
emanhtap.arfiandi.me/redirect.php/
253 B
370 B
Document
General
Full URL
http://emanhtap.arfiandi.me/redirect.php/c17831poefA5020375Vkpf715ncB8566OYib1002
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/soukglobally/mdsjl3.html
Protocol
HTTP/1.1
Server
94.102.4.223 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
enviro.concept-websites.co.uk
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
253
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Mar 2023 17:29:17 GMT
5020375-715-8566
microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/
Redirect Chain
  • http://emanhtap.arfiandi.me/track/c17831poefA5020375Vkpf715ncB8566OYib1002
  • https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-715-8566
129 B
421 B
Document
General
Full URL
https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-715-8566
Requested by
Host: emanhtap.arfiandi.me
URL: http://emanhtap.arfiandi.me/redirect.php/c17831poefA5020375Vkpf715ncB8566OYib1002
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.167.231 , Russian Federation, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://emanhtap.arfiandi.me/redirect.php/c17831poefA5020375Vkpf715ncB8566OYib1002
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
129
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 17:36:36 GMT
server
Apache

Redirect headers

Content-Length
118
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Mar 2023 17:29:17 GMT
Location
https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-715-8566
Primary Request cd9ce326fe77cf76e9c3d04df56e02cf
harvestrains.live/
Redirect Chain
  • https://gridlockgates.com/?s1=350977&s2=942798010&s3=2383&s10=1403
  • https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
28 KB
8 KB
Document
General
Full URL
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Requested by
Host: microfilmnsaps.com
URL: https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-715-8566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3c750f455c28efcae778af469d426583d3eaee0a7224c1e8fc40f5d55f03b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://microfilmnsaps.com/0/0/0/6ae8cf5c680af87f82ba045b5c605fb7/6/1002-17831/5020375-715-8566
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a5d5227bb2a3611-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 17:36:37 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LN2NVn%2BlWZ7cGkAzqH%2FR34taSLU1%2BN%2FHsYZGc2T3iEFJf85CvA%2FJzQ5KjasTJQmls2UHAUK0fIZh6OV25dbYk%2FL84m6vSHNGSd%2FVpLjS2blNVSCR%2FK5fpY4scWFjtmFaVXNCKPbNHpRWr%2FyuBNeI%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7a5d52230fb93804-FRA
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 17:36:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnRsGwUrDwJrI%2FoU3mBzYL5tLinNZjwEvTpeLWOUeQzns%2FxIzc5GF%2FC50%2FtLtleWzSSY%2BFIxltJGfZSx1UBNVgHXih6MkWCay7Z%2FxZdG9SWQEjowvfp%2BVUIp5gbc5wrQwfjoexrRI%2BlpsTnId%2Bk%2FsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
harvestrains.live/fim/4156b5819c71e3d4b89c763589793769/
118 KB
20 KB
Stylesheet
General
Full URL
https://harvestrains.live/fim/4156b5819c71e3d4b89c763589793769/bootstrap.min.css
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v1/assets/bootstrap.min.css"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNgLZ8OtzO%2FVbh2VoD1v2rQNwy4fv9Ev6M89QsH2r7ViZMFabUDyyMNEbPIfnHM42HC2uu%2FCYrv1qGHOeV2ypj%2B1LnQnBw8bhMQeeeifvDU79tna3Mq88q7BCSoDoh%2F%2BoUtnr8M6YQOuJ2D5Kcxblg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5d522b094e3611-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
css
fonts.googleapis.com/
3 KB
869 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Mar 2023 17:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 17:36:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Mar 2023 17:36:37 GMT
style.css
harvestrains.live/fim/4156b5819c71e3d4b89c763589793769/
12 KB
3 KB
Stylesheet
General
Full URL
https://harvestrains.live/fim/4156b5819c71e3d4b89c763589793769/style.css?v1.05
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a040933cb5dc29937509e87e348bbbd111024182ad2a3109c4a711aaa05c1e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v1/assets/style.css"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU3zScOB8NgaUYjZq8KfaBEmC9TGY5Wwxngk7vzPHTagpKw1kCQMKzYZrIpD1efXyGQYNy%2B4q45%2FhySxIbQV7N%2B0UfTrc0MUyg5paAHRf75HY0A%2Bb3C9iBQre0oskm8XdMUmBvnQD2Jr8U4Tps4bBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5d522b09523611-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
msg.js
harvestrains.live/inc/
942 B
812 B
Script
General
Full URL
https://harvestrains.live/inc/msg.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79544
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 12:25:37 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRhwzWp0MWU52F7GHGkusdk6gTTctdb6QDiLQvLeHL8O0j8l7eCeBCEOJANLU9AkZO6yE11Z8JEMNaTSf0AQW4Pie7pGvQ7RZ8ajL7l7m0Rij6Ecy4%2FpYluwoj9j4n03h6T1wCtC8ZLV6yewBECX3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7a5d522b09563611-FRA
expires
Thu, 16 Mar 2023 19:30:53 GMT
b27e297bc1d220013549aa4cac2dc2d8.png
harvestrains.live/fim/1403/
39 KB
39 KB
Image
General
Full URL
https://harvestrains.live/fim/1403/b27e297bc1d220013549aa4cac2dc2d8.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39898
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 16:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5F9ER4Sn9aI%2B0Q0fb6pgnmGOO2Gx0xzVLIiFFTYpXaedp8i65ioU%2B9ayw0yeeVZXPTnUDGLQrHLalp9F%2BckrBTMocWhkK2u54NKHmyunhf0cZmc4u28B1nRvhikyt94sS29DUg16gAsCja1NZZXsPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5d522eec64bb3e-FRA
expires
Fri, 17 Mar 2023 17:36:38 GMT
dd791cfca48559f7b761f1682522ac30.png
harvestrains.live/fim/1403/
24 KB
25 KB
Image
General
Full URL
https://harvestrains.live/fim/1403/dd791cfca48559f7b761f1682522ac30.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24575
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 16:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHiBpJBl%2BR4v6deWb51EqCGFLvrUSCa6g4YrND8ohTsrta6vx1SK%2BBemRkxtc5T%2BlpY046NQohoGH8pRRwFsgP3N2R01z3sNzLgRlUREs%2F9BTIDVeJZsFfd7k0aRcsuaTdu21GDlnFmHNQFxTx0f3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5d522eec66bb3e-FRA
expires
Fri, 17 Mar 2023 17:36:38 GMT
8411f5b8f9c7f1611a73f48457fe01fe.png
harvestrains.live/fim/1403/
3 KB
4 KB
Image
General
Full URL
https://harvestrains.live/fim/1403/8411f5b8f9c7f1611a73f48457fe01fe.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3458
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 16:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIZF4WkDw%2BIYbXSGJuK0sDPaEXYCh6Pzyp7tPorkaoIDvIUxHQxFhLpToXwvhqNcqfLQ1EBYjhTF0nfsqvsdd2808I53Q4GNKPO7V9%2Ff5VvHyGryc2Ft7ePmombfCmvxAquIceg4qpkEBnc2RMDVWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5d522eec68bb3e-FRA
expires
Fri, 17 Mar 2023 17:36:38 GMT
7040583ecb2dd12546c0500b0489b427.png
harvestrains.live/fim/1403/
4 KB
4 KB
Image
General
Full URL
https://harvestrains.live/fim/1403/7040583ecb2dd12546c0500b0489b427.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3661
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 16:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY1P8EBm9B4PiUgL9gwX9YpZ8%2FvW3icXEswCVlkwIdtSK9E6pGb1uBRX3yyX3tzItPxiukF2gF9uq9pe98okZCTX6cLQg8yWKy2D51DptDgTHMhH2%2ByI1%2Bwr%2BabPPpZmDi%2F2Uv4XFKgDfBhXwHb4tA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5d522eec69bb3e-FRA
expires
Fri, 17 Mar 2023 17:36:38 GMT
652aa93471dbe74d954b45f28fb8d991.png
harvestrains.live/fim/1403/
4 KB
4 KB
Image
General
Full URL
https://harvestrains.live/fim/1403/652aa93471dbe74d954b45f28fb8d991.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3613
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 16:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i4W3v3VV3eO1GIrhxA0OxNw0B5Uo0WAZ9OV5jAiaHD%2BptDnWkN6KUsIaec9QicKefbP5RbGWHVN8KDJosT%2FR%2F9McjMs%2FVnZWXIdyppBG3lngbD1%2B4VqPkRCt1hDum1vDHRfwVEorP6%2B16rOL71CMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5d522eec6abb3e-FRA
expires
Fri, 17 Mar 2023 17:36:38 GMT
b6d8c75fe96f4743c95e793fcd79800e.png
harvestrains.live/fim/1403/
12 KB
12 KB
Image
General
Full URL
https://harvestrains.live/fim/1403/b6d8c75fe96f4743c95e793fcd79800e.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12169
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 16:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vW622SkNWcXOYaho%2B8O6Wm1Sy0pSUiBpeUwbYWAUcvGR3UZtLqt3OjvDDkUnGDPoQmwlTUjZnGtSLRjQ9AmGPq%2FEubhs4piIWIGf0KVGdiLEjDrtMl7EWTGrhJB%2Bvhwqs9VAVpv8CD95YRK0RuHNSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5d522eec6cbb3e-FRA
expires
Fri, 17 Mar 2023 17:36:38 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 10:35:38 GMT
bootstrap.js
harvestrains.live/fim/4156b5819c71e3d4b89c763589793769/
70 KB
16 KB
Script
General
Full URL
https://harvestrains.live/fim/4156b5819c71e3d4b89c763589793769/bootstrap.js?v=1.0
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d140144d75fee3c058ac806a2bc7f9fa4ecb778d00b31f02710513e61e71ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v1/assets/bootstrap.js"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DYrhWqLru3MQ4gNIDgFZlTjIPUotTGkZSnGK27XVi%2Bx4fWhM2ufkp365ohslECSM6QvbtowW6KViUArgj3qx7sc34KcomGVQ70GIXEDl3pLGJY695acx0BXvgovRtpYzE7t5Q5mPLYjcbzbJJbhVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5d522eec5cbb3e-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
common.js
harvestrains.live/fim/4156b5819c71e3d4b89c763589793769/
768 B
1 KB
Script
General
Full URL
https://harvestrains.live/fim/4156b5819c71e3d4b89c763589793769/common.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1669a1f2809856365657b64b61614f40ea490d99156733ec137cd55e095f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v1/assets/common.js"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lsf3y%2B4B2MnjWaV%2B4N4Dk%2Br7x0r%2BVWr3yelTOS28C3jnV4sNG7%2B%2BIcnGRpzVUQR8hWvG0BEaXbQMixqN7o1EBDuC5E32EaVkCy6p6bBvzu98z1VlVdsxxUlfXZSoL0ICSW49%2BlMgXhZP1suljhV1YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5d522eec60bb3e-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
v9e118mez8
trk-epicurei.com/scripts/push/
7 KB
3 KB
Script
General
Full URL
https://trk-epicurei.com/scripts/push/v9e118mez8
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1825
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 10 Mar 2023 17:06:13 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbKlnn7trYWZ7WFbNCTApmgCu8HvtC9VdJnYQog4U2gg2ihszHXzvchpZWXttUoTxmaf8y8A2ImJnUgmPBLQa4Kp72YMv6vHmaD2jx3YfZVE02PLd%2B7HrZRW3w5qus1ZZVNmrjhK%2BQ%2BkEJKApMH%2B"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5d522f18923737-FRA
expires
0
fa9091ca7827713419e9d65442c0b0c5.jpg
harvestrains.live/fim/1403/
71 KB
71 KB
Image
General
Full URL
https://harvestrains.live/fim/1403/fa9091ca7827713419e9d65442c0b0c5.jpg
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
72488
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 16:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jz4ZjE%2FptY1BpSalVNGq4MYSV%2BRe1ZwfpXUhFVXksdcwahTXe97pzRyRAMnm3G6xwkVevbqcH1n0KiG%2Bk2KJUa6arux1ZRtM5G0zNbD8uNQOxcKolFYHqyTvVlWjRDXN08yGi8eHOg3mOL6jnNLuaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5d522eec6dbb3e-FRA
expires
Fri, 17 Mar 2023 17:36:38 GMT
bf98efd6c91cefed0c36d1f257d04c58.png
harvestrains.live/fim/1403/
1 KB
2 KB
Image
General
Full URL
https://harvestrains.live/fim/1403/bf98efd6c91cefed0c36d1f257d04c58.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1312
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 16:55:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwForNRYvbtI1dGKGXsKqVsrj5pL10qsxf2bl9tOq%2Bk6zV1mAi6O3uXata5cnXtQY4y1x3QgDO9DLqYOWw5%2B7VMABC9WTmwAdBUWOztqFbm7t13uhG9m%2BvuyfQ1vGbg2FAQJ2q0oydulhmXXOkddeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5d522efc74bb3e-FRA
expires
Fri, 17 Mar 2023 17:36:38 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:09:33 GMT
x-content-type-options
nosniff
age
80825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 19:09:33 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 16:25:00 GMT
x-content-type-options
nosniff
age
177098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Mar 2024 16:25:00 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 21:47:53 GMT
x-content-type-options
nosniff
age
71325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 21:47:53 GMT
bg-video.mp4
harvestrains.live/views/casino/titanspins-casino-us-v1/assets/
5 MB
0
Media
General
Full URL
https://harvestrains.live/views/casino/titanspins-casino-us-v1/assets/bg-video.mp4
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 10 Mar 2023 17:36:38 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-4765376/4765377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4765377
x-xss-protection
1; mode=block
last-modified
Tue, 15 Feb 2022 20:06:20 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSzJOQsawR38K9sXnIsk7GJscHiw149%2BDQ9915bL56DKG9OICvm%2F6rOiBZ9W1zISjB5%2BYL7SfKjGhjq8kfvqul2OShSREt%2BpUkWvJq39LlOPvgoN0mPemSJaHGi0UIKMMC9e9xLZZGJFh2A7Ia2q%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7a5d522f0c8fbb3e-FRA
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 10 Mar 2023 17:36:39 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isD3Lbj%2Fyqc4EY1DVW9Zr288tmwOJoQ3IHqNSVhZsBxNZdIVTHm96RPxhLGWxb90Qheq%2F7DRgGTbCNEByYGDMMSlAwHyY9OEgR0eKKANbDuDladu3szuzwtqfCkSgGSUqjoJSU0uz3bPsFOgigQoR0xWnAM2"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5d5233b85468e5-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://harvestrains.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a5d52328ee968e5-FRA
content-length
0
date
Fri, 10 Mar 2023 17:36:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc1VCQ%2BA1DcmWvMtIu3g%2BQGrBAr%2FA1Yzontr0BGjhc%2FnoWS3HEYTqyHtagdXO4%2BD%2FFmwgcX8W8zPQHTX2DyEu5DDac2jTU6YjmaIzrAN998KEn0L%2FNb1g7Chd4VOHxqqFpsqKkiRyxbZt%2BQzQsUHNZyl0eTI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Fetch
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 10 Mar 2023 17:36:39 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xr8wbl2R22we%2FhZo2g8O2K91fve4Y2ybc2mOcLcxFqzGeBEUb2okmA4v4B%2BlKEBBBJitjCJTur7PJlaD%2BCF5LryXbIc92O6moM3MDEKUJ7yt39uXEF8DsoVdfbSrcBVMZ9mg3IZk40B%2F8vboWtSTaV4yiEVi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5d5233b85668e5-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/
0
0
Preflight
General
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://harvestrains.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a5d52328eec68e5-FRA
content-length
0
date
Fri, 10 Mar 2023 17:36:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bojsR9S8uwOPBDN6K7TQP6L0Om0vUk5D4LOWZyVGZw4R0PqVMtFoqoJEJFnRvceC9hYogdKGuofjmkbjhSEQo3VhRs2K35xAxVCI6k6TYD2Drz0zk5x9mq4BvQW8OFaJQDbz8vKf11Ti%2B0CwknhGxQW5g3Lu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| $ function| jQuery function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| backSubmit object| jQuery111309600398091287572

3 Cookies

Domain/Path Name / Value
microfilmnsaps.com/ Name: uid2383
Value: 942798010-20230310123636-19319c73e48507c62d19020b569ec526-
gridlockgates.com/ Name: PHPSESSID
Value: 6e486dabac8b401723d61ad06826e5e7
harvestrains.live/ Name: PHPSESSID
Value: 61613af0a436a4a2a3fda7d4d12e6487

1 Console Messages

Source Level URL
Text
other error URL: https://harvestrains.live/cd9ce326fe77cf76e9c3d04df56e02cf
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
emanhtap.arfiandi.me
event.trk-epicurei.com
fonts.googleapis.com
fonts.gstatic.com
gridlockgates.com
harvestrains.live
microfilmnsaps.com
storage.googleapis.com
trk-epicurei.com
195.54.167.231
2606:4700:3030::ac43:97eb
2606:4700:3037::ac43:d80a
2a00:1450:4001:803::2003
2a00:1450:4001:809::200a
2a00:1450:4001:811::2010
2a00:1450:4001:82b::200a
2a06:98c1:3120::3
94.102.4.223
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
85d140144d75fee3c058ac806a2bc7f9fa4ecb778d00b31f02710513e61e71ca
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
a040933cb5dc29937509e87e348bbbd111024182ad2a3109c4a711aaa05c1e7a
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67
d3c750f455c28efcae778af469d426583d3eaee0a7224c1e8fc40f5d55f03b64
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
fc1669a1f2809856365657b64b61614f40ea490d99156733ec137cd55e095f93
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d