Submitted URL: http://perboycenisthe.ml/?search=first
Effective URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Submission: On December 31 via api from US

Summary

This website contacted 40 IPs in 10 countries across 45 domains to perform 99 HTTP transactions. The main IP is 2606:4700:30::6812:366c, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is twoupcasinonew.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 14th 2019. Valid for: a year.
This is the only time twoupcasinonew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:30:... 13335 (CLOUDFLAR...)
1 213.208.154.14 1764 (NEXTLAYER-AS)
1 54.197.224.147 14618 (AMAZON-AES)
1 13.35.253.7 16509 (AMAZON-02)
1 2 216.25.32.226 13768 (COGECO-PEER1)
1 2620:12a:8000::1 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 184.31.90.118 20940 (AKAMAI-ASN1)
1 54.76.203.70 16509 (AMAZON-02)
2 219.90.66.200 18229 (CTRLS-AS-...)
1 2a04:4e42:3::367 54113 (FASTLY)
1 2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2620:11a:e002... 22300 (WIKIA)
1 151.101.14.133 54113 (FASTLY)
1 151.101.112.124 54113 (FASTLY)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 192.124.249.18 30148 (SUCURI-SEC)
1 74.207.29.189 25712 (CSIPADKY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.72.24.212 16509 (AMAZON-02)
1 184.31.91.231 20940 (AKAMAI-ASN1)
1 159.180.84.2 33047 (INSTART)
1 193.108.75.102 20705 (HSBC-UK)
2 2606:2800:233... 15133 (EDGECAST)
1 69.89.129.19 22976 (FIRST-CIT...)
1 149.126.77.252 19551 (INCAPSULA)
1 35.171.108.221 14618 (AMAZON-AES)
1 206.81.136.154 17150 (AFCU)
1 208.53.243.154 13576 (SDNW-13576)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 1 212.47.233.95 12876 (Online SAS)
1 1 212.32.250.9 60781 (LEASEWEB-...)
1 1 35.234.82.254 15169 (GOOGLE)
37 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:3::621 54113 (FASTLY)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
99 40
Apex Domain
Subdomains
Transfer
37 twoupcasinonew.com
twoupcasinonew.com
1 MB
8 tawk.to
embed.tawk.to
va.tawk.to
vs71.tawk.to
static-v.tawk.to
121 KB
5 googleapis.com
fonts.googleapis.com
3 KB
4 gstatic.com
fonts.gstatic.com
51 KB
4 perboycenisthe.ml
perboycenisthe.ml
34 KB
3 jsdelivr.net
cdn.jsdelivr.net
53 KB
3 google-analytics.com
www.google-analytics.com
18 KB
2 googletagmanager.com
www.googletagmanager.com
47 KB
2 churchofjesuschrist.org
newsroom.churchofjesuschrist.org
66 KB
2 idfcfirstbank.com
www.idfcfirstbank.com
2 ytimg.com
i.ytimg.com
281 KB
2 firstsolar.com
www.firstsolar.com
4 KB
1 google.de
www.google.de
109 B
1 google.com
www.google.com
201 B
1 doubleclick.net
stats.g.doubleclick.net
160 B
1 affalliance.com
go.affalliance.com
605 B
1 bxtmbz.pw
go.bxtmbz.pw
372 B
1 best24bet.ru
best24bet.ru
834 B
1 jquery.com
code.jquery.com
24 KB
1 firstsavingscc.com
firstsavingscc.com
1 americafirst.com
www.americafirst.com
71 KB
1 fitnessfirst.co.th
www.fitnessfirst.co.th
705 KB
1 firstsupply.com
www.firstsupply.com
33 KB
1 firsttechfed.com
www.firsttechfed.com
52 KB
1 firstcitizens.com
www.firstcitizens.com
18 KB
1 fitnessfirst.com.my
www.fitnessfirst.com.my
1 MB
1 firstdirect.com
www1.firstdirect.com
2 KB
1 zamimg.com
wow.zamimg.com
134 KB
1 firstrepublic.com
www.firstrepublic.com
11 KB
1 cambridge.org
dictionary.cambridge.org
10 KB
1 hdfcbank.com
www.hdfcbank.com
1 firsttexasbank.bank
www.firsttexasbank.bank
1 bankfirstwi.bank
bankfirstwi.bank
1 MB
1 wikimedia.org
upload.wikimedia.org
107 KB
1 vox-cdn.com
cdn.vox-cdn.com
29 KB
1 dictionary.com
www.dictionary.com
8 KB
1 nocookie.net
vignette.wikia.nocookie.net
227 KB
1 guim.co.uk
i.guim.co.uk
89 KB
1 firstgroup.com
www.firstgroup.com
46 KB
1 bankatfirst.com
www.bankatfirst.com
310 KB
1 first-online.bank
www.first-online.bank
93 KB
1 merriam-webster.com
merriam-webster.com
16 KB
1 firstinspires.org
www.firstinspires.org
45 KB
1 first.org
www.first.org
14 KB
0 firstcitizenstt.com Failed
www.firstcitizenstt.com Failed
99 45
Domain Requested by
37 twoupcasinonew.com perboycenisthe.ml
twoupcasinonew.com
5 fonts.googleapis.com twoupcasinonew.com
embed.tawk.to
4 fonts.gstatic.com twoupcasinonew.com
embed.tawk.to
4 perboycenisthe.ml perboycenisthe.ml
3 vs71.tawk.to embed.tawk.to
3 cdn.jsdelivr.net embed.tawk.to
3 www.google-analytics.com 1 redirects www.googletagmanager.com
twoupcasinonew.com
2 static-v.tawk.to embed.tawk.to
2 va.tawk.to embed.tawk.to
2 www.googletagmanager.com twoupcasinonew.com
2 newsroom.churchofjesuschrist.org 1 redirects
2 www.idfcfirstbank.com perboycenisthe.ml
2 i.ytimg.com perboycenisthe.ml
2 www.firstsolar.com 1 redirects
1 www.google.de twoupcasinonew.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 embed.tawk.to twoupcasinonew.com
1 go.affalliance.com 1 redirects
1 go.bxtmbz.pw 1 redirects
1 best24bet.ru 1 redirects
1 code.jquery.com perboycenisthe.ml
1 firstsavingscc.com perboycenisthe.ml
1 www.americafirst.com perboycenisthe.ml
1 www.fitnessfirst.co.th perboycenisthe.ml
1 www.firstsupply.com perboycenisthe.ml
1 www.firsttechfed.com perboycenisthe.ml
1 www.firstcitizens.com perboycenisthe.ml
1 www.fitnessfirst.com.my perboycenisthe.ml
1 www1.firstdirect.com perboycenisthe.ml
1 wow.zamimg.com perboycenisthe.ml
1 www.firstrepublic.com perboycenisthe.ml
1 dictionary.cambridge.org perboycenisthe.ml
1 www.hdfcbank.com perboycenisthe.ml
1 www.firsttexasbank.bank perboycenisthe.ml
1 bankfirstwi.bank perboycenisthe.ml
1 upload.wikimedia.org perboycenisthe.ml
1 cdn.vox-cdn.com perboycenisthe.ml
1 www.dictionary.com perboycenisthe.ml
1 vignette.wikia.nocookie.net perboycenisthe.ml
1 i.guim.co.uk perboycenisthe.ml
1 www.firstgroup.com perboycenisthe.ml
1 www.bankatfirst.com perboycenisthe.ml
1 www.first-online.bank perboycenisthe.ml
1 merriam-webster.com perboycenisthe.ml
1 www.firstinspires.org perboycenisthe.ml
1 www.first.org perboycenisthe.ml
0 www.firstcitizenstt.com Failed perboycenisthe.ml
99 48

This site contains links to these domains. Also see Links.

Domain
www.affalliance.com
www.realtimegaming.com
www.centraldisputesystem.com
Subject Issuer Validity Valid
first.org
Let's Encrypt Authority X3
2019-12-30 -
2020-03-29
3 months crt.sh
www.firstinspires.org
Go Daddy Secure Certificate Authority - G2
2017-03-09 -
2020-03-09
3 years crt.sh
*.merriam-webster.com
Amazon
2019-08-01 -
2020-09-01
a year crt.sh
www.first-online.bank
DigiCert SHA2 Extended Validation Server CA
2019-10-04 -
2020-10-08
a year crt.sh
edgestatic.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
bankatfirst.com
DigiCert SHA2 Extended Validation Server CA
2019-06-19 -
2021-01-28
2 years crt.sh
*.firstgroup.com
COMODO RSA Domain Validation Secure Server CA
2018-09-07 -
2020-10-06
2 years crt.sh
idfcfirstbank.com
GeoTrust RSA CA 2018
2019-02-18 -
2021-02-17
2 years crt.sh
guardian.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-24 -
2020-05-24
a year crt.sh
mormonnewsroom.org
DigiCert SHA2 Secure Server CA
2019-11-04 -
2020-11-24
a year crt.sh
*.wikia.nocookie.net
DigiCert SHA2 Secure Server CA
2019-03-07 -
2020-04-21
a year crt.sh
*.dictionary.com
GeoTrust TLS RSA CA G1
2018-05-08 -
2020-05-07
2 years crt.sh
*.voxmedia.com
GlobalSign CloudSSL CA - SHA256 - G3
2018-11-16 -
2021-02-18
2 years crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-10-06
a year crt.sh
bankfirstwi.bank
COMODO RSA Extended Validation Secure Server CA
2018-11-15 -
2020-11-14
2 years crt.sh
www.firsttexasbank.bank
GeoTrust TLS RSA CA G1
2019-09-20 -
2021-09-19
2 years crt.sh
www.hdfcbank.com
DigiCert SHA2 Extended Validation Server CA
2018-04-04 -
2020-05-11
2 years crt.sh
*.cambridge.org
DigiCert SHA2 Secure Server CA
2019-07-29 -
2020-07-28
a year crt.sh
www.firstrepublic.com
DigiCert ECC Extended Validation Server CA
2018-05-11 -
2020-05-10
2 years crt.sh
wowhead.com
DigiCert SHA2 Secure Server CA
2019-08-06 -
2020-09-23
a year crt.sh
www.firstdirect.com
DigiCert SHA2 Extended Validation Server CA
2019-11-18 -
2021-01-18
a year crt.sh
snid1a0gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2018-10-09 -
2020-10-13
2 years crt.sh
www.firstcitizens.com
DigiCert SHA2 Extended Validation Server CA
2018-02-16 -
2020-02-17
2 years crt.sh
www.firsttechfed.com
DigiCert SHA2 Extended Validation Server CA
2018-02-28 -
2020-02-29
2 years crt.sh
www.firstsupply.com
Go Daddy Secure Certificate Authority - G2
2019-07-17 -
2020-07-09
a year crt.sh
snid328gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2018-10-17 -
2020-10-20
2 years crt.sh
www.americafirst.com
COMODO RSA Extended Validation Secure Server CA
2018-02-21 -
2020-02-21
2 years crt.sh
firstsavingscc.com
Go Daddy Secure Certificate Authority - G2
2019-03-20 -
2021-05-10
2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-08-14 -
2020-08-13
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
ssl902639.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-15 -
2020-05-23
6 months crt.sh
www.google.de
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh

This page contains 5 frames:

Primary Page: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Frame ID: 29B9AE60D49C6F649E37F12F7C2DE7AA
Requests: 87 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 33F734D699ACE8B122EA40E47EBD03EC
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: FF8E4C70205DA7F449FB7675999BEAB6
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 36407507A7EEA108F25568CFFBC4898F
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 365BCB768A3D41E1BDB25861247CBBFE
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://perboycenisthe.ml/?search=first Page URL
  2. http://best24bet.ru/tHbLrv HTTP 302
    http://go.bxtmbz.pw/click?pid=1461&offer_id=180 HTTP 302
    http://go.affalliance.com/visit/?bta=36448&brand=twoup&campaign=58982&afp=5e0b652d67287c00016ebf69&utm... HTTP 302
    https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i


Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
  • script /owl\.carousel.*\.js/i

Page Statistics

99
Requests

94 %
HTTPS

48 %
IPv6

45
Domains

48
Subdomains

40
IPs

10
Countries

6459 kB
Transfer

7815 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://perboycenisthe.ml/?search=first Page URL
  2. http://best24bet.ru/tHbLrv HTTP 302
    http://go.bxtmbz.pw/click?pid=1461&offer_id=180 HTTP 302
    http://go.affalliance.com/visit/?bta=36448&brand=twoup&campaign=58982&afp=5e0b652d67287c00016ebf69&utm_campaign=1461 HTTP 302
    https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.firstsolar.com/-/media/First-Solar/Logo/logo.ashx HTTP 302
  • http://www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/logo.ashx
Request Chain 15
  • http://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg HTTP 301
  • https://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
Request Chain 78
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1179157249&t=pageview&_s=1&dl=https%3A%2F%2Ftwoupcasinonew.com%2F%3Fgaid%3D58982%26trackingID%3D36448_435690_5e0b652d67287c00016ebf69&dr=http%3A%2F%2Fperboycenisthe.ml%2F%3Fsearch%3Dfirst&ul=en-us&de=UTF-8&dt=Two-up%20casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUAB~&jid=24858454&gjid=1458953894&cid=1950012297.1577805102&tid=UA-122406701-1&_gid=850810238.1577805102&_r=1&gtm=2wgc61PP4B2MV&z=1839215633 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-122406701-1&cid=1950012297.1577805102&jid=24858454&_gid=850810238.1577805102&gjid=1458953894&_v=j79&z=1839215633 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=1950012297.1577805102&jid=24858454&_v=j79&z=1839215633 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=1950012297.1577805102&jid=24858454&_v=j79&z=1839215633&slf_rd=1&random=4043417483

99 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set /
perboycenisthe.ml/
25 KB
8 KB
Document
General
Full URL
http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Server
2606:4700:30::6812:301d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fafdf9576792612eb4f6280ff3fc430b6e3da9f63ad0cb0f01114d44323c3e9b

Request headers

Host
perboycenisthe.ml
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d361cb22ea3c106f881746ea04a8768961577805101; expires=Thu, 30-Jan-20 15:11:41 GMT; path=/; domain=.perboycenisthe.ml; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54dd2ffa48406413-FRA
Content-Encoding
gzip
bootstrap.min.css
perboycenisthe.ml/css/
152 KB
23 KB
Stylesheet
General
Full URL
http://perboycenisthe.ml/css/bootstrap.min.css
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Server
2606:4700:30::6812:301d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 01 Dec 2019 10:35:44 GMT
Server
cloudflare
Age
26
ETag
"2606e-598a2067ea831-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
54dd2ffa88746413-FRA
Content-Length
23238
perboycenisthe.ml.png
perboycenisthe.ml/img/
2 KB
2 KB
Image
General
Full URL
http://perboycenisthe.ml/img/perboycenisthe.ml.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Server
2606:4700:30::6812:301d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f57ae15371d2f4fc3a895c92714b1e27e5c40a6bbc99ffd365d6e85bf0035b

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

CF-RAY
54dd2ffa8f379772-FRA
Date
Tue, 31 Dec 2019 15:11:41 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 05 Dec 2019 12:28:40 GMT
Server
cloudflare
Age
26
ETag
"6f1-598f411ba095c"
Vary
Accept-Encoding
Content-Language
ml
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1777
email-decode.min.js
perboycenisthe.ml/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
http://perboycenisthe.ml/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Server
2606:4700:30::6812:301d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 10:56:12 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5dfa05cc-4d7"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=172800, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54dd2ffa8f1864d9-FRA
Expires
Thu, 02 Jan 2020 15:11:41 GMT
1st-icon-512.png
www.first.org/
14 KB
14 KB
Image
General
Full URL
https://www.first.org/1st-icon-512.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.208.154.14 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
first-cms1.vm.nextlayer.at
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Referrer-Policy
same-origin
Last-Modified
Tue, 08 Aug 2017 19:42:41 GMT
Server
nginx
ETag
"598a1431-378c"
X-Frame-Options
DENY
Content-Type
image/png
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14220
X-XSS-Protection
1; mode=block
open-graph-first-logo.png
www.firstinspires.org/sites/default/files/
44 KB
45 KB
Image
General
Full URL
https://www.firstinspires.org/sites/default/files/open-graph-first-logo.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.224.147 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-197-224-147.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
via
varnish
x-content-type-options
nosniff
age
792122
x-cache
HIT
status
200
x-ah-environment
prod
content-length
45456
x-request-id
v-8b51d082-24ab-11ea-818d-0fa9045db98a
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
content-type
image/png
expires
Sun, 05 Jan 2020 11:09:38 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
9228
mw-logo-245x245@1x.png
merriam-webster.com/assets/mw/static/social-media-share/
15 KB
16 KB
Image
General
Full URL
https://merriam-webster.com/assets/mw/static/social-media-share/mw-logo-245x245@1x.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-7.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:17 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified
Mon, 21 Oct 2019 18:21:22 GMT
server
AmazonS3
age
25
etag
"c356e0115092335ca71183f08fcc7f4c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31556926
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
15851
x-amz-cf-id
kohwRHxrJbk1_UwRi6R2eY9i7vNcb_79abUMESaq-VHKLXLLBu_5XQ==
logo.ashx
www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/
Redirect Chain
  • http://www.firstsolar.com/-/media/First-Solar/Logo/logo.ashx
  • http://www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/logo.ashx
4 KB
4 KB
Image
General
Full URL
http://www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/logo.ashx
Protocol
HTTP/1.1
Server
216.25.32.226 Atlanta, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Last-Modified
Tue, 15 Nov 2016 21:26:39 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="logo.png"
Accept-Ranges
bytes
Content-Length
3700
Expires
Tue, 07 Jan 2020 15:11:41 GMT

Redirect headers

Location
http://www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/logo.ashx
Date
Tue, 31 Dec 2019 15:11:41 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
Content-Length
185
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
CapandPlan.png
www.first-online.bank/wp-content/uploads/2019/04/
93 KB
93 KB
Image
General
Full URL
https://www.first-online.bank/wp-content/uploads/2019/04/CapandPlan.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8000::1 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish
age
1930118
x-cache
HIT, HIT
status
200
date
Tue, 31 Dec 2019 15:11:41 GMT
x-cache-hits
1, 4
content-length
95229
x-served-by
cache-mdw17361-MDW, cache-fra19129-FRA
last-modified
Thu, 31 Oct 2019 19:40:15 GMT
server
nginx
x-timer
S1577805101.207979,VS0,VE0
etag
"5dbb389f-173fd"
content-type
image/png
x-styx-req-id
f1672034-1a51-11ea-933f-16f5e7313d79
expires
Wed, 09 Dec 2020 07:03:03 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe1-a-789d66bff9-2zv6t
maxresdefault.jpg
i.ytimg.com/vi/tUl9QJRDBWI/
138 KB
138 KB
Image
General
Full URL
https://i.ytimg.com/vi/tUl9QJRDBWI/maxresdefault.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e9682ef83e8b2e544db6619218edbb7bcb85d0c2ddd73df42968366618b8543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 13:50:17 GMT
x-content-type-options
nosniff
server
sffe
age
4884
etag
"1573149818"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
141579
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:50:17 GMT
hero-homepage-home-equity-line-of-credit.jpg
www.bankatfirst.com/content/dam/first-financial-bank/
309 KB
310 KB
Image
General
Full URL
https://www.bankatfirst.com/content/dam/first-financial-bank/hero-homepage-home-equity-line-of-credit.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.90.118 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-90-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Last-Modified
Fri, 01 Nov 2019 13:59:33 GMT
Server
Apache
ETag
"4d50d-59649601f5b40"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Date
Tue, 31 Dec 2019 15:11:41 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
316685
maxresdefault.jpg
i.ytimg.com/vi/VE7U_bLmAx8/
143 KB
143 KB
Image
General
Full URL
https://i.ytimg.com/vi/VE7U_bLmAx8/maxresdefault.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:13 GMT
x-content-type-options
nosniff
server
sffe
age
28
etag
"1577721599"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
146386
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:16:13 GMT
gadotHomepage.jpg
www.firstgroup.com/uploads/home-banners/
45 KB
46 KB
Image
General
Full URL
https://www.firstgroup.com/uploads/home-banners/gadotHomepage.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.203.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-76-203-70.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:23:08 GMT
server
Apache
vary
X-Forwarded-Proto
content-type
image/jpeg
status
200
cache-control
max-age=1209600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
46479
expires
Tue, 14 Jan 2020 15:11:41 GMT
proknow-img1.jpg
www.idfcfirstbank.com/content/dam/IDFCFirstBank/
51 KB
0
Image
General
Full URL
https://www.idfcfirstbank.com/content/dam/IDFCFirstBank/proknow-img1.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.90.66.200 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from SAMEORIGIN https://www.youtube.com/
X-Xss-Protection 1

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 29 Oct 2019 11:47:59 GMT
X-FRAME-Options
allow-from SAMEORIGIN https://www.youtube.com/
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=38
Content-Length
181136
X-XSS-Protection
1
Expires
Thu, 30 Jan 2020 15:11:41 GMT
1871.jpg
i.guim.co.uk/img/media/6dc4cce8657b5f66f212b98820d113909531c425/0_284_1871_1123/master/
89 KB
89 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/6dc4cce8657b5f66f212b98820d113909531c425/0_284_1871_1123/master/1871.jpg?width=1200&height=630&quality=85&auto=format&fit=crop&overlay-align=bottom%2Cleft&overlay-width=100p&overlay-base64=L2ltZy9zdGF0aWMvb3ZlcmxheXMvdG8tZGVmYXVsdC5wbmc&enable=upscale&s=f71f6a051c5f84e34feb7a0d6178e008
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
via
1.1 varnish, 1.1 varnish
age
329446
x-cache
HIT, HIT
fastly-io-info
ifsz=797505 idim=1871x1123 ifmt=jpeg ofsz=91294 odim=1200x630 ofmt=webp
status
200
fastly-stats
io=1
content-length
91294
x-served-by
cache-lcy19246-LCY, cache-fra19143-FRA
server
AmazonS3
x-timer
S1577805101.217737,VS0,VE0
etag
"2pC1AclE63I7hrk8muBZSuzOCM2DLD5gr/jnEykEC7M"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 5
Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
newsroom.churchofjesuschrist.org/media/1200x675/
Redirect Chain
  • http://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
  • https://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
66 KB
66 KB
Image
General
Full URL
https://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1e1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Cache-Control
max-age=172800
Connection
keep-alive
Content-Type
image/jpeg
Content-Length
67166
Expires
Thu, 02 Jan 2020 15:11:41 GMT

Redirect headers

Location
https://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
Date
Tue, 31 Dec 2019 15:11:41 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
fastagmobile-banner.jpg
www.idfcfirstbank.com/content/dam/IDFCFirstBank/new-products/
52 KB
0
Image
General
Full URL
https://www.idfcfirstbank.com/content/dam/IDFCFirstBank/new-products/fastagmobile-banner.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
219.90.66.200 , India, ASN18229 (CTRLS-AS-IN CtrlS Datacenters Ltd., IN),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from SAMEORIGIN https://www.youtube.com/
X-Xss-Protection 1

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Nov 2019 12:08:50 GMT
X-FRAME-Options
allow-from SAMEORIGIN https://www.youtube.com/
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=29
Content-Length
67405
X-XSS-Protection
1
Expires
Thu, 30 Jan 2020 15:11:41 GMT
latest
vignette.wikia.nocookie.net/starwars/images/3/33/EmperorAmused-Orientation.png/revision/
226 KB
227 KB
Image
General
Full URL
https://vignette.wikia.nocookie.net/starwars/images/3/33/EmperorAmused-Orientation.png/revision/latest?cb=20190425003939
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:11a:e002:fa00::204 , United States, ASN22300 (WIKIA - Wikia, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:13 GMT
x-cacheable
YES - FORCED
age
0
x-cache
ORIGIN, HIT, MISS
status
200
content-disposition
inline; filename="EmperorAmused-Orientation.webp"; filename*=UTF-8''EmperorAmused-Orientation.webp
content-length
231428
x-served-by
thumblr-68fc4ccf5-mbtfh, wk-cdn-f4, wk-cdn-f6
surrogate-key
4d560eb35181f7c2bf6d521881a8569a7200ce17 wiki-starwars thumblr original
x-thumbnailer
Thumblr
etag
CP3d7sWPmeYCEAE=
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
ORIGIN, 10, 0
dictionary-social-logo-a60fa43a7f4c5e78893e1b228bdc74b3.png
www.dictionary.com/assets/
7 KB
8 KB
Image
General
Full URL
https://www.dictionary.com/assets/dictionary-social-logo-a60fa43a7f4c5e78893e1b228bdc74b3.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
via
1.1 varnish
content-type
image/png
age
11185124
x-variation
v0
adler-geo
ROWHI
x-cache
HIT
status
200
is-eu
true
content-length
7578
x-amz-id-2
F9e7qqwogC8K8AMd9A+3y3GTJIaltnFWMXGDClY7quwN+YACwI176KcMmeKokzNhnCbQxEPzWWw=
x-served-by
cache-fra19121-FRA
last-modified
Sat, 24 Aug 2019 01:47:39 GMT
server
AmazonS3
x-timer
S1577805101.243400,VS0,VE1
etag
"a60fa43a7f4c5e78893e1b228bdc74b3"
vary
is-eu, platform, adler-geo, x-variation, X-OPTIONS
x-amz-request-id
AAC9076B487E649D
cache-control
max-age=31536000,public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
platform
Desktop
x-cache-hits
3
1066317384.jpg.jpg
cdn.vox-cdn.com/thumbor/_EX8YrfAHtzxJYPeJMGi1Og89Mg=/0x113:4079x2249/fit-in/1200x630/cdn.vox-cdn.com/uploads/chorus_asset/file/19561975/
28 KB
29 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/_EX8YrfAHtzxJYPeJMGi1Og89Mg=/0x113:4079x2249/fit-in/1200x630/cdn.vox-cdn.com/uploads/chorus_asset/file/19561975/1066317384.jpg.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.124 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
via
1.1 varnish, 1.1 varnish
age
97656
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000
content-length
29080
x-served-by
cache-iad2140-IAD, cache-hhn4041-HHN
server
nginx/1.11.5
x-timer
S1577805101.249884,VS0,VE0
etag
"52f281d54ddd7cb4bdc2f9163a838fd359b2d813"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 30 Dec 2029 00:04:04 GMT
cache-control
max-age=315576000,public
accept-ranges
bytes
x-cache-hits
1, 4
1200px-FIRST_Logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/a/a2/FIRST_Logo.svg/
106 KB
107 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/a/a2/FIRST_Logo.svg/1200px-FIRST_Logo.svg.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
ATS/8.0.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Tue, 31 Dec 2019 14:40:25 GMT
content-type
image/png
x-trans-id
tx4e643d5e15d5494db11f1-005e0b5dd9
age
1876
x-cache-status
hit-front
x-cache
cp3051 hit, cp3059 hit/10
status
200
content-disposition
inline;filename*=UTF-8''FIRST_Logo.svg.png
server-timing
cache;desc="hit-front"
content-length
108944
x-client-ip
2a01:4f8:192:5414::2
x-object-meta-sha1base36
2sywtpax9dzk6vtz866hxtpyt0oeesn
last-modified
Mon, 29 Feb 2016 22:05:35 GMT
server
ATS/8.0.5
etag
e0d2bf8eef145131ee91c4e01c23f87b
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
608939222 610442625
access-control-allow-origin
*
x-timestamp
1456783534.35804
x-ats-timestamp
1577805073
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
digital-wallet.jpg
bankfirstwi.bank/sft1125/
1 MB
1 MB
Image
General
Full URL
https://bankfirstwi.bank/sft1125/digital-wallet.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.18 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10018.sucuri.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
HIT
strict-transport-security
max-age=31536000
content-length
1239495
x-xss-protection
1; mode=block
last-modified
Thu, 14 Mar 2019 14:24:56 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
19018
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
AustinAve1Square.jpg
www.firsttexasbank.bank/wp-content/uploads/sites/189/
16 KB
0
Image
General
Full URL
https://www.firsttexasbank.bank/wp-content/uploads/sites/189/AustinAve1Square.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.207.29.189 , United States, ASN25712 (CSIPADKY - Computer Services Inc, US),
Reverse DNS
74-207-29-189.hcis.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Tue, 31 Dec 2019 15:11:41 GMT
Referrer-Policy
Last-Modified
Wed, 25 Sep 2019 18:05:33 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
close
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
2901645
X-XSS-Protection
1; mode=block
Expires
Wed, 30 Dec 2020 15:11:41 GMT
mortgage-website-banner-755x259.jpg
www.firstcitizenstt.com/personal-banking/slideshowParagraphs/0/slideSrc4/
0
0

failure.png
www.hdfcbank.com/static/widgets/%5BBBHOST%5D/widget-hdfc-common-overlays/media/
0
0
Image
General
Full URL
https://www.hdfcbank.com/static/widgets/%5BBBHOST%5D/widget-hdfc-common-overlays/media/failure.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6c19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

frogthroat.jpg
dictionary.cambridge.org/rss/images/
9 KB
10 KB
Image
General
Full URL
https://dictionary.cambridge.org/rss/images/frogthroat.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.24.212 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-24-212.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
HIT
Content-Range
bytes 0-9420/9421
Connection
keep-alive
Content-Length
9421
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 18 Dec 2019 13:49:19 GMT
Server
nginx
ETag
"050aabb72423ebacb0b95e90f1b830232"
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Expires
Thu, 30 Jan 2020 15:11:41 GMT
FRB_Logo_280_150.png
www.firstrepublic.com/dist/frb/images/misc/
10 KB
11 KB
Image
General
Full URL
https://www.firstrepublic.com/dist/frb/images/misc/FRB_Logo_280_150.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.91.231 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-91-231.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 Dec 2019 22:38:19 GMT
Server
Microsoft-IIS/10.0
ETag
"c0bbb7ace1b9d51:0"
Content-Type
image/png
Date
Tue, 31 Dec 2019 15:11:41 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10565
Request-Context
appId=cid-v1:63127771-9bab-4712-8e07-a17632e405de
8013.jpg
wow.zamimg.com/uploads/guide/seo/
134 KB
134 KB
Image
General
Full URL
https://wow.zamimg.com/uploads/guide/seo/8013.jpg?1554937127
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 14:28:38 GMT
last-modified
Wed, 10 Apr 2019 22:58:47 GMT
server
openresty/1.15.8.2
etag
"5cae7527-218cb"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
status
200
cache-control
max-age=3600
x-instart-request-id
11248012609102260451:NZF01-CPVNPPRY13:1577805101:0
x-instart-cache-id
0:520164394514054504::1569138910
accept-ranges
bytes
content-length
137419
expires
Tue, 31 Dec 2019 15:28:38 GMT
42_features.svg
www1.firstdirect.com/content/dam/fsdt/en/media/images/icons/products/bank-accounts/
8 KB
2 KB
Image
General
Full URL
https://www1.firstdirect.com/content/dam/fsdt/en/media/images/icons/products/bank-accounts/42_features.svg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.108.75.102 , United Kingdom, ASN20705 (HSBC-UK, GB),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 27 Dec 2019 21:07:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
S
gbl-prod-sy-aempub
Vary
Accept-Encoding
Content-Length
1562
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=100
t12-challenge-03.png
www.fitnessfirst.com.my/-/media/project/evolution-wellness/fitness-first/south-east-asia/malaysia/highlights/t12-challenge/
1 MB
1 MB
Image
General
Full URL
https://www.fitnessfirst.com.my/-/media/project/evolution-wellness/fitness-first/south-east-asia/malaysia/highlights/t12-challenge/t12-challenge-03.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F11) /
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
last-modified
Wed, 20 Mar 2019 07:40:07 GMT
server
ECAcc (frc/8F11)
access-control-allow-origin
https://storage.googleapis.com
etag
10e88f5e0c6443cc8ef2998df78104da
x-cache
HIT
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1371740
expires
Thu, 02 Jan 2020 02:13:40 GMT
content_personal_carousel_cds.jpg
www.firstcitizens.com/content/images/
18 KB
18 KB
Image
General
Full URL
https://www.firstcitizens.com/content/images/content_personal_carousel_cds.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.89.129.19 , United States, ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US),
Reverse DNS
dnssectest.first-citizens-bank.bank
Software
Apache /
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Last-Modified
Thu, 27 Jun 2019 20:04:14 GMT
Server
Apache
ETag
"8322c-46c3-58c53aa7c4b80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=200
Content-Length
18115
routing-check-header.png
www.firsttechfed.com/Areas/FirstTech.Web/Assets/images/
52 KB
52 KB
Image
General
Full URL
https://www.firsttechfed.com/Areas/FirstTech.Web/Assets/images/routing-check-header.png
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.252 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.252.ip.incapdns.net
Software
/
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:40 GMT
last-modified
Fri, 08 Nov 2019 22:58:49 GMT
x-cdn
Incapsula
etag
"d3f819158896d51:0"
content-type
image/png
status
200
x-iinfo
5-206648890-0 0CNN RT(1577805100445 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=192496, public
content-length
53295
expires
Thu, 02 Jan 2020 20:39:56 GMT
hp-water-heaters.jpg
www.firstsupply.com/UserFiles/homepage/
33 KB
33 KB
Image
General
Full URL
https://www.firstsupply.com/UserFiles/homepage/hp-water-heaters.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.171.108.221 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-171-108-221.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:40 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Tue, 31 Dec 2019 15:11:41 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-LB
paws-waf-lb-5
p3p
policyref="/w3c/privacy.htm", CP="NOI DSP COR NOR UNI STA"
Cache-Control
private, max-age=3600
Content-Type
image/jpeg
Content-Length
33608
Expires
Tue, 31 Dec 2019 16:11:41 GMT
home_tt1_banner_oct2019_992x552.jpg
www.fitnessfirst.co.th/-/media/project/evolution-wellness/fitness-first/south-east-asia/thailand/clubs/platinum-t-one-building/
705 KB
705 KB
Image
General
Full URL
https://www.fitnessfirst.co.th/-/media/project/evolution-wellness/fitness-first/south-east-asia/thailand/clubs/platinum-t-one-building/home_tt1_banner_oct2019_992x552.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F4B) /
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
last-modified
Tue, 01 Oct 2019 07:42:45 GMT
server
ECAcc (frc/8F4B)
access-control-allow-origin
https://storage.googleapis.com
etag
d34b020d49a34f35ba765df95dab0c1d
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
721843
expires
Tue, 07 Jan 2020 15:11:42 GMT
visa-card-signature-mega.jpg
www.americafirst.com/content/dam/visa/
71 KB
71 KB
Image
General
Full URL
https://www.americafirst.com/content/dam/visa/visa-card-signature-mega.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
206.81.136.154 , United States, ASN17150 (AFCU - America First Credit Union, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Server
Apache
Vary
X-Forwarded-For
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Content-Disposition
inline
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
72575
Expires
Thu, 30 Jan 2020 15:11:41 GMT
banner-image_sm.jpg
firstsavingscc.com/assets/img/
20 KB
0
Image
General
Full URL
https://firstsavingscc.com/assets/img/banner-image_sm.jpg
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.53.243.154 Sioux Falls, United States, ASN13576 (SDNW-13576 - SOUTH DAKOTA NETWORK, US),
Reverse DNS
te0-1-0-4.125.sxflsdch38r.cust.sdnet.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy img-src *
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://perboycenisthe.ml/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
img-src *
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Nov 2019 18:13:10 GMT
Server
ETag
"03fdd78499d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Date
Tue, 31 Dec 2019 15:11:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
Content-Length
141670
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
jquery-3.2.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://perboycenisthe.ml/?search=first
Origin
http://perboycenisthe.ml

Response headers

Date
Tue, 31 Dec 2019 15:11:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 19:01:15 GMT
Server
nginx
ETag
W/"58d026fb-10fdd"
Vary
Accept-Encoding
X-HW
1577805099.dop098.fr8.shc,1577805099.dop098.fr8.t,1577805101.cds007.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23856
Primary Request /
twoupcasinonew.com/
Redirect Chain
  • http://best24bet.ru/tHbLrv
  • http://go.bxtmbz.pw/click?pid=1461&offer_id=180
  • http://go.affalliance.com/visit/?bta=36448&brand=twoup&campaign=58982&afp=5e0b652d67287c00016ebf69&utm_campaign=1461
  • https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
15 KB
3 KB
Document
General
Full URL
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Requested by
Host: perboycenisthe.ml
URL: http://perboycenisthe.ml/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8415247ae85b0b395c736b4175ab5d25727c4ad386c6884f65ccdeab3aa2175f

Request headers

:method
GET
:authority
twoupcasinonew.com
:scheme
https
:path
/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://perboycenisthe.ml/?search=first
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://perboycenisthe.ml/?search=first

Response headers

status
200
date
Tue, 31 Dec 2019 15:11:41 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de4e40a3c046490a5a28384c9abed4b431577805101; expires=Thu, 30-Jan-20 15:11:41 GMT; path=/; domain=.twoupcasinonew.com; HttpOnly; SameSite=Lax; Secure trackingID=36448_435690_5e0b652d67287c00016ebf69; expires=Thu, 30-Jan-2020 15:11:41 GMT; Max-Age=2592000; path=/; domain=.twoupcasinonew.com gaid=58982; expires=Thu, 30-Jan-2020 15:11:41 GMT; Max-Age=2592000; path=/; domain=.twoupcasinonew.com
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
54dd2ffd3ff896bc-FRA
content-encoding
br

Redirect headers

Server
rhino-core-shield
Date
Tue, 31 Dec 2019 15:11:41 GMT
Content-Type
text/html; Charset=UTF-8
Content-Length
212
Connection
keep-alive
Cache-Control
private,no-cache
Pragma
no-cache
Expires
Mon, 30 Dec 2019 15:11:42 GMT
Location
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Set-Cookie
twoup=afp=5e0b652d67287c00016ebf69&bta=36448&Visitors=q&cid=435690; expires=Fri, 31-Jan-2020 15:11:42 GMT; path=/
X-Cache-Status
MISS
Access-Control-Allow-Origin
*
normalize.css
twoupcasinonew.com/assets/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://twoupcasinonew.com/assets/css/normalize.css?v=0.2.6
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1292
etag
W/"1e27-56592710f1e00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54dd2ffeb9d696bc-FRA
bootstrap.min.css
twoupcasinonew.com/assets/css/
118 KB
18 KB
Stylesheet
General
Full URL
https://twoupcasinonew.com/assets/css/bootstrap.min.css?v=0.2.6
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3d04065b97f90b944ef57c99fcc2614e96002413fcd9cfea6e0470d1308ea3

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Feb 2018 12:56:04 GMT
server
cloudflare
age
1292
etag
W/"1d97e-565a455518100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54dd2ffeb9d796bc-FRA
style.css
twoupcasinonew.com/assets/css/
40 KB
6 KB
Stylesheet
General
Full URL
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ae3492db2b4d7424528b0ac825d6dfa36c80dbe11029e7f49f493bee649c01

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Jun 2019 12:31:03 GMT
server
cloudflare
age
1291
etag
W/"a014-58bd4a2c5ad09-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54dd2ffeb9d896bc-FRA
fonts.css
twoupcasinonew.com/assets/css/
505 B
229 B
Stylesheet
General
Full URL
https://twoupcasinonew.com/assets/css/fonts.css?v=0.2.6
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1597a3c548a65dfa332710085757805466b858fb5aae713cd966c23afd3d62ad

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1291
etag
W/"1f9-56592710f1e00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54dd2ffeb9d996bc-FRA
jquery.min.js
twoupcasinonew.com/assets/js/
84 KB
29 KB
Script
General
Full URL
https://twoupcasinonew.com/assets/js/jquery.min.js?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1300
etag
W/"14e98-56592710f1e00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54dd2ffeb9da96bc-FRA
bxslider.min.js
twoupcasinonew.com/assets/js/
19 KB
5 KB
Script
General
Full URL
https://twoupcasinonew.com/assets/js/bxslider.min.js?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Feb 2018 17:28:01 GMT
server
cloudflare
age
1299
etag
W/"4b9f-565bc3fba8a40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54dd2ffeb9de96bc-FRA
nanoscroller.js
twoupcasinonew.com/assets/js/
10 KB
3 KB
Script
General
Full URL
https://twoupcasinonew.com/assets/js/nanoscroller.js?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b63ee79f8b149f32e87d97620128e452d66ae2e606668aa1e6a9c027e176c7

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Feb 2018 12:56:04 GMT
server
cloudflare
age
1299
etag
W/"2864-565a455518100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54dd2ffeb9df96bc-FRA
custom.js
twoupcasinonew.com/assets/js/
3 KB
802 B
Script
General
Full URL
https://twoupcasinonew.com/assets/js/custom.js?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a4c66822ed0342d1517427b3e82eaa52e6b1879f1362550f54248a85c2a7a2

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Feb 2018 18:05:37 GMT
server
cloudflare
age
1298
etag
W/"d31-565bcc6325e40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54dd2ffeb9e196bc-FRA
js
www.googletagmanager.com/gtag/
73 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-122036262-9
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
512a45664f03c48d60e74daef6d12ecc93e20c2a862832f452859fc9fcd584ba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27812
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:11:41 GMT
left-girl.png
twoupcasinonew.com/assets/images/
205 KB
205 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/left-girl.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7194e1b9d2210631ea62f67903d0154b90c104faec97eeb3b5253823001b79ef

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1266
etag
"3323b-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2ffed9f096bc-FRA
content-length
209467
logo.png
twoupcasinonew.com/assets/images/
19 KB
20 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/logo.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ff2c6f5e5ca06857d5bc0e2a53d4a8529cf24143dab1d557fa1df8a8e42ef

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1265
etag
"4de9-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2ffee9fd96bc-FRA
content-length
19945
bonus300.png
twoupcasinonew.com/assets/images/
41 KB
41 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/bonus300.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afaa888d7be10d7c54cc70453132a5a76a5c8c4273dded6a41f4d6c0b92772b6

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2018 13:17:51 GMT
server
cloudflare
age
1265
etag
"a357-565ccdee77dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2ffefa1e96bc-FRA
content-length
41815
au.png
twoupcasinonew.com/assets/images/
8 KB
8 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/au.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97cca2573faf7124c67abf413b59bb619f9d6fd607f2d760f15a68b9a7c9a2b8

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1265
etag
"1e72-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2ffefa1f96bc-FRA
content-length
7794
border.png
twoupcasinonew.com/assets/images/
1 KB
1 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/border.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e427ada183fc24310bcd4a74ee51e33566280a2f3ee3880c95a89718c7671893

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Feb 2018 13:17:51 GMT
server
cloudflare
age
1264
etag
"535-565ccdee77dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2ffefa2096bc-FRA
content-length
1333
right-girl.png
twoupcasinonew.com/assets/images/
240 KB
241 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/right-girl.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b417e769d75e4f4ee612f04d3ec8fc0c6d36f4a418bc1dc20ae74658867030e6

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1264
etag
"3c14a-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2ffefa2196bc-FRA
content-length
246090
games_1.png
twoupcasinonew.com/assets/images/
189 KB
190 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games_1.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2af1fd1787092a00812da0409580bf45dde3e844946a099551663b06023cf20

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Wed, 22 May 2019 09:06:01 GMT
server
cloudflare
age
1263
etag
"2f59f-58976463b7040"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2ffefa2296bc-FRA
content-length
193951
game_41.png
twoupcasinonew.com/assets/images/games/
18 KB
18 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_41.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d1b23c5773e87c622897bafa6639aff3b37968b7b36d5ad7823974d05b2e4b

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
1291
etag
"4866-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2ffefa2396bc-FRA
content-length
18534
game_16.png
twoupcasinonew.com/assets/images/games/
19 KB
19 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_16.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df0f88a3f404fde4f254ef1ca85f312dba3f139bac64eff2a600e5e54d0dacd3

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
1290
etag
"4a43-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a3896bc-FRA
content-length
19011
game_51.png
twoupcasinonew.com/assets/images/games/
18 KB
19 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_51.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0471ff0421825e83e30e973987560e6ca6357d7c49c26ba8efce75f1fa556caa

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
1290
etag
"49a5-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a3f96bc-FRA
content-length
18853
game_404.png
twoupcasinonew.com/assets/images/games/
6 KB
6 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_404.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee5ff6353e8a465ca0a8a56c93da368aa59b7b7c360e9d4c47677a4e99a0a0d

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
1288
etag
"1923-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a3d96bc-FRA
content-length
6435
game_63.png
twoupcasinonew.com/assets/images/games/
21 KB
21 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_63.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3d40005ac52ef0a5efc3e0f35325ed8d3ce12ae3bd4a4770109b320617712c

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
1288
etag
"550a-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a3e96bc-FRA
content-length
21770
coin1.png
twoupcasinonew.com/assets/images/
27 KB
27 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/coin1.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7338c0f26b5fcdfc798c0ae28320abe90af63c5c8c09ac541bd3534524e46c

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1262
etag
"6c79-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff3a5d96bc-FRA
content-length
27769
coin2.png
twoupcasinonew.com/assets/images/
13 KB
13 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/coin2.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52c8c5064cea2ede1ef9578eeecb1cf3197fbaf8be9516ed3517430ce52fd76

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1259
etag
"3303-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff3a5e96bc-FRA
content-length
13059
coin3.png
twoupcasinonew.com/assets/images/
32 KB
32 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/coin3.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
194fb0c5eef5c3672d25f806e39b1e2b3e2e580212c22f705f99faf98bd9d932

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1259
etag
"7fbe-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff3a5f96bc-FRA
content-length
32702
coin4.png
twoupcasinonew.com/assets/images/
47 KB
47 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/coin4.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfa77b0c9082ec2d8322ce258a222f5fc87c733e70cd15feff2a450fc29ae2c

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1258
etag
"ba21-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff3a6196bc-FRA
content-length
47649
footer.png
twoupcasinonew.com/assets/images/
4 KB
4 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/footer.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3840ad156c97fe165063b7171665de4282e0fb9b2b53406070eaf947f5585630

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1257
etag
"1020-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a4296bc-FRA
content-length
4128
rtg.png
twoupcasinonew.com/assets/images/
3 KB
3 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/rtg.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c30b22cd08318582ecc2c64bd4af914bf31fbe0f1a5ab4e95887eddf0d158c6

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Fri, 21 Jun 2019 12:31:03 GMT
server
cloudflare
age
1257
etag
"c57-58bd4a2c5ad09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a4396bc-FRA
content-length
3159
cds.png
twoupcasinonew.com/assets/images/
3 KB
3 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/cds.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a946fc7dc52d0bdfb0e7325020f9e081a34f1a3bf668ef5bc779c21a3fc7f6da

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Fri, 21 Jun 2019 12:31:03 GMT
server
cloudflare
age
1257
etag
"b7f-58bd4a2c5ad09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a4496bc-FRA
content-length
2943
TwoUpChat.js
twoupcasinonew.com/chat/
355 B
305 B
Script
General
Full URL
https://twoupcasinonew.com/chat/TwoUpChat.js
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
521353b7e50c1833dcbdd0f0a3e6db8dac6431e5df77b1cda22fc20b388263fb

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Nov 2019 07:14:25 GMT
server
cloudflare
age
1294
etag
W/"163-596942e9e994d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54dd2ffee9fc96bc-FRA
gtm.js
www.googletagmanager.com/
53 KB
20 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PP4B2MV
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
426a76c2eacb363c23eec234ce75661be9172adeb5c8eca62ebf4c15bb6c5b79
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
20424
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:11:41 GMT
css
fonts.googleapis.com/
7 KB
745 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
97e7c845a47eaf84d9fe99509dc719f497e3714d0469d8d15a1c48e67b91c919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 15:11:41 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 15:11:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:11:41 GMT
bg.jpg
twoupcasinonew.com/assets/images/
45 KB
45 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/bg.jpg
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
443ddf43048a9db984e41a5fd7d6cfab89ee7916458dfba18385f1e4e88c95b9

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1272
etag
"b265-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a3a96bc-FRA
content-length
45669
star2.png
twoupcasinonew.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/star2.png
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da730f2700016b1f1e319bbd34beb7fe1c4ed6e24648b4c22a45eccba70d314e

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1270
etag
"6c7-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a4196bc-FRA
content-length
1735
november-monthly-special.jpg
twoupcasinonew.com/assets/images/
22 KB
22 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/november-monthly-special.jpg?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
617250c57fb74cc9df04a55e2447eb9f5f903a40dfade67ea2c737d4e9c43b29

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Nov 2018 09:34:22 GMT
server
cloudflare
age
1267
etag
"582a-57a380e67e380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a3c96bc-FRA
content-length
22570
footer-bg.png
twoupcasinonew.com/assets/images/
23 KB
24 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/footer-bg.png
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08cee18f5684c80963c20480a451c88f5288b41831a0220bcc90c432449c6b2f

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1272
etag
"5da2-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd2fff1a3b96bc-FRA
content-length
23970
erasdemi.woff
twoupcasinonew.com/assets/fonts/
51 KB
51 KB
Font
General
Full URL
https://twoupcasinonew.com/assets/fonts/erasdemi.woff
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe452bd17368f421240db8a1e498fdcee69d6fdcac1ef58c0d44498b35f5c16

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/assets/css/fonts.css?v=0.2.6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
27
etag
W/"cb54-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=14400
cf-ray
54dd2fff0a2d96bc-FRA
erasbold.woff
twoupcasinonew.com/assets/fonts/
50 KB
50 KB
Font
General
Full URL
https://twoupcasinonew.com/assets/fonts/erasbold.woff
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b0cda82676a48d25cd11507e7ef6b78a419c5384ad233f26de7b07c7ec1464

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/assets/css/fonts.css?v=0.2.6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
27
etag
W/"c638-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=14400
cf-ray
54dd2fff0a2f96bc-FRA
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin
https://twoupcasinonew.com

Response headers

date
Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
3448694
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:13:27 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122036262-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2284
date
Tue, 31 Dec 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 31 Dec 2019 16:33:37 GMT
default
embed.tawk.to/5a7d7f254b401e45400ccfc7/
535 KB
115 KB
Script
General
Full URL
https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/chat/TwoUpChat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2414ec7cec6cba8494ef43e35d8059a5bc3fc4c91bff91c9db1cc3414749b9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 15:11:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
9031
etag
W/"fulls68020"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
54dd2fff2fc6c2bd-FRA
access-control-allow-origin
*
collect
www.google-analytics.com/r/
35 B
107 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1179157249&t=pageview&_s=1&dl=https%3A%2F%2Ftwoupcasinonew.com%2F%3Fgaid%3D58982%26trackingID%3D36448_435690_5e0b652d67287c00016ebf69&dr=http%3A%2F%2Fperboycenisthe.ml%2F%3Fsearch%3Dfirst&ul=en-us&de=UTF-8&dt=Two-up%20casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=787385001&gjid=78581464&cid=1950012297.1577805102&tid=UA-122036262-9&_gid=850810238.1577805102&_r=1&gtm=2ouc61&z=1106014133
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Dec 2019 15:11:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1179157249&t=pageview&_s=1&dl=https%3A%2F%2Ftwoupcasinonew.com%2F%3Fgaid%3D58982%26trackingID%3D36448_435690_5e0b652d67287c00016ebf69&dr=http...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-122406701-1&cid=1950012297.1577805102&jid=24858454&_gid=850810238.1577805102&gjid=1458953894&_v=j79&z=1839215633
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=1950012297.1577805102&jid=24858454&_v=j79&z=1839215633
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=1950012297.1577805102&jid=24858454&_v=j79&z=1839215633&slf_rd=1&random=4043417483
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=1950012297.1577805102&jid=24858454&_v=j79&z=1839215633&slf_rd=1&random=4043417483
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Dec 2019 15:11:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Dec 2019 15:11:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=1950012297.1577805102&jid=24858454&_v=j79&z=1839215633&slf_rd=1&random=4043417483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 33F7
8 KB
721 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 15:11:42 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 15:11:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:11:42 GMT
css
fonts.googleapis.com/ Frame FF8E
8 KB
675 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 15:11:42 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 15:11:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:11:42 GMT
css
fonts.googleapis.com/ Frame 3640
8 KB
675 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 15:11:42 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 15:11:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:11:42 GMT
css
fonts.googleapis.com/ Frame 365B
8 KB
675 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 15:11:42 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 15:11:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 15:11:42 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 365B
192 B
214 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 31 Dec 2019 15:11:42 GMT
content-length
152
x-served-by
cache-ams21031-AMS, cache-fra19143-FRA
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 365B
295 KB
53 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 31 Dec 2019 15:11:42 GMT
content-length
53890
x-served-by
cache-ams21033-AMS, cache-fra19143-FRA
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
1577805102045
va.tawk.to/register/
692 B
844 B
XHR
General
Full URL
https://va.tawk.to/register/1577805102045
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f24f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
488af158e8f17315cb393ebd761c1ce1562d1c19dee700164d4c68b7c9b9aacf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Origin
https://twoupcasinonew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 31 Dec 2019 15:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-ktjg
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://twoupcasinonew.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
54dd2fffcd4bd6e5-FRA
access-control-allow-headers
origin, content-type
/
vs71.tawk.to/s/
101 B
158 B
XHR
General
Full URL
https://vs71.tawk.to/s/?k=5e0b652eb4d77badf1106164&u=yPApShX31CakQ8aJVB5us1FkCSQR8rtmEwDNJP54hoMrkkZO6b0uCwir6lPK%2FLOY&uv=2&a=5a7d7f254b401e45400ccfc7&cver=0&pop=false&w=LGhuLF&jv=680&asver=123101&ust=false&p=Two-up%20casino&r=http%3A%2F%2Fperboycenisthe.ml%2F%3Fsearch%3Dfirst&EIO=3&transport=polling&__t=MzSWpoT
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f24f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
168a987598d42680cfc95fb504cae0e5fed1d495db24d24070f9856dd308ee5b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 15:11:42 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://twoupcasinonew.com
access-control-allow-credentials
true
cf-ray
54dd300108e8d6e5-FRA
content-length
101
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 365B
413 B
451 B
Image
General
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
image/png
status
200
access-control-expose-headers
*
cache-control
public, max-age=31536000
date
Tue, 31 Dec 2019 15:11:42 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
413
x-served-by
cache-ams21051-AMS, cache-fra19143-FRA
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame 3640
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
https://twoupcasinonew.com

Response headers

date
Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
3455611
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:18:11 GMT
/
vs71.tawk.to/s/
551 B
612 B
XHR
General
Full URL
https://vs71.tawk.to/s/?k=5e0b652eb4d77badf1106164&u=yPApShX31CakQ8aJVB5us1FkCSQR8rtmEwDNJP54hoMrkkZO6b0uCwir6lPK%2FLOY&uv=2&a=5a7d7f254b401e45400ccfc7&cver=0&pop=false&w=LGhuLF&jv=680&asver=123101&ust=false&p=Two-up%20casino&r=http%3A%2F%2Fperboycenisthe.ml%2F%3Fsearch%3Dfirst&EIO=3&transport=polling&__t=MzSWpqf&sid=J736zJdo5V95ELxux2QG
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f24f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e07ac1c64f6db4f5552c7e7b06d8cb8683b54b3cf655c6f7c3f91bc5e36c1c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 15:11:42 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://twoupcasinonew.com
access-control-allow-credentials
true
cf-ray
54dd3001db2bd6e5-FRA
content-length
551
v3
va.tawk.to/log-performance/
5 B
70 B
XHR
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f24f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Origin
https://twoupcasinonew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 31 Dec 2019 15:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-pc0w
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://twoupcasinonew.com
access-control-allow-credentials
true
cf-ray
54dd3004bbf1d6e5-FRA
access-control-allow-headers
origin, content-type
/
vs71.tawk.to/s/
4 B
84 B
XHR
General
Full URL
https://vs71.tawk.to/s/?k=5e0b652eb4d77badf1106164&u=yPApShX31CakQ8aJVB5us1FkCSQR8rtmEwDNJP54hoMrkkZO6b0uCwir6lPK%2FLOY&uv=2&a=5a7d7f254b401e45400ccfc7&cver=0&pop=false&w=LGhuLF&jv=680&asver=123101&ust=false&p=Two-up%20casino&r=http%3A%2F%2Fperboycenisthe.ml%2F%3Fsearch%3Dfirst&EIO=3&transport=polling&__t=MzSWpxk&sid=J736zJdo5V95ELxux2QG
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f24f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 15:11:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://twoupcasinonew.com
access-control-allow-credentials
true
cf-ray
54dd3004bbf3d6e5-FRA
content-length
4
light.png
twoupcasinonew.com/assets/images/
6 KB
6 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/light.png
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/assets/js/jquery.min.js?v=0.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e921228f040382347017421d6c39b579b8aa02970af3122a42505f64e2ee5b

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:44 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1274
etag
"174d-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd3011ffb496bc-FRA
content-length
5965
shine1.png
twoupcasinonew.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/shine1.png
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/assets/js/jquery.min.js?v=0.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3d973f78a001c1090073b87ffdb0bd885d76c50377f262c6b257c1c74c9f26

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:44 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
1274
etag
"772-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54dd3011ffb596bc-FRA
content-length
1906
default-profile.svg
static-v.tawk.to/a-v3/images/ Frame 33F7
4 KB
2 KB
Image
General
Full URL
https://static-v.tawk.to/a-v3/images/default-profile.svg
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f24f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c95340c5c3803014f984134d727a81daa430d4431180ff6b23a7ce0b566e94
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
539745
status
200
vary
Accept-Encoding
pragma
public
last-modified
Mon, 15 Jul 2019 17:37:08 GMT
server
cloudflare
etag
W/"5d2cb9c4-103a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
54dd3040a80ad6e5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
tawk-widget.woff2
static-v.tawk.to/a-v3/fonts/ Frame 33F7
3 KB
3 KB
Font
General
Full URL
https://static-v.tawk.to/a-v3/fonts/tawk-widget.woff2?yh9epr
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b652d67287c00016ebf69
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 15:11:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1894518
status
200
vary
Accept-Encoding
content-length
2744
pragma
public
last-modified
Mon, 15 Jul 2019 17:37:05 GMT
server
cloudflare
etag
"5d2cb9c1-ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
54dd3040afa7c2bd-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame 33F7
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
https://twoupcasinonew.com

Response headers

date
Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
3455621
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:18:11 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ Frame FF8E
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
https://twoupcasinonew.com

Response headers

date
Thu, 19 Dec 2019 18:23:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
1025328
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
0
expires
Fri, 18 Dec 2020 18:23:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.firstcitizenstt.com
URL
https://www.firstcitizenstt.com/personal-banking/slideshowParagraphs/0/slideSrc4/mortgage-website-banner-755x259.jpg

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| $ function| jQuery function| gtag object| google_tag_manager string| GoogleAnalyticsObject function| ga object| Tawk_API object| Tawk_LoadStart object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName

8 Cookies

Domain/Path Name / Value
twoupcasinonew.com/ Name: TawkConnectionTime
Value: 1577805102044
.twoupcasinonew.com/ Name: _gat_gtag_UA_122036262_9
Value: 1
.twoupcasinonew.com/ Name: _gat_UA-122406701-1
Value: 1
.twoupcasinonew.com/ Name: _ga
Value: GA1.2.1950012297.1577805102
.twoupcasinonew.com/ Name: _gid
Value: GA1.2.850810238.1577805102
.twoupcasinonew.com/ Name: __cfduid
Value: de4e40a3c046490a5a28384c9abed4b431577805101
.twoupcasinonew.com/ Name: trackingID
Value: 36448_435690_5e0b652d67287c00016ebf69
.twoupcasinonew.com/ Name: gaid
Value: 58982

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankfirstwi.bank
best24bet.ru
cdn.jsdelivr.net
cdn.vox-cdn.com
code.jquery.com
dictionary.cambridge.org
embed.tawk.to
firstsavingscc.com
fonts.googleapis.com
fonts.gstatic.com
go.affalliance.com
go.bxtmbz.pw
i.guim.co.uk
i.ytimg.com
merriam-webster.com
newsroom.churchofjesuschrist.org
perboycenisthe.ml
static-v.tawk.to
stats.g.doubleclick.net
twoupcasinonew.com
upload.wikimedia.org
va.tawk.to
vignette.wikia.nocookie.net
vs71.tawk.to
wow.zamimg.com
www.americafirst.com
www.bankatfirst.com
www.dictionary.com
www.first-online.bank
www.first.org
www.firstcitizens.com
www.firstcitizenstt.com
www.firstgroup.com
www.firstinspires.org
www.firstrepublic.com
www.firstsolar.com
www.firstsupply.com
www.firsttechfed.com
www.firsttexasbank.bank
www.fitnessfirst.co.th
www.fitnessfirst.com.my
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hdfcbank.com
www.idfcfirstbank.com
www1.firstdirect.com
www.firstcitizenstt.com
13.35.253.7
149.126.77.252
151.101.112.124
151.101.14.133
159.180.84.2
184.31.90.118
184.31.91.231
192.124.249.18
193.108.75.102
2001:4de0:ac19::1:b:2b
206.81.136.154
208.53.243.154
212.32.250.9
212.47.233.95
213.208.154.14
216.25.32.226
219.90.66.200
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:f24f
2606:4700:10::6814:f34f
2606:4700:30::6812:301d
2606:4700:30::6812:366c
2606:4700::6810:6c19
2620:0:862:ed1a::2:b
2620:11a:e002:fa00::204
2620:12a:8000::1
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:817::2003
2a00:1450:4001:820::2016
2a00:1450:400c:c04::9a
2a02:26f0:6c00:180::1e1
2a04:4e42:3::367
2a04:4e42:3::621
35.171.108.221
35.234.82.254
54.197.224.147
54.72.24.212
54.76.203.70
69.89.129.19
74.207.29.189
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0471ff0421825e83e30e973987560e6ca6357d7c49c26ba8efce75f1fa556caa
08cee18f5684c80963c20480a451c88f5288b41831a0220bcc90c432449c6b2f
0c30b22cd08318582ecc2c64bd4af914bf31fbe0f1a5ab4e95887eddf0d158c6
13ae3492db2b4d7424528b0ac825d6dfa36c80dbe11029e7f49f493bee649c01
1597a3c548a65dfa332710085757805466b858fb5aae713cd966c23afd3d62ad
168a987598d42680cfc95fb504cae0e5fed1d495db24d24070f9856dd308ee5b
194fb0c5eef5c3672d25f806e39b1e2b3e2e580212c22f705f99faf98bd9d932
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3840ad156c97fe165063b7171665de4282e0fb9b2b53406070eaf947f5585630
426a76c2eacb363c23eec234ce75661be9172adeb5c8eca62ebf4c15bb6c5b79
443ddf43048a9db984e41a5fd7d6cfab89ee7916458dfba18385f1e4e88c95b9
488af158e8f17315cb393ebd761c1ce1562d1c19dee700164d4c68b7c9b9aacf
50b63ee79f8b149f32e87d97620128e452d66ae2e606668aa1e6a9c027e176c7
512a45664f03c48d60e74daef6d12ecc93e20c2a862832f452859fc9fcd584ba
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
521353b7e50c1833dcbdd0f0a3e6db8dac6431e5df77b1cda22fc20b388263fb
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a3d04065b97f90b944ef57c99fcc2614e96002413fcd9cfea6e0470d1308ea3
5dfa77b0c9082ec2d8322ce258a222f5fc87c733e70cd15feff2a450fc29ae2c
5e9682ef83e8b2e544db6619218edbb7bcb85d0c2ddd73df42968366618b8543
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
617250c57fb74cc9df04a55e2447eb9f5f903a40dfade67ea2c737d4e9c43b29
64c95340c5c3803014f984134d727a81daa430d4431180ff6b23a7ce0b566e94
65b0cda82676a48d25cd11507e7ef6b78a419c5384ad233f26de7b07c7ec1464
69d1b23c5773e87c622897bafa6639aff3b37968b7b36d5ad7823974d05b2e4b
7194e1b9d2210631ea62f67903d0154b90c104faec97eeb3b5253823001b79ef
7d3d973f78a001c1090073b87ffdb0bd885d76c50377f262c6b257c1c74c9f26
7e3d40005ac52ef0a5efc3e0f35325ed8d3ce12ae3bd4a4770109b320617712c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8415247ae85b0b395c736b4175ab5d25727c4ad386c6884f65ccdeab3aa2175f
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
97cca2573faf7124c67abf413b59bb619f9d6fd607f2d760f15a68b9a7c9a2b8
97e7c845a47eaf84d9fe99509dc719f497e3714d0469d8d15a1c48e67b91c919
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a8e07ac1c64f6db4f5552c7e7b06d8cb8683b54b3cf655c6f7c3f91bc5e36c1c
a946fc7dc52d0bdfb0e7325020f9e081a34f1a3bf668ef5bc779c21a3fc7f6da
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
abe452bd17368f421240db8a1e498fdcee69d6fdcac1ef58c0d44498b35f5c16
aee5ff6353e8a465ca0a8a56c93da368aa59b7b7c360e9d4c47677a4e99a0a0d
afaa888d7be10d7c54cc70453132a5a76a5c8c4273dded6a41f4d6c0b92772b6
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036
b417e769d75e4f4ee612f04d3ec8fc0c6d36f4a418bc1dc20ae74658867030e6
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bc4ff2c6f5e5ca06857d5bc0e2a53d4a8529cf24143dab1d557fa1df8a8e42ef
c2af1fd1787092a00812da0409580bf45dde3e844946a099551663b06023cf20
c52c8c5064cea2ede1ef9578eeecb1cf3197fbaf8be9516ed3517430ce52fd76
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
d2e921228f040382347017421d6c39b579b8aa02970af3122a42505f64e2ee5b
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
da730f2700016b1f1e319bbd34beb7fe1c4ed6e24648b4c22a45eccba70d314e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df0f88a3f404fde4f254ef1ca85f312dba3f139bac64eff2a600e5e54d0dacd3
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e3f57ae15371d2f4fc3a895c92714b1e27e5c40a6bbc99ffd365d6e85bf0035b
e427ada183fc24310bcd4a74ee51e33566280a2f3ee3880c95a89718c7671893
ed2414ec7cec6cba8494ef43e35d8059a5bc3fc4c91bff91c9db1cc3414749b9
ed7338c0f26b5fcdfc798c0ae28320abe90af63c5c8c09ac541bd3534524e46c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f8a4c66822ed0342d1517427b3e82eaa52e6b1879f1362550f54248a85c2a7a2
fafdf9576792612eb4f6280ff3fc430b6e3da9f63ad0cb0f01114d44323c3e9b