www.jackpotcitycasino.com Open in urlscan Pro
104.18.159.31  Malicious Activity! Public Scan

Submitted URL: http://erwinkeuph8vw.pages.dev/
Effective URL: https://www.jackpotcitycasino.com/canada/
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On September 03 via api from DE — Scanned from CA

Summary

This website contacted 24 IPs in 2 countries across 23 domains to perform 138 HTTP transactions. The main IP is 104.18.159.31, located in and belongs to CLOUDFLARENET, US. The main domain is www.jackpotcitycasino.com. The Cisco Umbrella rank of the primary domain is 891582.
TLS certificate: Issued by WE1 on August 11th 2024. Valid for: 3 months.
This is the only time www.jackpotcitycasino.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:310... 13335 (CLOUDFLAR...)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:310... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 8 192.243.59.12 39572 (ADVANCEDH...)
1 3.213.14.153 14618 (AMAZON-AES)
1 3 172.240.127.234 7979 (SERVERS-COM)
4 192.243.59.20 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 172.240.253.132 7979 (SERVERS-COM)
1 2620:1ec:33:1... 8075 (MICROSOFT...)
1 45.133.44.9 39572 (ADVANCEDH...)
1 25 104.18.159.31 13335 (CLOUDFLAR...)
49 2606:4700:440... 13335 (CLOUDFLAR...)
10 2606:4700:440... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.19 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
138 24
Apex Domain
Subdomains
Transfer
49 imagethumb.com
dm.imagethumb.com
30 MB
25 jackpotcitycasino.com
www.jackpotcitycasino.com — Cisco Umbrella Rank: 891582 Failed
791 KB
14 cordellvolante.biz.id
split.cordellvolante.biz.id
ad.cordellvolante.biz.id
9 KB
12 src-play.com
media.src-play.com
nexus.src-play.com
gateway.src-play.com
143 KB
7 pallorirony.com
pallorirony.com
14 KB
6 pages.dev
erwinkeuph8vw.pages.dev
16 KB
4 topcreativeformat.com
www.topcreativeformat.com — Cisco Umbrella Rank: 53002
49 KB
3 rbccdn.com
api.rbccdn.com
2 KB
3 blackmailarmory.com
blackmailarmory.com
37 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
54 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
2 gstatic.com
fonts.gstatic.com
37 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
202 KB
2 interruptchalkedlie.com
interruptchalkedlie.com
5 KB
2 dojo.cc
pop.dojo.cc
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 site24x7rum.com
static.site24x7rum.com — Cisco Umbrella Rank: 36143
471 B
1 cloudimagesb.com
cdn.cloudimagesb.com — Cisco Umbrella Rank: 13358
77 KB
1 bing.net
tse1.mm.bing.net — Cisco Umbrella Rank: 3687
1 KB
1 recordedthereby.com
recordedthereby.com — Cisco Umbrella Rank: 8708
27 KB
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 8770
306 B
1 sighhigherapprove.com
sighhigherapprove.com
12 KB
0 google.com Failed
suggestqueries.google.com Failed
138 23
Domain Requested by
49 dm.imagethumb.com www.jackpotcitycasino.com
www.googletagmanager.com
25 www.jackpotcitycasino.com erwinkeuph8vw.pages.dev
www.jackpotcitycasino.com
13 split.cordellvolante.biz.id erwinkeuph8vw.pages.dev
8 nexus.src-play.com media.src-play.com
nexus.src-play.com
www.jackpotcitycasino.com
7 pallorirony.com 3 redirects erwinkeuph8vw.pages.dev
6 erwinkeuph8vw.pages.dev 1 redirects erwinkeuph8vw.pages.dev
4 www.topcreativeformat.com split.cordellvolante.biz.id
3 api.rbccdn.com www.jackpotcitycasino.com
3 blackmailarmory.com 1 redirects sighhigherapprove.com
erwinkeuph8vw.pages.dev
3 cdnjs.cloudflare.com erwinkeuph8vw.pages.dev
www.jackpotcitycasino.com
2 www.google-analytics.com nexus.src-play.com
2 fonts.gstatic.com fonts.googleapis.com
2 gateway.src-play.com media.src-play.com
2 www.googletagmanager.com www.jackpotcitycasino.com
www.googletagmanager.com
2 media.src-play.com www.jackpotcitycasino.com
2 interruptchalkedlie.com 1 redirects erwinkeuph8vw.pages.dev
2 pop.dojo.cc 1 redirects erwinkeuph8vw.pages.dev
1 fonts.googleapis.com client
1 static.site24x7rum.com www.jackpotcitycasino.com
1 cdn.cloudimagesb.com
1 tse1.mm.bing.net erwinkeuph8vw.pages.dev
1 recordedthereby.com blackmailarmory.com
1 proftrafficcounter.com sighhigherapprove.com
1 sighhigherapprove.com ad.cordellvolante.biz.id
1 ad.cordellvolante.biz.id erwinkeuph8vw.pages.dev
0 suggestqueries.google.com Failed erwinkeuph8vw.pages.dev
138 26
Subject Issuer Validity Valid
erwinkeuph8vw.pages.dev
WE1
2024-08-17 -
2024-11-15
3 months crt.sh
cordellvolante.biz.id
WE1
2024-08-24 -
2024-11-22
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
sighhigherapprove.com
R10
2024-07-12 -
2024-10-10
3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02
2023-11-21 -
2024-12-19
a year crt.sh
blackmailarmory.com
R10
2024-09-01 -
2024-11-30
3 months crt.sh
topcreativeformat.com
R10
2024-07-18 -
2024-10-16
3 months crt.sh
recordedthereby.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
pallorirony.com
R10
2024-09-02 -
2024-12-01
3 months crt.sh
*.mm.bing.net
Microsoft Azure RSA TLS Issuing CA 04
2024-07-30 -
2025-01-26
6 months crt.sh
cdn.cloudimagesb.com
R10
2024-07-20 -
2024-10-18
3 months crt.sh
jackpotcitycasino.com
WE1
2024-08-11 -
2024-11-09
3 months crt.sh
imagethumb.com
WE1
2024-07-17 -
2024-10-15
3 months crt.sh
src-play.com
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
*.google-analytics.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.site24x7rum.com
Amazon RSA 2048 M02
2024-05-31 -
2025-06-28
a year crt.sh
upload.video.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
rbccdn.com
WE1
2024-07-09 -
2024-10-07
3 months crt.sh
*.gstatic.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.jackpotcitycasino.com/canada/
Frame ID: 8368902E9A16655853F0C14551EE8C58
Requests: 137 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/cti/13/7c/c8/137cc8e201b2cedad58d986ae65bfac7/1708270647.jpg
Frame ID: C24AA07294DF4A9B5B80FC38D0D2E833
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Jackpot City Online Casino Canada - CA$1600 Welcome Bonus

Page URL History Show full URLs

  1. http://erwinkeuph8vw.pages.dev/ HTTP 307
    https://erwinkeuph8vw.pages.dev/ Page URL
  2. https://erwinkeuph8vw.pages.dev/cdn-cgi/phish-bypass?atok=roBYsZL08NB7Ci4sUaE.OQUS5cR1EzVWFePK0q6T7co-172533... HTTP 301
    https://erwinkeuph8vw.pages.dev/ Page URL
  3. https://www.jackpotcitycasino.com/canada/?s=bfp44009&a=bfpadid189291 HTTP 307
    https://www.jackpotcitycasino.com/canada/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

93 %
HTTPS

65 %
IPv6

23
Domains

26
Subdomains

24
IPs

2
Countries

32347 kB
Transfer

46696 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://erwinkeuph8vw.pages.dev/ HTTP 307
    https://erwinkeuph8vw.pages.dev/ Page URL
  2. https://erwinkeuph8vw.pages.dev/cdn-cgi/phish-bypass?atok=roBYsZL08NB7Ci4sUaE.OQUS5cR1EzVWFePK0q6T7co-1725336745-0.0.1.1-%2F HTTP 301
    https://erwinkeuph8vw.pages.dev/ Page URL
  3. https://www.jackpotcitycasino.com/canada/?s=bfp44009&a=bfpadid189291 HTTP 307
    https://www.jackpotcitycasino.com/canada/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://erwinkeuph8vw.pages.dev/ HTTP 307
  • https://erwinkeuph8vw.pages.dev/
Request Chain 4
  • https://erwinkeuph8vw.pages.dev/cdn-cgi/phish-bypass?atok=roBYsZL08NB7Ci4sUaE.OQUS5cR1EzVWFePK0q6T7co-1725336745-0.0.1.1-%2F HTTP 301
  • https://erwinkeuph8vw.pages.dev/
Request Chain 6
  • https://pop.dojo.cc/8163.js HTTP 302
  • https://pop.dojo.cc/5648.js
Request Chain 26
  • https://blackmailarmory.com/watch.1557090167034.js?key=841551df4ace4771a26423c5508e1f6a&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1 HTTP 307
  • https://blackmailarmory.com/watch.1557090167034.js?dev=r&key=841551df4ace4771a26423c5508e1f6a&kw=%5B%5D&pst=1725336812&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=bee41b12a1978abedb19f365ea3cfc12cac9a5cf9da2fe8ebca0ac9c4f2c9a27071208e8d52e8a26391eedbc75997c4255899a9653c046cd3f8048d71742e90f458e33a95284ce0751f977865cad671e276530f7942c1b5b4c9696&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Request Chain 29
  • https://pallorirony.com/watch.1572461865050.js?key=d0ad831df891127170674f7100bd3428&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1 HTTP 307
  • https://pallorirony.com/watch.1572461865050.js?dev=r&key=d0ad831df891127170674f7100bd3428&kw=%5B%5D&pst=1725336813&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=5127448b97b6795a10cd05f59dc5ac5360f3163e1c44dcb391e615ad21a4ad2c4008759898d20173caf80cd07b2114a6ae9dd7b567bf15c71d2cc933ecf0aa7d12da87ec559d4ffae87a57e48104a2ce24e2f328223a7c1da66316d37744b2&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Request Chain 31
  • https://interruptchalkedlie.com/watch.1533306946694.js?key=b3b93aca483f1d9a2adb8be6c9552870&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1 HTTP 307
  • https://interruptchalkedlie.com/watch.1533306946694.js?dev=r&key=b3b93aca483f1d9a2adb8be6c9552870&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=9715fd33d2e10f2e303de6211812c92538ae9793558c834bcf83115e2e8ee5c03b21379de71809673004fe2fa05dc5604951aec112572f40efcf299d89213f699075781023a5a5165737f5b32d6d305c48a20c3100deae7966a57d&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Request Chain 33
  • https://pallorirony.com/watch.841494521600.js?key=5c5c6ef5a97b0b7e4cb5be2a1545aeb3&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1 HTTP 307
  • https://pallorirony.com/watch.841494521600.js?dev=r&key=5c5c6ef5a97b0b7e4cb5be2a1545aeb3&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=86aff45a3d3086e9f1ec5e16980cecca6e31f2900767aea0a467a85243a7ca57522726fc115456b6b2599d7b7018ff625e80d12d6b3aca765f572e49f4c1a7c6bfafbe95562ac2ef9e9607bc08d47dbe99574b347dd84ac6acd68f9a439858&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Request Chain 35
  • https://pallorirony.com/watch.765302910462.js?key=21cf3b0373319a6a55702af6b6335be7&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1 HTTP 307
  • https://pallorirony.com/watch.765302910462.js?dev=r&key=21cf3b0373319a6a55702af6b6335be7&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=b95b6c1893218170e7afeb7f5f65a0f4afc6f14103ecf8ef122fa78ed53fe157e5a2996a5027cd124e7279697bb487da8122eb3a3527d513a7a63956e5e60432905512d38a0418d5a58dabf23f4e4903b460215d658f1b02426c50fdaee555&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1

138 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
erwinkeuph8vw.pages.dev/
Redirect Chain
  • http://erwinkeuph8vw.pages.dev/
  • https://erwinkeuph8vw.pages.dev/
4 KB
2 KB
Document
General
Full URL
https://erwinkeuph8vw.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b6643a122a84ac2b2d185c74850f9421b1e515a348c6a29168737729afa157
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-ray
8bd2e6c4b9ebaaee-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Sep 2024 04:12:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlSh%2FjpwjNn4MPvBFOC30J6id599xDo9dRPSkMZl6nHQQUidN6qQSywcoS5ss%2FE8z6u2uBCRaCpycc%2BL2N9ZHpoiShDq82VHAv2DcsbxTm0s4uGFWU42Fw38yO7QLYeiKVo7mZPtHblCLzD%2B4ovPElvXuQ4QfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://erwinkeuph8vw.pages.dev/
Non-Authoritative-Reason
HSTS
cf.errors.css
erwinkeuph8vw.pages.dev/cdn-cgi/styles/
23 KB
5 KB
Stylesheet
General
Full URL
https://erwinkeuph8vw.pages.dev/cdn-cgi/styles/cf.errors.css
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2024 19:10:22 GMT
server
cloudflare
etag
W/"66ce249e-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8bd2e6c55a2eaaee-YYZ
expires
Tue, 03 Sep 2024 06:12:25 GMT
icon-exclamation.png
erwinkeuph8vw.pages.dev/cdn-cgi/images/
452 B
540 B
Image
General
Full URL
https://erwinkeuph8vw.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://erwinkeuph8vw.pages.dev/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2024 19:10:22 GMT
server
cloudflare
etag
"66ce249e-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
8bd2e6c5aa64aaee-YYZ
content-length
452
expires
Tue, 03 Sep 2024 06:12:25 GMT
favicon.ico
erwinkeuph8vw.pages.dev/
4 KB
2 KB
Other
General
Full URL
https://erwinkeuph8vw.pages.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a154643004f4a24e5a2e88baa7940f37ea6e8f411c9df2dca33b219ffc271e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:25 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltrZLHbeYwM3C%2BL8idx%2FKu%2BVMFhLB%2F8zolWXQxVhEo5o%2Bz9yMG7Q1cYw6%2BVocirBWpVthrwBGR56wXZK1AvJVwS5ewSmVQ%2BDyGcI8chwFih%2FG2LZw0SQSITAKm%2BNoyaFe6jK8tH7RT8SZJrxc7PyI%2FWU1cN%2FvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8bd2e6c5da78aaee-YYZ
/
erwinkeuph8vw.pages.dev/
Redirect Chain
  • https://erwinkeuph8vw.pages.dev/cdn-cgi/phish-bypass?atok=roBYsZL08NB7Ci4sUaE.OQUS5cR1EzVWFePK0q6T7co-1725336745-0.0.1.1-%2F
  • https://erwinkeuph8vw.pages.dev/
17 KB
6 KB
Document
General
Full URL
https://erwinkeuph8vw.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee8ac1bd83999622569ff354f685e72e8405dca163ae04eb9127c7282f2acc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8bd2e6e18ab9aaee-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 03 Sep 2024 04:12:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3MqWTJQ0aWhhOZPZb22E98ncB7AcIKM%2Fw0y0YNzBVCdDjBMv3A3SITaivB3rY8Fvpwpze8iLxKgoM1PUvpmHaT4i9%2B%2FNfpik1lhWtTtRPMpdfHpO8U6ngJMw7eN3Z3%2FvWMYJctFC8qwSqRLetsm1r4HigaSqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

cache-control
private, no-cache
cf-ray
8bd2e6e12a6eaaee-YYZ
content-length
167
content-type
text/html
date
Tue, 03 Sep 2024 04:12:30 GMT
location
https://erwinkeuph8vw.pages.dev/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
79ee6540a4b7a1babeebf56e1c23369e
split.cordellvolante.biz.id/get/site/js/
0
544 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/79ee6540a4b7a1babeebf56e1c23369e
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKnlD56q%2BlvBw3rKqe41lMaN6tj4BzTPsBywautr%2Fkwb0NcOYV4Knx%2BnEzOwMqq4cECgS1BPs1D3CtQ9QmBvgr6jZFkWH8e97JmfcZltfHt1GUW47cg0oWCr0OVRLc6G7we7BvMfnFVS6aCXP9TrYZLJy1hwkMFlkQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e6691136b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
5648.js
pop.dojo.cc/
Redirect Chain
  • https://pop.dojo.cc/8163.js
  • https://pop.dojo.cc/5648.js
13 KB
5 KB
Script
General
Full URL
https://pop.dojo.cc/5648.js
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Server
2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5f273a6d2f5ae29fa3a18e0fe79328b0c3e7ebaa94824e7e6fd13daf0b2a7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qh7KktDD2rrCVzjhnle8fXMICfW7l42DS0DjRxcb4D%2FJE52Ua2xe0%2FlDvWjxjZK%2Fjs4Jpjt04X5kg%2FxnD1rTYhMJRIB4yCfHonkcTg9PZPkmZxVAI0Eu%2BpVx9o%2BC94a%2BN9z9z%2BQeoEtiQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-ray
8bd2e6e85e74ab1b-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Redirect headers

date
Tue, 03 Sep 2024 04:12:31 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yatwYIn%2B%2FqAMau%2BkNsZLUTwKPrvpEzXkicOI2uOMnU%2BkdzxHhYeQYA94RDVNgf%2Ba9U%2F5nfbVjzfFoXdpc6sknmeiAl83I%2B6nagE7rcOj1xE8p0jgupbaGb4dbg3jEpOdQJ0C7gnZb0KXsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://pop.dojo.cc/5648.js
cache-control
no-cache, private
vary
Accept-Encoding
cf-ray
8bd2e6e6ed65ab1b-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
adsterra.js
ad.cordellvolante.biz.id/
346 B
862 B
Script
General
Full URL
https://ad.cordellvolante.biz.id/adsterra.js
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:2bf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecc5c1ab28c8dcdb80c88cb750d6d3ca9f3f4414680850c9a8fb8423d51a785
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1775874
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 17 Jul 2024 11:33:27 GMT
server
cloudflare
etag
W/"6697ac07-15a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UxmU8e8490z12pi7pTDqqH4zN01%2BNmn0PDPLrQV6%2BYeEykO4riPWkb88dA40qdaCaMJW0IB6uYvoIbfeAmuopwzWu6dxShY71a8Ni6YLAcD2sGQFaJhoQ8%2Fy%2FcI3s8D8mYul0%2BmqDMrJRs0WGTCOGQUJVncPtTc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
8bd2e6e6f9483a0a-YYZ
expires
Thu, 12 Sep 2024 14:54:37 GMT
96f68942922b52bb74183301da4f157f
split.cordellvolante.biz.id/get/site/js/
291 B
753 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/96f68942922b52bb74183301da4f157f
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c721588b5b617400c3c81d6a5e619f674559869d1945ed3e0b2e56ded21ee39a

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDM8ZXeWZZtSyCTxhYuaiQqKJPn%2BN%2BnLITh4Oh%2FfHTxpVnD6lY%2FYL3pTXWtvQQLyXvModnoxJmuqL9Nv8POIXTLci0uChM6YVcQeFAhHYkDoRmCkL2J63BeSPQL%2FJXFPMb7kqftcS9BX6V%2FEEhsjUftMER8aCNn0fnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e6690536b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
735067e87247c4ce7169d3e76e338bae
split.cordellvolante.biz.id/get/site/js/
0
547 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/735067e87247c4ce7169d3e76e338bae
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhp%2F9ve3i0wtj4WE6TozHTWp%2BMr9eB2OCiU6JiP2QmV9OJk4v65atN81n0DtZwrrtau%2FZ1VIFjVz71PwESfxcGssk%2ByRWJaauonLK7SE9vMoYdeviXwaDWI7MdGbTmKVAUbun4L3EqTMPplpZSVRAT2fxsL%2F%2B8jKTAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e6690f36b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
4b65d13b52f24adbd399ea59f81afe03
split.cordellvolante.biz.id/get/site/js/
0
549 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/4b65d13b52f24adbd399ea59f81afe03
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=33JSYYZt0nXjcbv7jM%2B7s%2B5zW7B9AAjznQhYNs1AJtmr%2FVFlN0OSx%2FwvCaDlpJyYc6wJjMZVdta3cIJ7kZHyng%2FKiw55ZiQOX3eHJjfbUGtcQzCy%2FbAuZ3YIdpEIlZz3VdA7vRL9UkmjH7gx4E8w9eiaQ0BgFkJFklc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e6690736b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
239d70a2682d0e2ba746122d0db22353
split.cordellvolante.biz.id/get/site/js/
291 B
748 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/239d70a2682d0e2ba746122d0db22353
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6d96bec3225aafd281eff213d8b429a4b2f415a2c05acfb3b3acb48d15f6aa7

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOhxXpocZVf22ldTqx7cpEcyFujQtZadJSPaePV5H94x%2FMeC0iLEIGNNXcAoLWDM17tkLkB%2FuLsh0wKrAa4ZN4FNgRYKyjxnDWU%2BYxjaVy3tKjdsuac9ozP6FRaJd40PguMjBYYz%2FzD90FT2kgsTSlUDu%2FzZEecxZRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e6690336b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
060f521699553ed7acb8025efc528049
split.cordellvolante.biz.id/get/site/js/
0
548 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/060f521699553ed7acb8025efc528049
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQkajBeNHZYB4KYCYZKYWswFTs8d2Y4UfqgF6YsC7iR02FNop4P2ZDbjBHXo%2BmLjFpYzKUN08LsuoRDOH%2BdOOA6GMrT3SCUp9b469%2FQ%2BOAMmPGhCUGcY37vkexNitI1v2v6PgcB8jZ02QQh%2BdCqtZojPenq3ZKmPOK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e6690136b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
a3eec059244c689dc188166f358da416
split.cordellvolante.biz.id/get/site/js/
0
551 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/a3eec059244c689dc188166f358da416
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ziGeBG%2F2eX1YKh0xHZBGZR%2FF6Zq%2FyX7i2JlhYhqvZIKLy8BBgJ9RTOGhqxDlzdxOWvad%2F2eoEk3UK3KQDjFBdW2GmpJAsJ%2FAsZIlBDLfYCc6J4sISwPn8hX%2F619lx8XMAOqQ6m0L39RfqLhXXCyo1CxPJ7os7z4Kuag%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e668ff36b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
35f35ef9fb48430fa4fa94de28d8722d
split.cordellvolante.biz.id/get/site/js/
291 B
782 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/35f35ef9fb48430fa4fa94de28d8722d
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f364cbb0435cf32cdf6b12944c960604dc887f66517ecf3aa7d9cacdbbdcc7cd

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6CMdaTZUZ4SAFgRkYjbRTafMR%2BJB7sVXxYzvFIolbkgOT4uz54gMSu2w9e4Oo%2BbWThdezWa5HoKeDwdfVmgT6OmvS3d6lrjEyNWzeJBCVxoaOZtq8NypfqCunFc%2Bjum4MNtzJLgIbGqwUDsYuEoC8bKyiPDJ8gr7tQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e6690b36b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
4c9721127b5277f3a2fb77663db94928
split.cordellvolante.biz.id/get/site/js/
291 B
750 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/4c9721127b5277f3a2fb77663db94928
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745a44a3a5de4de96e527138adf43daf8890431471b0bc330e0cb0c61f125a8c

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itBed%2BvwJaFFIW0vDJimOFw%2Bjx7iQ57lhESyfghd9P7FYjnFTnmROuYv2wrZzSLaTogxqR3ML48EQHDFwYy67rCW1%2Bl6FQtn3fDBBxA2f0072MgkJP9qHOkN4Hdn%2BVUvfEVq%2F7SbZumwghhI7Djsu6aX2jRF1AMqHuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e6690936b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
aa0994da5a2a085f27e83f4ee87f08d0
split.cordellvolante.biz.id/get/site/js/
0
546 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/aa0994da5a2a085f27e83f4ee87f08d0
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sESJucwxz%2FGWp%2BJPnFeaC2CD7HgmbCYaJjeSBaHQLFre5FvIRGlAow26R6VH6IZXPAVJMiIP6Xnbu6DKX34LR6V58rzVTSYl5rBPTLhISYwXE300PyjGM0Hi4pyFVCRSFuBp8kjCfmM8yM6uhERvkqSbQi6lkquDoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e668f836b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
1a9b7340e3ac1a46624302594a15d2a0
split.cordellvolante.biz.id/get/site/js/
0
553 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/1a9b7340e3ac1a46624302594a15d2a0
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mO%2Bp%2BkYiKUN%2FIiL87UECMMbGUGo8r6GHLceT0nm58k3P5qHQUrCh2faROh3feBXDXQ0WxXCdN0Fypu8zs%2BRfNvafXrlJTlb4%2BgimXKpcre1lq59qQpeCjtDWkSmgi0%2FhuoH%2BeF%2FRlsW0ZPj%2FqJFonIb9aC56%2FQXXaVA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e668fa36b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
be5ac47e051c13b62e663dac072af651
split.cordellvolante.biz.id/get/site/js/
0
552 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/be5ac47e051c13b62e663dac072af651
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEj8PiUSU%2FtpA5n7Ml9%2F0bYwzLsBTMnOgsnI73dFgUh5VB68dFWTPla3dvX238PN%2Fn9B2MYuEDFCW%2ByeQAwbH%2Bd5Q7mbm%2BTWrR1wPT40KxGP8lkRuxCn4oz2%2FW1OI2t512jRm3AaFHOpxkgk9lPWMZ0vVMp%2FQC0B578%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e668fb36b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
9c31d45687dbf0948cea25d6bf521027
split.cordellvolante.biz.id/get/site/js/
0
546 B
Script
General
Full URL
https://split.cordellvolante.biz.id/get/site/js/9c31d45687dbf0948cea25d6bf521027
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:bd06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMtvvNdNbtvrQh3p1%2B1gqUED1CFm8zB1xTusCYcVnmf1paf%2B%2BW3MQpmisHdVDugDVvsVaB3H%2FaeYhbXmydGot95jXWonT8RVK80jiFTZkdMId6sJfLa5QU5U5Wx5ReMshcVawTxIYpeCLIq%2B7h5xFd0QKoagAzOnXdA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bd2e6e668fd36b3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
71 KB
22 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
Origin
https://erwinkeuph8vw.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4736184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22329
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-11ab4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCQOCToVan55AWKx0dm6f3kHl6Qx1RPjNuILeQK9AqFCFkBPWUeJ58vPeilLH0Z22gI2P3tiE0D4I3yrWV%2B3R0KpCa1Me%2FukW2D8foyny98PMWSr6JDFOSnuYvdO0doEz0bDFWJHCLCaIXPYJulT%2BJFx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bd2e6e6ed05a1f9-YYZ
expires
Sun, 24 Aug 2025 04:12:31 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/
8 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
Origin
https://erwinkeuph8vw.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
994225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3150
last-modified
Sat, 02 Jan 2021 18:12:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ff0b799-1ed1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djhS7MmaTXrZXMBsQbC7na%2FZwvANiSN3YlbEPQIfKm1DpgQ%2BNsWiJnvOWdSidT6ZnDFyplwEBnLbRn0rSg0RWKAByuyae3RtWpjV0ILR6swSoP7E43icI0lm%2FvhzBJV8YyEXBgte5lkRgwZR6OZisWqh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bd2e6e6ed07a1f9-YYZ
expires
Sun, 24 Aug 2025 04:12:31 GMT
invoke.js
sighhigherapprove.com/841551df4ace4771a26423c5508e1f6a/
31 KB
12 KB
Script
General
Full URL
https://sighhigherapprove.com/841551df4ace4771a26423c5508e1f6a/invoke.js
Requested by
Host: ad.cordellvolante.biz.id
URL: https://ad.cordellvolante.biz.id/adsterra.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
9423bccc123a7b4a013212309e05cbcaf9a52f23950be48b0fe743c9046fb3a9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2024 04:12:32 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
3717f0acb98a4acf3f87d66d96f498d4
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/
40 B
306 B
XHR
General
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: sighhigherapprove.com
URL: https://sighhigherapprove.com/841551df4ace4771a26423c5508e1f6a/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.14.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-14-153.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
475bb4b37138bbf4cde349e961a82ae42d183de35d9510ba39118cde693b8c69

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://erwinkeuph8vw.pages.dev
date
Tue, 03 Sep 2024 04:12:32 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
875f85d98e0187160dadef1129088a1c.js
blackmailarmory.com/87/5f/85/
93 KB
34 KB
Script
General
Full URL
https://blackmailarmory.com/87/5f/85/875f85d98e0187160dadef1129088a1c.js
Requested by
Host: sighhigherapprove.com
URL: https://sighhigherapprove.com/841551df4ace4771a26423c5508e1f6a/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
7a22d3a3837b2b91a395fc1330bd6e4608b69d0c17534819b479cfd771ad58ed
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2024 04:12:32 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host
blackmailarmory.com
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
1160db8396c1c77aaeca6ab7a854728b
Expires
Thu, 01 Jan 1970 00:00:01 GMT
invoke.js
www.topcreativeformat.com/d0ad831df891127170674f7100bd3428/
31 KB
12 KB
Script
General
Full URL
https://www.topcreativeformat.com/d0ad831df891127170674f7100bd3428/invoke.js
Requested by
Host: split.cordellvolante.biz.id
URL: https://split.cordellvolante.biz.id/get/site/js/96f68942922b52bb74183301da4f157f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
7248db4c76af8377e4fe3ca436986a0e9f8394b4df417daa1c8658ec315bcbc3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2024 04:12:32 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
4c44388deca9addd1d6aebb93bc9d5c2
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.1557090167034.js
blackmailarmory.com/
Redirect Chain
  • https://blackmailarmory.com/watch.1557090167034.js?key=841551df4ace4771a26423c5508e1f6a&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0...
  • https://blackmailarmory.com/watch.1557090167034.js?dev=r&key=841551df4ace4771a26423c5508e1f6a&kw=%5B%5D&pst=1725336812&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=bee41b12a1...
0
1 KB
XHR
General
Full URL
https://blackmailarmory.com/watch.1557090167034.js?dev=r&key=841551df4ace4771a26423c5508e1f6a&kw=%5B%5D&pst=1725336812&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=bee41b12a1978abedb19f365ea3cfc12cac9a5cf9da2fe8ebca0ac9c4f2c9a27071208e8d52e8a26391eedbc75997c4255899a9653c046cd3f8048d71742e90f458e33a95284ce0751f977865cad671e276530f7942c1b5b4c9696&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
HTTP/1.1
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 04:12:33 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
X-Request-ID
e83645601a2c5970957df71d30e56795
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host
blackmailarmory.com
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Tue, 03 Sep 2024 04:12:32 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
X-Request-ID
4d40c2dade5624c807cd7dc805535750
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host
blackmailarmory.com
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Location
https://blackmailarmory.com/watch.1557090167034.js?dev=r&key=841551df4ace4771a26423c5508e1f6a&kw=%5B%5D&pst=1725336812&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=bee41b12a1978abedb19f365ea3cfc12cac9a5cf9da2fe8ebca0ac9c4f2c9a27071208e8d52e8a26391eedbc75997c4255899a9653c046cd3f8048d71742e90f458e33a95284ce0751f977865cad671e276530f7942c1b5b4c9696&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sfp.js
recordedthereby.com/
83 KB
27 KB
Script
General
Full URL
https://recordedthereby.com/sfp.js
Requested by
Host: blackmailarmory.com
URL: https://blackmailarmory.com/87/5f/85/875f85d98e0187160dadef1129088a1c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d0d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:33 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
2cfe8ca0d9dbe48af63a18c0328898c6
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qxOCskv5hxZpv%2BNZQF0Dm9Ehxrbar2y2gFAjkD6U%2B1HLsD3cX0HpZyZqKVeY%2F9D204BMw9B1AiVb5cmmy8ExrPl5nkcZKovhqdMvQvs9HvolgRCNydr0mpDD%2BUkEbJZ3o1hTyVcSgUm1n7PmQXk3VTJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, max-age=0, private, no-cache
cf-ray
8bd2e6f578c936be-YYZ
expires
Thu, 01 Jan 1970 00:00:01 GMT
purst
pallorirony.com/pixel/
0
469 B
Image
General
Full URL
https://pallorirony.com/pixel/purst?dl=0&th=0&sc=0&rs=2658.2999999523163&rd=2658.2999999523163&fd=518.0999999046326&bv=24.8.5187&tmpl=70
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 04:12:33 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.1572461865050.js
pallorirony.com/
Redirect Chain
  • https://pallorirony.com/watch.1572461865050.js?key=d0ad831df891127170674f7100bd3428&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0a026...
  • https://pallorirony.com/watch.1572461865050.js?dev=r&key=d0ad831df891127170674f7100bd3428&kw=%5B%5D&pst=1725336813&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=5127448b97b679...
0
1009 B
XHR
General
Full URL
https://pallorirony.com/watch.1572461865050.js?dev=r&key=d0ad831df891127170674f7100bd3428&kw=%5B%5D&pst=1725336813&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=5127448b97b6795a10cd05f59dc5ac5360f3163e1c44dcb391e615ad21a4ad2c4008759898d20173caf80cd07b2114a6ae9dd7b567bf15c71d2cc933ecf0aa7d12da87ec559d4ffae87a57e48104a2ce24e2f328223a7c1da66316d37744b2&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2024 04:12:33 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Request-ID
e5e50745515bfaa481aa947a31cf7ead
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Tue, 03 Sep 2024 04:12:33 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
X-Request-ID
f7f0eba360970ae61aa3bf818d31bf9f
Pragma
no-cache
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Location
https://pallorirony.com/watch.1572461865050.js?dev=r&key=d0ad831df891127170674f7100bd3428&kw=%5B%5D&pst=1725336813&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=5127448b97b6795a10cd05f59dc5ac5360f3163e1c44dcb391e615ad21a4ad2c4008759898d20173caf80cd07b2114a6ae9dd7b567bf15c71d2cc933ecf0aa7d12da87ec559d4ffae87a57e48104a2ce24e2f328223a7c1da66316d37744b2&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
invoke.js
www.topcreativeformat.com/b3b93aca483f1d9a2adb8be6c9552870/
31 KB
12 KB
Script
General
Full URL
https://www.topcreativeformat.com/b3b93aca483f1d9a2adb8be6c9552870/invoke.js
Requested by
Host: split.cordellvolante.biz.id
URL: https://split.cordellvolante.biz.id/get/site/js/239d70a2682d0e2ba746122d0db22353
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e39084f392ec92ba74b0816f4fb14e7305e150fd17c566a68ed545ad5c3aefd7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2024 04:12:33 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
9b4c5612e97a677b0e181b6e7a38dccf
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.1533306946694.js
interruptchalkedlie.com/
Redirect Chain
  • https://interruptchalkedlie.com/watch.1533306946694.js?key=b3b93aca483f1d9a2adb8be6c9552870&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-ba...
  • https://interruptchalkedlie.com/watch.1533306946694.js?dev=r&key=b3b93aca483f1d9a2adb8be6c9552870&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=9715fd...
1 KB
2 KB
XHR
General
Full URL
https://interruptchalkedlie.com/watch.1533306946694.js?dev=r&key=b3b93aca483f1d9a2adb8be6c9552870&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=9715fd33d2e10f2e303de6211812c92538ae9793558c834bcf83115e2e8ee5c03b21379de71809673004fe2fa05dc5604951aec112572f40efcf299d89213f699075781023a5a5165737f5b32d6d305c48a20c3100deae7966a57d&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
HTTP/1.1
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 04:12:34 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-Request-ID
227d1ee6de4678818d100c73cba3b349
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host
interruptchalkedlie.com
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Tue, 03 Sep 2024 04:12:34 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
X-Request-ID
8dc3e5233484f2cfdc1759cb612006a1
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host
interruptchalkedlie.com
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Location
https://interruptchalkedlie.com/watch.1533306946694.js?dev=r&key=b3b93aca483f1d9a2adb8be6c9552870&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=9715fd33d2e10f2e303de6211812c92538ae9793558c834bcf83115e2e8ee5c03b21379de71809673004fe2fa05dc5604951aec112572f40efcf299d89213f699075781023a5a5165737f5b32d6d305c48a20c3100deae7966a57d&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
invoke.js
www.topcreativeformat.com/5c5c6ef5a97b0b7e4cb5be2a1545aeb3/
31 KB
12 KB
Script
General
Full URL
https://www.topcreativeformat.com/5c5c6ef5a97b0b7e4cb5be2a1545aeb3/invoke.js
Requested by
Host: split.cordellvolante.biz.id
URL: https://split.cordellvolante.biz.id/get/site/js/35f35ef9fb48430fa4fa94de28d8722d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
82b92d5132dae507c81bbf12fb4fc3bffc64d01717a5dc096567f5d4b387e164
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2024 04:12:33 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
e4f0064c14a7fb44705f1e1734c76b64
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.841494521600.js
pallorirony.com/
Redirect Chain
  • https://pallorirony.com/watch.841494521600.js?key=5c5c6ef5a97b0b7e4cb5be2a1545aeb3&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0a0266...
  • https://pallorirony.com/watch.841494521600.js?dev=r&key=5c5c6ef5a97b0b7e4cb5be2a1545aeb3&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=86aff45a3d3086e...
1 KB
2 KB
XHR
General
Full URL
https://pallorirony.com/watch.841494521600.js?dev=r&key=5c5c6ef5a97b0b7e4cb5be2a1545aeb3&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=86aff45a3d3086e9f1ec5e16980cecca6e31f2900767aea0a467a85243a7ca57522726fc115456b6b2599d7b7018ff625e80d12d6b3aca765f572e49f4c1a7c6bfafbe95562ac2ef9e9607bc08d47dbe99574b347dd84ac6acd68f9a439858&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
72aeae927adaabe29edfec4d404e9a8185546a807aabbf5cbb6cf958bd259393
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 04:12:34 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-Request-ID
c50f5da77417e867019bdc4328b10487
Pragma
no-cache
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Tue, 03 Sep 2024 04:12:34 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
X-Request-ID
03d9191f3c21dae83855bb51506b415a
Pragma
no-cache
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Location
https://pallorirony.com/watch.841494521600.js?dev=r&key=5c5c6ef5a97b0b7e4cb5be2a1545aeb3&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=86aff45a3d3086e9f1ec5e16980cecca6e31f2900767aea0a467a85243a7ca57522726fc115456b6b2599d7b7018ff625e80d12d6b3aca765f572e49f4c1a7c6bfafbe95562ac2ef9e9607bc08d47dbe99574b347dd84ac6acd68f9a439858&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
invoke.js
www.topcreativeformat.com/21cf3b0373319a6a55702af6b6335be7/
31 KB
12 KB
Script
General
Full URL
https://www.topcreativeformat.com/21cf3b0373319a6a55702af6b6335be7/invoke.js
Requested by
Host: split.cordellvolante.biz.id
URL: https://split.cordellvolante.biz.id/get/site/js/4c9721127b5277f3a2fb77663db94928
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
df6b6c08f6ea4a2f1840fe9f877610c1dd5d78df4e75c7a32e3b461a986d54d0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 03 Sep 2024 04:12:34 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
03a679d748ca70be436d06651e98f400
Expires
Thu, 01 Jan 1970 00:00:01 GMT
watch.765302910462.js
pallorirony.com/
Redirect Chain
  • https://pallorirony.com/watch.765302910462.js?key=21cf3b0373319a6a55702af6b6335be7&kw=%5B%5D&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&tz=-7&dev=r&res=14.31&uuid=48e73daa-944b-485c-bace-0a0266...
  • https://pallorirony.com/watch.765302910462.js?dev=r&key=21cf3b0373319a6a55702af6b6335be7&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=b95b6c189321817...
3 KB
3 KB
XHR
General
Full URL
https://pallorirony.com/watch.765302910462.js?dev=r&key=21cf3b0373319a6a55702af6b6335be7&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=b95b6c1893218170e7afeb7f5f65a0f4afc6f14103ecf8ef122fa78ed53fe157e5a2996a5027cd124e7279697bb487da8122eb3a3527d513a7a63956e5e60432905512d38a0418d5a58dabf23f4e4903b460215d658f1b02426c50fdaee555&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 04:12:34 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-Request-ID
5c5ed4452db99d7e4b1a1143d6cf885c
Pragma
no-cache
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Tue, 03 Sep 2024 04:12:34 GMT
Custom-Referer
https://erwinkeuph8vw.pages.dev
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
X-Request-ID
21570111c21799caa3277c6c5505f912
Pragma
no-cache
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://erwinkeuph8vw.pages.dev
Location
https://pallorirony.com/watch.765302910462.js?dev=r&key=21cf3b0373319a6a55702af6b6335be7&kw=%5B%5D&pst=1725336814&refer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&res=14.31&rmtc=t&shu=b95b6c1893218170e7afeb7f5f65a0f4afc6f14103ecf8ef122fa78ed53fe157e5a2996a5027cd124e7279697bb487da8122eb3a3527d513a7a63956e5e60432905512d38a0418d5a58dabf23f4e4903b460215d658f1b02426c50fdaee555&tz=-7&uuid=48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
search
suggestqueries.google.com/complete/
0
0

th
tse1.mm.bing.net/
727 B
1 KB
Image
General
Full URL
https://tse1.mm.bing.net/th?q=
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:34 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1E8EC0A514D14ED9816F21A791087995 Ref B: YTO01EDGE0808 Ref C: 2024-09-03T04:12:34Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
cache-control
no-cache
timing-allow-origin
*
access-control-allow-headers
*
content-length
727
expires
-1
/
www.jackpotcitycasino.com/canada/
0
0

1708270647.jpg
cdn.cloudimagesb.com/cti/13/7c/c8/137cc8e201b2cedad58d986ae65bfac7/ Frame C24A
77 KB
77 KB
Image
General
Full URL
https://cdn.cloudimagesb.com/cti/13/7c/c8/137cc8e201b2cedad58d986ae65bfac7/1708270647.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 03 Sep 2024 04:12:34 GMT
last-modified
Sun, 18 Feb 2024 15:37:35 GMT
server
nginx/1.21.6
etag
"65d2243f-13398"
x-cdn-host-id
ds7961
content-type
image/jpeg
cache-control
max-age=172800
accept-ranges
bytes
content-length
78744
expires
Thu, 05 Sep 2024 04:12:34 GMT
Primary Request /
www.jackpotcitycasino.com/canada/
Redirect Chain
  • https://www.jackpotcitycasino.com/canada/?s=bfp44009&a=bfpadid189291
  • https://www.jackpotcitycasino.com/canada/
261 KB
29 KB
Document
General
Full URL
https://www.jackpotcitycasino.com/canada/
Requested by
Host: erwinkeuph8vw.pages.dev
URL: https://erwinkeuph8vw.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c925a2ae39b2b86b706f23326e349478fda09e3783c2dddde730ae2cc6b12b7

Request headers

Referer
https://erwinkeuph8vw.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8bd2e6fdba975419-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 03 Sep 2024 04:12:35 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8bd2e6fca9d65419-YYZ
content-type
text/html; charset=UTF-8
date
Tue, 03 Sep 2024 04:12:34 GMT
location
https://www.jackpotcitycasino.com/canada/
server
cloudflare
vary
Accept-Encoding
icons_menu-main.min.css
www.jackpotcitycasino.com/jcc/css/
3 KB
932 B
Stylesheet
General
Full URL
https://www.jackpotcitycasino.com/jcc/css/icons_menu-main.min.css
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8b75503da12e46d60eed5b809f14ad56b9c5ee2aeb1d51f433626461d45794

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1282
etag
"b58-6211e21f984c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e705dfeb5419-YYZ
content-length
743
expires
Tue, 03 Sep 2024 08:12:36 GMT
styles.min.css
www.jackpotcitycasino.com/jcc/css/
200 KB
32 KB
Stylesheet
General
Full URL
https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb09e0b86d6ee1db71ce9ec93aea26389e4652247c85348f7d72c679ca7d822

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1281
etag
"31f7b-6211e21f984c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e705dfed5419-YYZ
content-length
32756
expires
Tue, 03 Sep 2024 08:12:36 GMT
logo.svg
dm.imagethumb.com/images/jackpotcity-logos/
33 KB
23 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jackpotcity-logos/logo.svg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
24a476dce6ed889900ff0252ed88051d7c9e001968cdf252a7aca95b13140959

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2024 09:25:13 GMT
server
cloudflare
age
1012760
etag
W/"3114d95e1c6da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=5184000
cf-ray
8bd2e7069f8aabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
go-to-top.png
www.jackpotcitycasino.com/jcc/images/
3 KB
3 KB
Image
General
Full URL
https://www.jackpotcitycasino.com/jcc/images/go-to-top.png
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3126719a1cdfb87487b58c778bab80e3c91e5bc4398804cb1edde7ccefb985

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1284
cf-polished
origFmt=png, origSize=8895
content-disposition
inline; filename="go-to-top.webp"
content-length
2984
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"22bf-6211e21f984c0"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e70678775419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
jackpot-ticker-bg.png
www.jackpotcitycasino.com/jcc/images/
90 KB
90 KB
Image
General
Full URL
https://www.jackpotcitycasino.com/jcc/images/jackpot-ticker-bg.png
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dd31dff5493086ecbcd6f200b0529ceaa04bfb91eaa3a8514627c9c0d7e11e

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1282
cf-polished
origFmt=png, origSize=95832
content-disposition
inline; filename="jackpot-ticker-bg.webp"
content-length
91870
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"17658-6211e21f984c0"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e705dfee5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
9-masks-of-fire.jpg
dm.imagethumb.com/images/jpc/tgbox/
87 KB
87 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/9-masks-of-fire.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e8e61cf5bae069200972eacfdb05c32dda25fbda6aea8cf0e4f52deda07a20ae

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1006689
cf-polished
qual=85, origFmt=jpeg, origSize=148866
x-powered-by
ASP.NET
content-disposition
inline; filename="9-masks-of-fire.webp"
content-length
88966
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Feb 2023 11:04:00 GMT
server
cloudflare
etag
"0d0aa89bf42d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e7069f8babb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
diamond-sands.jpg
dm.imagethumb.com/images/jpc/tgbox/
85 KB
86 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/diamond-sands.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b7fb43007a2fa84c66bc14d99662c2f8c9b9ef2793c28e505bee5c4b7c5f85df

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012752
cf-polished
qual=85, origFmt=jpeg, origSize=96061
x-powered-by
ASP.NET
content-disposition
inline; filename="diamond-sands.webp"
content-length
87432
cf-bgj
imgq:85,h2pri
last-modified
Thu, 20 Apr 2023 11:34:51 GMT
server
cloudflare
etag
"eef1b1f7c73d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e7069f8dabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
gold-blitz-tgb.jpg
dm.imagethumb.com/images/jpc/tgbox/
44 KB
44 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/gold-blitz-tgb.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bdb1c151de043fb1e66cd7d3ea3581b9737c880abadb5a8d126abde141a6941b

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012752
cf-polished
qual=85, origFmt=jpeg, origSize=74498
x-powered-by
ASP.NET
content-disposition
inline; filename="gold-blitz-tgb.webp"
content-length
44768
cf-bgj
imgq:85,h2pri
last-modified
Mon, 09 Oct 2023 11:56:16 GMT
server
cloudflare
etag
"accddb9ba7fad91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e7069f91abb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
3-lucky-rainbows.jpg
dm.imagethumb.com/images/jpc/tgbox/
114 KB
115 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/3-lucky-rainbows.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eae1ea2216e3c95f5a6c53f8b033c9b0cdeb15710ab70a432330cd4013699425

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012752
cf-polished
qual=85, origFmt=jpeg, origSize=123180
x-powered-by
ASP.NET
content-disposition
inline; filename="3-lucky-rainbows.webp"
content-length
117210
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Feb 2023 11:04:00 GMT
server
cloudflare
etag
"0d0aa89bf42d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e7069f8eabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
amazing-link-zeus.jpg
dm.imagethumb.com/images/jpc/tgbox/
91 KB
91 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/amazing-link-zeus.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1e00d6167c033989d979578214a9babfc76e4fdc01516a707dc97ecf6619c192

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012752
cf-polished
qual=85, origFmt=jpeg, origSize=149183
x-powered-by
ASP.NET
content-disposition
inline; filename="amazing-link-zeus.webp"
content-length
92904
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Feb 2023 11:04:00 GMT
server
cloudflare
etag
"0d0aa89bf42d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e7069f90abb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
bison-moon.jpg
dm.imagethumb.com/images/jpc/tgbox/
105 KB
105 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/bison-moon.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
530782898270dff98a6857a5489ff824f1f54b6600407cca0fba1b7334f83cb3

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012752
cf-polished
qual=85, origFmt=jpeg, origSize=117305
x-powered-by
ASP.NET
content-disposition
inline; filename="bison-moon.webp"
content-length
107176
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Feb 2023 11:04:00 GMT
server
cloudflare
etag
"0d0aa89bf42d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af93abb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
fire-and-roses-joker.jpg
dm.imagethumb.com/images/jpc/tgbox/
79 KB
79 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/fire-and-roses-joker.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f00fa5f10a3876b4987a9617e490f8f5421bb0cca45881d73137e13f254664e9

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1006688
cf-polished
qual=85, origFmt=jpeg, origSize=146261
x-powered-by
ASP.NET
content-disposition
inline; filename="fire-and-roses-joker.webp"
content-length
80736
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Feb 2023 11:04:00 GMT
server
cloudflare
etag
"0d0aa89bf42d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af94abb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
wolf-blaze-megaways.jpg
dm.imagethumb.com/images/jpc/tgbox/
96 KB
96 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/wolf-blaze-megaways.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
69a58452ad54d86835217de65dd0f87d5fb306d785f991d23ef12bec73738c9f

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1006688
cf-polished
qual=85, origFmt=jpeg, origSize=147652
x-powered-by
ASP.NET
content-disposition
inline; filename="wolf-blaze-megaways.webp"
content-length
98152
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Feb 2023 11:04:00 GMT
server
cloudflare
etag
"0d0aa89bf42d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af96abb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
ancient-fortunes-zeus.jpg
dm.imagethumb.com/images/jpc/tgbox/
105 KB
105 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/ancient-fortunes-zeus.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b1223996bf26a243b9cf7f9621a50407e2b66e718615b0da6617389d359df003

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
441007
cf-polished
qual=85, origFmt=jpeg, origSize=147407
x-powered-by
ASP.NET
content-disposition
inline; filename="ancient-fortunes-zeus.webp"
content-length
107142
cf-bgj
imgq:85,h2pri
last-modified
Fri, 17 Feb 2023 11:04:00 GMT
server
cloudflare
etag
"0d0aa89bf42d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af98abb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
9PotsOfGold_Roulette-tri_game_box-800x450.jpg
dm.imagethumb.com/images/jpc/tgbox/
52 KB
52 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/9PotsOfGold_Roulette-tri_game_box-800x450.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cbed2a99bf87f622779d2bb50eed2276cd5a8948b03e59f6c37f65a37d052d92

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1006688
cf-polished
qual=85, origFmt=jpeg, origSize=85889
x-powered-by
ASP.NET
content-disposition
inline; filename="9PotsOfGold_Roulette-tri_game_box-800x450.webp"
content-length
53514
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 May 2023 03:54:00 GMT
server
cloudflare
etag
"0bc8adf382d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af99abb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
extreme-multifire-roulette.jpg
dm.imagethumb.com/images/jpc/tgbox/
20 KB
20 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/extreme-multifire-roulette.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8326ea7d507c663d55cdad9285877053ca276fee6074c4eca6296d7df66a3ab7

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012752
cf-polished
qual=85, origFmt=jpeg, origSize=43450
x-powered-by
ASP.NET
content-disposition
inline; filename="extreme-multifire-roulette.webp"
content-length
20328
cf-bgj
imgq:85,h2pri
last-modified
Tue, 06 Jun 2023 04:56:00 GMT
server
cloudflare
etag
"0f0fc2f3398d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af9aabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
classic-blackjack-with-noble-diamonds.jpg
dm.imagethumb.com/images/jpc/tgbox/
22 KB
22 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/classic-blackjack-with-noble-diamonds.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3095d19aef2bae3478401f18418daf3ed69c302dd1f88dc22eb3589ec961b808

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012752
cf-polished
qual=85, origFmt=jpeg, origSize=44184
x-powered-by
ASP.NET
content-disposition
inline; filename="classic-blackjack-with-noble-diamonds.webp"
content-length
22510
cf-bgj
imgq:85,h2pri
last-modified
Tue, 06 Jun 2023 04:37:00 GMT
server
cloudflare
etag
"0be7e883098d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af9cabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
classic-blackjack-with-sweetheart16.jpg
dm.imagethumb.com/images/jpc/tgbox/
23 KB
23 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/classic-blackjack-with-sweetheart16.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1f353b48de3ec72ca1290f125e253ab598b591dd467da8d4666a08ca9d51d39

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
444596
cf-polished
qual=85, origFmt=jpeg, origSize=43591
x-powered-by
ASP.NET
content-disposition
inline; filename="classic-blackjack-with-sweetheart16.webp"
content-length
23684
cf-bgj
imgq:85,h2pri
last-modified
Tue, 06 Jun 2023 04:37:00 GMT
server
cloudflare
etag
"0be7e883098d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af9dabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
SwitchDragonTiger-tri_game_box-800x450.jpg
dm.imagethumb.com/images/jpc/tgbox/
19 KB
20 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/SwitchDragonTiger-tri_game_box-800x450.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cd3a1cda1d1878324b929ba7358f8fc173f252fc6f218868cdbbb10231ff48ab

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012752
cf-polished
qual=85, origFmt=jpeg, origSize=40146
x-powered-by
ASP.NET
content-disposition
inline; filename="SwitchDragonTiger-tri_game_box-800x450.webp"
content-length
19802
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 May 2023 04:24:00 GMT
server
cloudflare
etag
"0b0cb652e8dd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af9eabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
SwitchBaccarat-tri_game_box-800x450.jpg
dm.imagethumb.com/images/jpc/tgbox/
38 KB
38 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/tgbox/SwitchBaccarat-tri_game_box-800x450.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e6566ce6c047c05b756a162774bbaa46c146050fd5542d4d9c764dd2706f7787

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1006688
cf-polished
qual=85, origFmt=jpeg, origSize=67220
x-powered-by
ASP.NET
content-disposition
inline; filename="SwitchBaccarat-tri_game_box-800x450.webp"
content-length
38754
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 May 2023 08:20:00 GMT
server
cloudflare
etag
"078dddaa8fd91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706af9fabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
video-falback.jpg
www.jackpotcitycasino.com/jcc/includes/webparts/images/
15 KB
15 KB
Image
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/images/video-falback.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7132c339018a46dd888a7b14ce500b92ab3b348c042319ff727e555dafee9cbc

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
1274
etag
"3aff-6211e21f984c0"
cf-polished
status=not_needed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e706787a5419-YYZ
content-length
15103
expires
Tue, 03 Sep 2024 08:12:36 GMT
play_ico.svg
www.jackpotcitycasino.com/jcc/includes/webparts/images/
385 B
374 B
Image
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/images/play_ico.svg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66bff63483c26d37357d74f4811b08cd67e84b219b3051dc527e202d32f9f984

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1274
etag
W/"181-6211e21f984c0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
8bd2e706787b5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
eprivacy-custom.js
media.src-play.com/plugins/eprivacy/
41 KB
8 KB
Script
General
Full URL
https://media.src-play.com/plugins/eprivacy/eprivacy-custom.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
59c50b7c81c6f9d495de9a2d29c3ff74df0dfe52a9cdea882a88ec1621996661

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5597
x-powered-by
ASP.NET
content-length
8173
last-modified
Wed, 28 Feb 2024 08:29:38 GMT
server
cloudflare
etag
"0c56744206ada1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e7081b7c39ed-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3500752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWnxG6XMvUWuuO%2FdVslLR%2BtL3oCHz0S6hw9OAAXDqdHXyr2EfirVcyluJVjR%2F2A780BxKdl50K8o2XPFNKLSsHkTTEYkJHJJKKheiJV8wE3T92HdaaNIL6zblW9kknoDGYPrNtpAuQGYcZbrdRC0TD3Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bd2e7071a30ac6f-YYZ
expires
Sun, 24 Aug 2025 04:12:36 GMT
scripts.min.js
www.jackpotcitycasino.com/jcc/js/
12 KB
3 KB
Script
General
Full URL
https://www.jackpotcitycasino.com/jcc/js/scripts.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e59efdc7ffb29b5e54084e4030bc080b872c4d792cd4de1d1d702783365e10

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1275
etag
W/"2e98-6211e21f984c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8bd2e706787d5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
swiper.min.js
www.jackpotcitycasino.com/jcc/includes/webparts/js/
140 KB
39 KB
Script
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/js/swiper.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709b49b664b7914dbcb61c6e2df479dc700008e5ee52fd49faad6bd01f7c5413

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1275
etag
W/"22e4a-6211e21f984c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8bd2e706787e5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
Fixed_Bottom_Bar.min.js
www.jackpotcitycasino.com/jcc/includes/webparts/js/
1 KB
635 B
Script
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/js/Fixed_Bottom_Bar.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3736869d08ca37cdc699f782e9f2667f72d69a7044c0b45e7be858c23bc8ee

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1275
etag
W/"568-6211e21f984c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8bd2e706a8a25419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
ticker.min.js
www.jackpotcitycasino.com/jcc/includes/webparts/js/
3 KB
1 KB
Script
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/js/ticker.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99d6a5bb202a4dae41eda7bc6e71c513fd96ba297818028196710d299ea0b966

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1275
etag
W/"c88-6211e21f984c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8bd2e706a8a55419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
Game_Box_Tri.min.js
www.jackpotcitycasino.com/jcc/includes/webparts/js/
1000 B
453 B
Script
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/js/Game_Box_Tri.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06096125af576d873bcf0bb27560fcd4cdd7a0835b703177210a5b5c0c78ba44

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1275
etag
W/"3e8-6211e21f984c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8bd2e706a8a75419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
Game_Box_Slider.min.js
www.jackpotcitycasino.com/jcc/includes/webparts/js/
351 B
290 B
Script
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/js/Game_Box_Slider.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ffaec2975ef483984c4e2a6ae7ba9919a84a3ef96dad999a9c77b3aff1c46a4

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1275
etag
W/"15f-6211e21f984c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8bd2e706a8a95419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
Game_Box_Dual.min.js
www.jackpotcitycasino.com/jcc/includes/webparts/js/
128 B
210 B
Script
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/js/Game_Box_Dual.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9d0954970365628cfb546146b13ec29b6c20e2f05f651cbe60994c1534fb8c

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1275
etag
W/"80-6211e21f984c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8bd2e706a8ab5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
Game_Box_Super.min.js
www.jackpotcitycasino.com/jcc/includes/webparts/js/
475 B
379 B
Script
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/js/Game_Box_Super.min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bf3572b8cc4a77f1d2387f85a2922769b3d1678d0c8a6b2a5c754d843bbf9f2

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1275
etag
W/"1db-6211e21f984c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
8bd2e706a8ac5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
vtrk-min.js
media.src-play.com/plugins/analytics/
53 KB
16 KB
Script
General
Full URL
https://media.src-play.com/plugins/analytics/vtrk-min.js
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
123cdfc51128c108a50cfde3001f39dd7d5119ff20a712607f8479ef52d3d846

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5863
x-powered-by
ASP.NET
content-length
15924
last-modified
Tue, 04 Jun 2024 11:08:56 GMT
server
cloudflare
etag
"b31ae8976fb6da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e7081b7a39ed-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
gtm.js
www.googletagmanager.com/
341 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MLKW5SB
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60a63d058457d7486e5109237fb15aa456acc71ba92b0a85edeb93944258f370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98677
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 03 Sep 2024 04:12:36 GMT
9MasksOfFire.mp4
dm.imagethumb.com/images/jpc/tgboxv/
1 MB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/9MasksOfFire.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Mar 2023 04:16:00 GMT
server
cloudflare
age
1012754
etag
"0804cb07451d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2653242/2653243
cache-control
public, max-age=5184000
cf-ray
8bd2e706afa0abb1-YYZ
Content-Length
2653243
expires
Sat, 02 Nov 2024 04:12:36 GMT
desktop_final_purple.jpg
dm.imagethumb.com/images/jpc/hh/
391 KB
392 KB
Image
General
Full URL
https://dm.imagethumb.com/images/jpc/hh/desktop_final_purple.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5775cc284d70889f185ea1ad5ec55d65dadcf41b05e114598e530219ba5acf4e

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1012699
cf-polished
qual=85, origFmt=jpeg, origSize=835801
x-powered-by
ASP.NET
content-disposition
inline; filename="desktop_final_purple.webp"
content-length
400808
cf-bgj
imgq:85,h2pri
last-modified
Thu, 10 Mar 2022 06:56:40 GMT
server
cloudflare
etag
"dde9befe4b34d81:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e706bfb7abb1-YYZ
expires
Sat, 02 Nov 2024 04:12:36 GMT
Roboto-Bold.ttf
www.jackpotcitycasino.com/jcc/css/fonts/
167 KB
90 KB
Font
General
Full URL
https://www.jackpotcitycasino.com/jcc/css/fonts/Roboto-Bold.ttf
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

Request headers

Referer
https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Origin
https://www.jackpotcitycasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1245
etag
W/"29b08-6211e21f984c0"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=14400
cf-ray
8bd2e70739045419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
unicons.woff2
www.jackpotcitycasino.com/jcc/css/fonts/
154 KB
154 KB
Font
General
Full URL
https://www.jackpotcitycasino.com/jcc/css/fonts/unicons.woff2?64511636
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/css/icons_menu-main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a73f6e1ab7a72bc613acb4bbff984703188b43e69c8e76ff506332b7eed5dbe

Request headers

Referer
https://www.jackpotcitycasino.com/jcc/css/icons_menu-main.min.css
Origin
https://www.jackpotcitycasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1245
etag
"26690-6211e21f984c0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e707691a5419-YYZ
content-length
157328
expires
Tue, 03 Sep 2024 08:12:36 GMT
icons_menu.woff2
www.jackpotcitycasino.com/jcc/css/fonts/
10 KB
10 KB
Font
General
Full URL
https://www.jackpotcitycasino.com/jcc/css/fonts/icons_menu.woff2?64511636
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/css/icons_menu-main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d16747059812b52a8c10fb282c4fdc12933aaad26f639c37b8df9fece62f9e

Request headers

Referer
https://www.jackpotcitycasino.com/jcc/css/icons_menu-main.min.css
Origin
https://www.jackpotcitycasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1245
etag
"28dc-6211e21f984c0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e707691b5419-YYZ
content-length
10460
expires
Tue, 03 Sep 2024 08:12:36 GMT
Roboto-Light.ttf
www.jackpotcitycasino.com/jcc/css/fonts/
166 KB
89 KB
Font
General
Full URL
https://www.jackpotcitycasino.com/jcc/css/fonts/Roboto-Light.ttf
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6

Request headers

Referer
https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Origin
https://www.jackpotcitycasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1243
etag
W/"299b4-6211e21f984c0"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=14400
cf-ray
8bd2e707691c5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
Roboto-Black.ttf
www.jackpotcitycasino.com/jcc/css/fonts/
167 KB
90 KB
Font
General
Full URL
https://www.jackpotcitycasino.com/jcc/css/fonts/Roboto-Black.ttf
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3872e9b39760a1b59ac1e192633dbb3b58e595b4d423930ac7ded525e9ae25e0

Request headers

Referer
https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Origin
https://www.jackpotcitycasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1245
etag
W/"29dd8-6211e21f984c0"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=14400
cf-ray
8bd2e707691d5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
Roboto-Regular.ttf
www.jackpotcitycasino.com/jcc/css/fonts/
168 KB
89 KB
Font
General
Full URL
https://www.jackpotcitycasino.com/jcc/css/fonts/Roboto-Regular.ttf
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

Referer
https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Origin
https://www.jackpotcitycasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
server
cloudflare
age
1245
etag
W/"29e9c-6211e21f984c0"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=14400
cf-ray
8bd2e70769205419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
go-to-help.png
www.jackpotcitycasino.com/jcc/images/
4 KB
4 KB
Image
General
Full URL
https://www.jackpotcitycasino.com/jcc/images/go-to-help.png
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3ef0038c337c1666fdb5b553846e80caf760f7e115dc913ef814d278ab92b7

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
age
1261
cf-polished
origFmt=png, origSize=4549
content-disposition
inline; filename="go-to-help.webp"
content-length
3978
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"11c5-6211e21f984c0"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e707691e5419-YYZ
expires
Tue, 03 Sep 2024 08:12:36 GMT
info_ico_desktop.png
www.jackpotcitycasino.com/jcc/includes/webparts/images/
702 B
831 B
Image
General
Full URL
https://www.jackpotcitycasino.com/jcc/includes/webparts/images/info_ico_desktop.png
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1f2861c0bbf450a45261e3e1d3a0fef8d6c2462ce735f1f452c52ad240820ae

Request headers

Referer
https://www.jackpotcitycasino.com/canada/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
672
etag
"2be-6211e21f984c0"
cf-polished
status=format_not_supported
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e707691f5419-YYZ
content-length
702
expires
Tue, 03 Sep 2024 08:12:36 GMT
DiamondSands.mp4
dm.imagethumb.com/images/jpc/tgboxv/
3 MB
3 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/DiamondSands.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dc595881d3dc51805fc9dc4500028b4fb3d5a1e793c8309eaee1dd16a38c5611

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Apr 2023 11:33:44 GMT
server
cloudflare
age
1012754
etag
"01ca0f67b73d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-3143829/3143830
cache-control
public, max-age=5184000
cf-ray
8bd2e7075822abb1-YYZ
Content-Length
3143830
expires
Sat, 02 Nov 2024 04:12:36 GMT
gold-blitz.mp4
dm.imagethumb.com/images/jpc/tgboxv/
1 MB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/gold-blitz.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 08:06:06 GMT
server
cloudflare
age
1012754
etag
"db338880250d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2889260/2889261
cache-control
public, max-age=5184000
cf-ray
8bd2e7075824abb1-YYZ
Content-Length
2889261
expires
Sat, 02 Nov 2024 04:12:36 GMT
3-lucky-rainbows.mp4
dm.imagethumb.com/images/jpc/tgboxv/
3 MB
3 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/3-lucky-rainbows.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9ce03a1c9a375cb89461db1b8f8b9b8b4a79570af988aac01be3dd8822232468

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 09:08:04 GMT
server
cloudflare
age
1012754
etag
"77da329b50d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-3093114/3093115
cache-control
public, max-age=5184000
cf-ray
8bd2e7075825abb1-YYZ
Content-Length
3093115
expires
Sat, 02 Nov 2024 04:12:36 GMT
AmazingLinkZeus_800X450.mp4
dm.imagethumb.com/images/jpc/tgboxv/
394 KB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/AmazingLinkZeus_800X450.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Mar 2023 09:58:00 GMT
server
cloudflare
age
1012754
etag
"044c24cdb50d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2200760/2200761
cache-control
public, max-age=5184000
cf-ray
8bd2e707e89babb1-YYZ
Content-Length
2200761
expires
Sat, 02 Nov 2024 04:12:36 GMT
bison-moon.mp4
dm.imagethumb.com/images/jpc/tgboxv/
3 MB
3 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/bison-moon.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b0165ceaec1b0b8cfce5658bbc88fad40b6f17f5c24965239f01a5f5670addfc

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 09:23:02 GMT
server
cloudflare
age
1012752
etag
"3be4dc3fd50d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2912154/2912155
cache-control
public, max-age=5184000
cf-ray
8bd2e707f89cabb1-YYZ
Content-Length
2912155
expires
Sat, 02 Nov 2024 04:12:36 GMT
fire-and-roses-joker.mp4
dm.imagethumb.com/images/jpc/tgboxv/
389 KB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/fire-and-roses-joker.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 08:40:34 GMT
server
cloudflare
age
1012752
etag
"86eb451750d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2750982/2750983
cache-control
public, max-age=5184000
cf-ray
8bd2e707f89eabb1-YYZ
Content-Length
2750983
expires
Sat, 02 Nov 2024 04:12:36 GMT
wolf-blaze-megaways.mp4
dm.imagethumb.com/images/jpc/tgboxv/
389 KB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/wolf-blaze-megaways.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 08:05:06 GMT
server
cloudflare
age
1012754
etag
"d1dd45c250d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-3994984/3994985
cache-control
public, max-age=5184000
cf-ray
8bd2e707f8a0abb1-YYZ
Content-Length
3994985
expires
Sat, 02 Nov 2024 04:12:36 GMT
AncientFortunesZeus_800X450.mp4
dm.imagethumb.com/images/jpc/tgboxv/
360 KB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/AncientFortunesZeus_800X450.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Mar 2023 09:59:00 GMT
server
cloudflare
age
1012754
etag
"08a8570db50d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1208484/1208485
cache-control
public, max-age=5184000
cf-ray
8bd2e707f8a1abb1-YYZ
Content-Length
1208485
expires
Sat, 02 Nov 2024 04:12:36 GMT
9PotsOfGoldRoulette.mp4
dm.imagethumb.com/images/jpc/tgboxv/
3 MB
3 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/9PotsOfGoldRoulette.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7b1fa2b593ff4d4930f0b202ef446127d7b7c0be03b14aa033b57f465f4b9553

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 10:59:00 GMT
server
cloudflare
age
1012754
etag
"0f2ae699c8cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2999362/2999363
cache-control
public, max-age=5184000
cf-ray
8bd2e707f8a2abb1-YYZ
Content-Length
2999363
expires
Sat, 02 Nov 2024 04:12:36 GMT
ExtremeMultifireRoulette.mp4
dm.imagethumb.com/images/jpc/sgbv/
904 KB
905 KB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/sgbv/ExtremeMultifireRoulette.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
86dc38760239a678248d0e0466dcbdda97696b2403cf81043cbb9c6edddc257a

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Wed, 17 May 2023 06:50:00 GMT
server
cloudflare
age
1012754
etag
"01cafcc8b88d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-925800/925801
cache-control
public, max-age=5184000
cf-ray
8bd2e707f8a3abb1-YYZ
Content-Length
925801
expires
Sat, 02 Nov 2024 04:12:36 GMT
ClassicBlackjackNobleDiamonds.mp4
dm.imagethumb.com/images/jpc/sgbv/
2 MB
2 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/sgbv/ClassicBlackjackNobleDiamonds.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
26c7e2f7ffa2be2d2a6afdc5413efc224701ce38254fe814cc03f585a811d374

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Wed, 17 May 2023 07:18:00 GMT
server
cloudflare
age
1012753
etag
"0c4ab68f88d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2120537/2120538
cache-control
public, max-age=5184000
cf-ray
8bd2e707f8a4abb1-YYZ
Content-Length
2120538
expires
Sat, 02 Nov 2024 04:12:36 GMT
ClassicBlackjackWithSweetheart16.mp4
dm.imagethumb.com/images/jpc/sgbv/
2 MB
2 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/sgbv/ClassicBlackjackWithSweetheart16.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
53ac276086d17ff935794f7be6b7a619fe537c6e92eb9f121f9cca16fb3bb6a2

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Wed, 17 May 2023 07:18:00 GMT
server
cloudflare
age
1012754
etag
"0c4ab68f88d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2505708/2505709
cache-control
public, max-age=5184000
cf-ray
8bd2e707f8a5abb1-YYZ
Content-Length
2505709
expires
Sat, 02 Nov 2024 04:12:36 GMT
DragonTiger.mp4
dm.imagethumb.com/images/jpc/sgbv/
709 KB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/sgbv/DragonTiger.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 04:26:00 GMT
server
cloudflare
age
1012754
etag
"03c52ad2e8dd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2955775/2955776
cache-control
public, max-age=5184000
cf-ray
8bd2e70858e5abb1-YYZ
Content-Length
2955776
expires
Sat, 02 Nov 2024 04:12:36 GMT
Switch_Baccarat.mp4
dm.imagethumb.com/images/jpc/tgboxv/
2 MB
2 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/Switch_Baccarat.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3b6f337c9d0db78500fcc75b0edce285118c63e7e477ae05b0376a8600692b2e

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Fri, 26 May 2023 09:30:00 GMT
server
cloudflare
age
1012754
etag
"09c72a4b48fd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-2166494/2166495
cache-control
public, max-age=5184000
cf-ray
8bd2e70858e6abb1-YYZ
Content-Length
2166495
expires
Sat, 02 Nov 2024 04:12:36 GMT
cta-bar.jpg
www.jackpotcitycasino.com/jcc/images/
46 KB
46 KB
Image
General
Full URL
https://www.jackpotcitycasino.com/jcc/images/cta-bar.jpg
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.159.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f359e5193dbe3fd967e7f4388837c3447ce67ef46433c3bf51999bfde9dc533

Request headers

Referer
https://www.jackpotcitycasino.com/jcc/css/styles.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Sep 2024 07:46:03 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
1274
etag
"b7d4-6211e21f984c0"
cf-polished
status=not_needed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e708d9f15419-YYZ
content-length
47060
expires
Tue, 03 Sep 2024 08:12:36 GMT
WowSingleGameBox.mp4
dm.imagethumb.com/images/jpc/sgbv/
661 KB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/sgbv/WowSingleGameBox.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 03 Sep 2024 04:12:36 GMT
cf-cache-status
HIT
last-modified
Mon, 25 May 2020 08:56:43 GMT
server
cloudflare
age
1012754
etag
"9434e1697232d61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-4061070/4061071
cache-control
public, max-age=5184000
cf-ray
8bd2e70a5a5cabb1-YYZ
Content-Length
4061071
expires
Sat, 02 Nov 2024 04:12:36 GMT
site24x7rum-min.js
static.site24x7rum.com/beacon/
1 B
471 B
Script
General
Full URL
https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=420d5ef603cb74a02c16d4eb09769aaf
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-19.ewr53.r.cloudfront.net
Software
ZGS /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Sep 2024 03:25:41 GMT
Via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
ZGS
X-Amz-Cf-Pop
EWR53-P1
Age
2816
X-Frame-Options
SAMEORIGIN
X-Cache
Hit from cloudfront
Content-Type
application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
1
X-Amz-Cf-Id
dRaJwggv9xmttmC1OYSjPTiXXJS1fUVozqrENAWbTkBFjRTNg0KymQ==
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e59aec8e7d030aed6e4522c0f76586d09c0e4185203c889a1ebeb2682a459c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Sep 2024 04:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 02:23:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Sep 2024 04:12:37 GMT
Bootstrap.js
nexus.src-play.com/betway/dos-prod/
527 KB
111 KB
Script
General
Full URL
https://nexus.src-play.com/betway/dos-prod/Bootstrap.js
Requested by
Host: media.src-play.com
URL: https://media.src-play.com/plugins/eprivacy/eprivacy-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a8e42acf300e5910d6d683d9949f96500c580cbb31264fd71db96f63989ed8

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
x-amz-version-id
gq1BinYq3XQWk55e4Tnts7w4qt0bGCBU
via
1.1 141b2a0bfdcf3225afbe04affb901120.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-amz-cf-pop
YUL62-P2
age
52
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 02 Sep 2024 08:36:12 GMT
server
cloudflare
etag
W/"2283e5011366d516f3f0a6766542d0ac"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
8bd2e70bcdc739ed-YYZ
x-amz-cf-id
5qwTbMsdhZgA8sQ7Co093h32fDdO8ExkjOFH68rhN-w_zXvHtPSTTg==
expires
Tue, 03 Sep 2024 08:12:37 GMT
counters.php
api.rbccdn.com/jpctickerapi/
111 B
372 B
XHR
General
Full URL
https://api.rbccdn.com/jpctickerapi/counters.php?tickerApi=currencyconversion&countrycode=ca
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/includes/webparts/js/ticker.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2489 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0fafc81a11bb4eb7cf3f8ada1ed6953da73346f1bee38459a6a1db7eede44a

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
8bd2e70c68d9aa9a-YYZ
access-control-allow-headers
Origin, Content-Type, X-Auth-Token
counters.php
api.rbccdn.com/jpctickerapi/
80 B
160 B
XHR
General
Full URL
https://api.rbccdn.com/jpctickerapi/counters.php?tickerApi=jackpotsTotal
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/includes/webparts/js/ticker.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2489 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f681e0a0806f6c2792831f69aa1e4694c2f32c9f29049ea4225e076d39f1b1

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
8bd2e70c68d7aa9a-YYZ
access-control-allow-headers
Origin, Content-Type, X-Auth-Token
counters.php
api.rbccdn.com/jpctickerapi/
23 KB
2 KB
XHR
General
Full URL
https://api.rbccdn.com/jpctickerapi/counters.php?tickerApi=counters
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/jcc/includes/webparts/js/ticker.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2489 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d91636de8392a65bda6f9f36a89a2fae8ce1690b95011ff0e0e24013d13e94

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
8bd2e70c68d8aa9a-YYZ
access-control-allow-headers
Origin, Content-Type, X-Auth-Token
9MasksOfFire.mp4
dm.imagethumb.com/images/jpc/tgboxv/
31 KB
31 KB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/9MasksOfFire.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c640776201e6b724486afc95a95d0ee1a825f2b276f6e1aec5d70fefb04c1dac

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=2621440-

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Mar 2023 04:16:00 GMT
server
cloudflare
age
1012755
etag
"0804cb07451d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
content-range
bytes 2621440-2653242/2653243
cache-control
public, max-age=5184000
cf-ray
8bd2e70d0c07abb1-YYZ
content-length
31803
expires
Sat, 02 Nov 2024 04:12:37 GMT
Websites
gateway.src-play.com/Analytics/V1/
50 B
195 B
XHR
General
Full URL
https://gateway.src-play.com/Analytics/V1/Websites
Requested by
Host: media.src-play.com
URL: https://media.src-play.com/plugins/analytics/vtrk-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2abd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b9ce2080bc825b2ecfb291779967ec79e9f3483054224dbeaf08b668c29430

Request headers

Access-Key
YhlH93UyPPig1EFMWn7WZNT6CAFAoZQxTN2D
x-correlation-id
de9092b6-13a5-484a-a2c4-67b72eaa0de2
Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
g-subscription-key
3a23ddbe-48e5-48f0-a8b8-6ef8318d22a2
Content-type
application/json

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
x-correlation-id
de9092b6-13a5-484a-a2c4-67b72eaa0de2
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8bd2e70e7a34398a-YYZ
Websites
gateway.src-play.com/Analytics/V1/ Frame
0
0
Preflight
General
Full URL
https://gateway.src-play.com/Analytics/V1/Websites
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2abd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-key,content-type,g-subscription-key,x-correlation-id
Access-Control-Request-Method
POST
Origin
https://www.jackpotcitycasino.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-key,content-type,g-subscription-key,x-correlation-id
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8bd2e70d8977398a-YYZ
date
Tue, 03 Sep 2024 04:12:37 GMT
server
cloudflare
gold-blitz.mp4
dm.imagethumb.com/images/jpc/tgboxv/
38 KB
38 KB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/gold-blitz.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
748778f4c732b37a800871e6a4824988dffd92a00fde1ced25bb16e368899c4f

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=2850816-

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 08:06:06 GMT
server
cloudflare
age
1012755
etag
"db338880250d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
content-range
bytes 2850816-2889260/2889261
cache-control
public, max-age=5184000
cf-ray
8bd2e70d7c5dabb1-YYZ
content-length
38445
expires
Sat, 02 Nov 2024 04:12:37 GMT
AmazingLinkZeus_800X450.mp4
dm.imagethumb.com/images/jpc/tgboxv/
5 KB
5 KB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/AmazingLinkZeus_800X450.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c3330ea0be7273ad2d9b6103db0be3ed37cb0beb7b93b25a89be99194fe8195f

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=2195456-

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Mar 2023 09:58:00 GMT
server
cloudflare
age
1012755
etag
"044c24cdb50d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
content-range
bytes 2195456-2200760/2200761
cache-control
public, max-age=5184000
cf-ray
8bd2e70d7c5babb1-YYZ
content-length
5305
expires
Sat, 02 Nov 2024 04:12:37 GMT
wolf-blaze-megaways.mp4
dm.imagethumb.com/images/jpc/tgboxv/
3 MB
3 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/wolf-blaze-megaways.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
37833ddc7b70793c7c41763745a051f7c606b068ff6cc60e271c78a2cdf44ab9

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=786432-

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 08:05:06 GMT
server
cloudflare
age
1012755
etag
"d1dd45c250d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
content-range
bytes 786432-3994984/3994985
cache-control
public, max-age=5184000
cf-ray
8bd2e70d9c77abb1-YYZ
content-length
3208553
expires
Sat, 02 Nov 2024 04:12:37 GMT
fire-and-roses-joker.mp4
dm.imagethumb.com/images/jpc/tgboxv/
31 KB
31 KB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/fire-and-roses-joker.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4654e200fa4ea63f53a9172dad046cc6605e3c76dd06b5f8d422b3f637804249

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=2719744-

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 08:40:34 GMT
server
cloudflare
age
1012753
x-powered-by
ASP.NET
etag
"86eb451750d91:0"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 2719744-2750982/2750983
cache-control
public, max-age=5184000
cf-ray
8bd2e70dbc85abb1-YYZ
Content-Length
31239
expires
Sat, 02 Nov 2024 04:12:37 GMT
AncientFortunesZeus_800X450.mp4
dm.imagethumb.com/images/jpc/tgboxv/
28 KB
28 KB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/AncientFortunesZeus_800X450.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ab478df11475385fe341b8560c49cb6fafea26c89c9ab7db81d31217ae175a64

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=1179648-

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Mar 2023 09:59:00 GMT
server
cloudflare
age
1012755
x-powered-by
ASP.NET
etag
"08a8570db50d91:0"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 1179648-1208484/1208485
cache-control
public, max-age=5184000
cf-ray
8bd2e70dbc86abb1-YYZ
Content-Length
28837
expires
Sat, 02 Nov 2024 04:12:37 GMT
js
www.googletagmanager.com/gtag/
322 KB
106 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CQT5K0M51H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLKW5SB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa4c1a0ccefee23b9f4af6b291444d708cd7215bea7ef00207b68eba0aff683c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107992
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Sep 2024 04:12:37 GMT
gtm-global.js
dm.imagethumb.com/gtm/shared/
2 KB
1 KB
Script
General
Full URL
https://dm.imagethumb.com/gtm/shared/gtm-global.js?v=282024_-7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLKW5SB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
789
x-powered-by
ASP.NET
content-length
1020
last-modified
Mon, 11 Mar 2019 12:05:06 GMT
server
cloudflare
etag
"427397aa2d8d41:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bd2e70dbc83abb1-YYZ
expires
Tue, 03 Sep 2024 08:12:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.jackpotcitycasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 20:52:51 GMT
x-content-type-options
nosniff
age
371986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 20:52:51 GMT
serverComponent.php
nexus.src-play.com/betway/dos-prod/
640 B
617 B
Script
General
Full URL
https://nexus.src-play.com/betway/dos-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=/betway/dos-prod/code/&publishedOn=Mon%20Sep%2002%2008:36:10%20GMT%202024&ClientID=2273&PageID=https%3A%2F%2Fwww.jackpotcitycasino.com%2Fcanada%2F&custDomain=nexus.src-play.com
Requested by
Host: nexus.src-play.com
URL: https://nexus.src-play.com/betway/dos-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1c9262fabf74ccb285e0c65168375398e3ed91b101bba9c47cbd8b02f05c24

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
via
1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
YTO50-P3
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
8bd2e70f981b39ed-YYZ
x-amz-cf-id
m49etH9vhgV8qRF_JP4ML-6G3RKIR12kMTLalLpOVkMPqnuzMsFGwA==
expires
Tue, 03 Sep 2024 04:12:36 GMT
r.rnc
nexus.src-play.com/privacy/v1/c/
0
134 B
Image
General
Full URL
https://nexus.src-play.com/privacy/v1/c/r.rnc?n=0&c=2273&i=7xfys6&p=dos-prod&s=433&d=9Cd7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAyIiwiY2xpZW50SWQiOjIyNzMQAKBOYW1lIjoiYmV0MADwDywicHVibGlzaFBhdGgiOiJkb3MtcHJvZCIsIm1vZCkAkHdoaXRlbGlzdFIA8CJvb2tpZXMiOnsiREVGQVVMVF9FTlNJR0hURU5fUFJJVkFDWV9CQU5ORVJfTE9BREVEowDxDyJ9LCJkdCI6MTcyNTMzNjc1NzY5MSwic2V0dGluZ04A8Bdtb2RhbCI6ImVudGVycHJpc2UiLCJlbnZpcm9ubWVudCI6IkVuZ6gAoSIsImRlZmF1bHQ5AIBGdW5jdGlvbj4A8BowLCJFc3NlbnRpYWwgT25seSI6MSwiQW5hbHl0aWNzIjowLCJNYXJrZXcAsCI6MH19LCJldmVuSgAiW3sLAEEiOiJj5QBgQ2hhbmdlCAEPuwAAD_0AEMBBREVEIjoiMSJ9XX0
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
via
1.1 34434000af04c65e89130c6860f8ba6c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
YTO50-P3
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
cf-ray
8bd2e70fd86f39ed-YYZ
x-amz-cf-id
kDcMlvSrChdRwu6Gc1TD-HYuV0GOmS5WW_zHcrx0Fyw8FU_U6j8NyQ==
expires
Tue, 03 Sep 2024 04:12:36 GMT
r.rnc
nexus.src-play.com/privacy/v1/c/
0
132 B
Image
General
Full URL
https://nexus.src-play.com/privacy/v1/c/r.rnc?n=1&c=2273&i=7xfys6&p=dos-prod&s=479&d=9Cd7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAyIiwiY2xpZW50SWQiOjIyNzMQAKBOYW1lIjoiYmV0MADwDywicHVibGlzaFBhdGgiOiJkb3MtcHJvZCIsIm1vZCkAkHdoaXRlbGlzdFIA8CJvb2tpZXMiOnsiREVGQVVMVF9FTlNJR0hURU5fUFJJVkFDWV9CQU5ORVJfVklFV0VEowAvIiwuAA9DTE9BRC4A8Q59LCJkdCI6MTcyNTMzNjc1NzY5OCwic2V0dGluZ3wA8Bdtb2RhbCI6ImVudGVycHJpc2UiLCJlbnZpcm9ubWVudCI6IkVuZ9YAoSIsImRlZmF1bHQ5AIBGdW5jdGlvbj4A8BowLCJFc3NlbnRpYWwgT25seSI6MSwiQW5hbHl0aWNzIjowLCJNYXJrZXcAsCI6MH19LCJldmVuSgAiW3sLAEEiOiJjEwFgQ2hhbmdlNgEPuwAADysBEMBFV0VEIjoiMSJ9XX0
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
via
1.1 eb5dbafbbf9be2ce3869f31cfc8d48be.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
YTO50-P3
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
cf-ray
8bd2e70fd87239ed-YYZ
x-amz-cf-id
6yHe-QXs6PkXsGcSeMZDSd8ba7VmBKQynce_aYFs95gPtagHudBpSw==
expires
Tue, 03 Sep 2024 04:12:36 GMT
r.rnc
nexus.src-play.com/privacy/v1/c/
0
132 B
Image
General
Full URL
https://nexus.src-play.com/privacy/v1/c/r.rnc?n=2&c=2273&i=7xfys6&p=dos-prod&s=523&d=9Cd7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAyIiwiY2xpZW50SWQiOjIyNzMQAKBOYW1lIjoiYmV0MADwDywicHVibGlzaFBhdGgiOiJkb3MtcHJvZCIsIm1vZCkAkHdoaXRlbGlzdFIA8CFvb2tpZXMiOnsiREVGQVVMVF9FTlNJR0hURU5fUFJJVkFDWV9NT0RBTF9MT0FERUSiAC8iLC0ACL9CQU5ORVJfVklFVy4AFwdcAPEOfSwiZHQiOjE3MjUzMzY3NTc3MDYsInNldHRpbmepAPAXbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJFbmcDAaEiLCJkZWZhdWx0OQCARnVuY3Rpb24-APAaMCwiRXNzZW50aWFsIE9ubHkiOjEsIkFuYWx5dGljcyI6MCwiTWFya2V3ALAiOjB9fSwiZXZlbkoAIlt7CwBBIjoiY0ABYENoYW5nZWMBD7sAAA9YAQ_AQURFRCI6IjEifV19
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
via
1.1 542e9b825d4f4e273ddae939fa8d7186.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
YTO50-P3
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
cf-ray
8bd2e70fd87539ed-YYZ
x-amz-cf-id
Bgi7_sgcXjGkoGqeIvkas5wrQ2ggux82xMZN_blrd4q8IvlJ2tHkpA==
expires
Tue, 03 Sep 2024 04:12:36 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.jackpotcitycasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 07:36:14 GMT
x-content-type-options
nosniff
age
333383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 07:36:14 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CQT5K0M51H&gtm=45je48s0v868858438z8866657861za200zb866657861&_p=1725336756198&gcs=G100&gcd=13p3p3r3p5l1&npa=1&dma=0&tag_exp=101529666&cid=1928721161.1725336758&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&dp=%2Fcanada&ci=bfpadid189291&sid=1725336758&sct=1&seg=0&dl=https%3A%2F%2Fwww.jackpotcitycasino.com%2Fcanada%2F&dr=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&dt=Jackpot%20City%20Online%20Casino%20Canada%20-%20CA%241600%20Welcome%20Bonus&uid=bre-na-na-jpc&en=page_view&_fv=1&_nsi=1&_ss=2&ep.lobby_platform=na&ep.container_type=brand&ep.registered_country=na&ep.page_language=en-ca&ep.content_group=null&ep.useragent_string=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36&ep.client_date=2024-09-02T21%3A12%3A37.304-07%3A00&ep.url_parameters=&ep.brand_name=jackpotcity&ep.player_account=na-na&ep.player_id=na&ep.casino_id=na&ep.regltd_country=mlt%2Fmit&ep.product_name=casino&ep.game_id=&ep.lobby_access_point=&ep.brand_short_code=JPC&ep.document_referrer=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&ep.meta_description=one%20of%20the%20best%20online%20casinos%20in%20canada%20offers%20a%20wide%20range%20of%20casino%20games%2C%20a%20welcome%20bonus%2C%20secure%20banking%2C%20customer%20support%2C%20and%20simple%20registrati&ep.venge_visit=Check%20Visit%20Data%20Event&ep.affiliate_id=bfp44009&ep.mediabanner_id=typeintraffic&ep.swift_web_session_id=&ep.swift_action_type=&ep.swift_action_name=&ep.swift_process_name=&ep.swift_primary_category=&ep.swift_sub_category=&ep.swift_instance_id=&ep.swift_version=&ep.swift_page_sequence=&ep.swift_classifier=&ep.swift_transaction_id=&ep.rendering_device=na&tfd=3611
Requested by
Host: nexus.src-play.com
URL: https://nexus.src-play.com/betway/dos-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.jackpotcitycasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AncientFortunesZeus_800X450.mp4
dm.imagethumb.com/images/jpc/tgboxv/
860 KB
793 KB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/AncientFortunesZeus_800X450.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e47c8573ebb979bd15cb0722301ce6f3b877b31f447d8b82de0e24fa745f976b

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=327680-

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Mar 2023 09:59:00 GMT
server
cloudflare
age
1012755
x-powered-by
ASP.NET
etag
"08a8570db50d91:0"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 327680-1208484/1208485
cache-control
public, max-age=5184000
cf-ray
8bd2e70dbc86abb1-YYZ
Content-Length
880805
expires
Sat, 02 Nov 2024 04:12:37 GMT
9MasksOfFire.mp4
dm.imagethumb.com/images/jpc/tgboxv/
2 MB
2 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/9MasksOfFire.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
986f69585fb523451147516f295058320c04446a02535657f6fcd22e0a3f0bf0

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=819200-

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Mar 2023 04:16:00 GMT
server
cloudflare
age
1012756
etag
"0804cb07451d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 819200-2653242/2653243
cache-control
public, max-age=5184000
cf-ray
8bd2e712b8acabb1-YYZ
Content-Length
1834043
expires
Sat, 02 Nov 2024 04:12:38 GMT
ad4b7000c7cd7814e236bfbb4f752eec.js
nexus.src-play.com/betway/dos-prod/code/
57 KB
7 KB
Script
General
Full URL
https://nexus.src-play.com/betway/dos-prod/code/ad4b7000c7cd7814e236bfbb4f752eec.js?conditionId0=476355
Requested by
Host: nexus.src-play.com
URL: https://nexus.src-play.com/betway/dos-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0700b080b759a8c3315f6574e47561508bc3bdd91c798bb7a1817653a05ea1e1

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
content-encoding
gzip
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-version-id
I2a.uflXoWGr3cVB2CpXURTUpruh8yYf
cf-cache-status
HIT
x-amz-cf-pop
JFK50-P6
age
488454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Aug 2024 10:07:12 GMT
server
cloudflare
etag
W/"d53a93140912de0f1ecb2084b03e5a0b"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
cf-ray
8bd2e712ba3139ed-YYZ
x-amz-cf-id
WpphaPfG7EE6EEJe6LJdcu6FWKHEwkRoj9cbshB_CdcOT7X57YVziQ==
expires
Fri, 01 Sep 2034 04:12:38 GMT
WowSingleGameBox.mp4
dm.imagethumb.com/images/jpc/sgbv/
30 KB
30 KB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/sgbv/WowSingleGameBox.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
454d8f5db1507403500dc3f954f783d371d8f4c810944c70e4488052058e3a51

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=4030464-

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
cf-cache-status
HIT
last-modified
Mon, 25 May 2020 08:56:43 GMT
server
cloudflare
age
1012756
x-powered-by
ASP.NET
etag
"9434e1697232d61:0"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 4030464-4061070/4061071
cache-control
public, max-age=5184000
cf-ray
8bd2e71328ffabb1-YYZ
Content-Length
30607
expires
Sat, 02 Nov 2024 04:12:38 GMT
DragonTiger.mp4
dm.imagethumb.com/images/jpc/sgbv/
2 MB
2 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/sgbv/DragonTiger.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bc6d43461df4f2fcd7dfe170ab7d6e434e91d4b77ae821e73388db330ab3317c

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=1015808-

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
cf-cache-status
HIT
last-modified
Tue, 23 May 2023 04:26:00 GMT
server
cloudflare
age
1012756
x-powered-by
ASP.NET
etag
"03c52ad2e8dd91:0"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 1015808-2955775/2955776
cache-control
public, max-age=5184000
cf-ray
8bd2e713390cabb1-YYZ
Content-Length
1939968
expires
Sat, 02 Nov 2024 04:12:38 GMT
AmazingLinkZeus_800X450.mp4
dm.imagethumb.com/images/jpc/tgboxv/
2 MB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/AmazingLinkZeus_800X450.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=327680-

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Mar 2023 09:58:00 GMT
server
cloudflare
age
1012756
etag
"044c24cdb50d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 327680-2200760/2200761
cache-control
public, max-age=5184000
cf-ray
8bd2e71308f2abb1-YYZ
Content-Length
1873081
expires
Sat, 02 Nov 2024 04:12:38 GMT
fire-and-roses-joker.mp4
dm.imagethumb.com/images/jpc/tgboxv/
2 MB
2 MB
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/fire-and-roses-joker.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e7f462576bc9d86987686334d8ed854f9c230779b433ebcd7707358280f06c93

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=327680-

Response headers

date
Tue, 03 Sep 2024 04:12:37 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 08:40:34 GMT
server
cloudflare
age
1012753
x-powered-by
ASP.NET
etag
"86eb451750d91:0"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 327680-2750982/2750983
cache-control
public, max-age=5184000
cf-ray
8bd2e70dbc85abb1-YYZ
Content-Length
2423303
expires
Sat, 02 Nov 2024 04:12:37 GMT
gold-blitz.mp4
dm.imagethumb.com/images/jpc/tgboxv/
2 MB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/tgboxv/gold-blitz.mp4
Requested by
Host: www.jackpotcitycasino.com
URL: https://www.jackpotcitycasino.com/canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=884736-

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Mar 2023 08:06:06 GMT
server
cloudflare
age
1012756
etag
"db338880250d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 884736-2889260/2889261
cache-control
public, max-age=5184000
cf-ray
8bd2e7167b7cabb1-YYZ
Content-Length
2004525
expires
Sat, 02 Nov 2024 04:12:38 GMT
r.rnc
nexus.src-play.com/privacy/v1/b/
0
108 B
Image
General
Full URL
https://nexus.src-play.com/privacy/v1/b/r.rnc?n=0&c=2273&i=4x31ms&p=dos-prod&s=331&d=8Ep7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAyIiwiY2xpZW50SWQiOjIyNzMsInB1Ymxpc2hQYXRoIjoiZG9zLXByb2QiLCJpbnN0YW5jZSsA8BQiNHgzMW1zIiwicGFja2V0IjowLCJtb2RlIjoiZW5mb3JjZVsA8A5vb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IkVuZ2YA8gkiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS3AGAiLCJ0eXBUAPAPYmlsbGluZyIsInN0YXJ0IjoxNzI1MzM2NzU4OTMwXQCgZCI6LTEsInNvdXwAIjoiKwBBdHVzIgwAYHJlYXNvbmUA1F0sImRhdGFQYXR0ZXISAMJsaXN0IjpbXSwiaWRdAMAzMzY3NTg5MzB9XX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
via
1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
YTO50-P3
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
cf-ray
8bd2e7177cea39ed-YYZ
x-amz-cf-id
D0Kd7WyE7Pw1uaFxCeUTBwmI9XwTdAy8piK4VJSYmQ-Gguw4YbD02w==
expires
Tue, 03 Sep 2024 04:12:37 GMT
favicon_24.jpg
dm.imagethumb.com/images/jackpotcity-logos/favicons/
598 B
805 B
Other
General
Full URL
https://dm.imagethumb.com/images/jackpotcity-logos/favicons/favicon_24.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1166154946b5da237a0007007fc4b5451beb22e5bcc245cfa89a1ab9bf66ae0c

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
cf-cache-status
HIT
age
1012302
cf-polished
qual=85, origFmt=jpeg, origSize=4811
x-powered-by
ASP.NET
content-disposition
inline; filename="favicon_24.webp"
content-length
598
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 May 2024 13:08:15 GMT
server
cloudflare
etag
"fff87f9d36a5da1:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
8bd2e7179c2cabb1-YYZ
expires
Sat, 02 Nov 2024 04:12:38 GMT
r.rnc
nexus.src-play.com/privacy/v1/b/
0
131 B
Image
General
Full URL
https://nexus.src-play.com/privacy/v1/b/r.rnc?n=1&c=2273&i=4x31ms&p=dos-prod&s=746&d=8Ep7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjAyIiwiY2xpZW50SWQiOjIyNzMsInB1Ymxpc2hQYXRoIjoiZG9zLXByb2QiLCJpbnN0YW5jZSsA8BQiNHgzMW1zIiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVsA8A5vb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IkVuZ2YA8gkiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXS3APMUaHR0cHM6Ly9uZXh1cy5zcmMtcGxheS5jb20vYmV0d2F5L2SfAPAgL2NvZGUvYWQ0YjcwMDBjN2NkNzgxNGUyMzZiZmJiNGY3NTJlZWMuanM_Y29uZGlgAPABSWQwPTQ3NjM1NSIsInR5cLsA0HNjcmlwdCIsInN0YXLVAMA3MjUzMzY3NTgxODPDAEVkIjoxFACAMzAzLCJzb3XtANA6Imluc2VydEJlZm9y_ADAc3RhdHVzIjoibG9hPgFgcmVhc29u5gDUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpZADPNDM2MDg1Mzc3MX0sGAGKHzQYAQwxbXV00AGiT2JzZXJ2ZXJDTGABDx4BK8AzNjA4NTM3NzJ9XX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 04:12:39 GMT
via
1.1 34434000af04c65e89130c6860f8ba6c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
YTO50-P3
x-cache
Miss from cloudfront
cache-control
no-cache, no-store
cf-ray
8bd2e71d78ed39ed-YYZ
x-amz-cf-id
Hsfty1WqTMDK5W5I6nky7p7eh36sGyxfc7tKzLqA2CejaBvwwnH9HA==
expires
Tue, 03 Sep 2024 04:12:38 GMT
WowSingleGameBox.mp4
dm.imagethumb.com/images/jpc/sgbv/
3 MB
0
Media
General
Full URL
https://dm.imagethumb.com/images/jpc/sgbv/WowSingleGameBox.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range
bytes=622592-

Response headers

date
Tue, 03 Sep 2024 04:12:38 GMT
cf-cache-status
HIT
last-modified
Mon, 25 May 2020 08:56:43 GMT
server
cloudflare
age
1012756
x-powered-by
ASP.NET
etag
"9434e1697232d61:0"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 622592-4061070/4061071
cache-control
public, max-age=5184000
cf-ray
8bd2e71328ffabb1-YYZ
Content-Length
3438479
expires
Sat, 02 Nov 2024 04:12:38 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CQT5K0M51H&gtm=45je48s0v868858438z8866657861za200zb866657861&_p=1725336756198&gcs=G100&gcd=13p3p3r3p5l1&npa=1&dma=0&tag_exp=101529666&cid=1928721161.1725336758&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&dp=%2Fcanada&ci=bfpadid189291&sid=1725336758&sct=1&seg=1&dl=https%3A%2F%2Fwww.jackpotcitycasino.com%2Fcanada%2F&dr=https%3A%2F%2Ferwinkeuph8vw.pages.dev%2F&dt=Jackpot%20City%20Online%20Casino%20Canada%20-%20CA%241600%20Welcome%20Bonus&_s=2&tfd=8622
Requested by
Host: nexus.src-play.com
URL: https://nexus.src-play.com/betway/dos-prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.jackpotcitycasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 03 Sep 2024 04:12:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.jackpotcitycasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
WowSingleGameBox.mp4
dm.imagethumb.com/images/jpc/sgbv/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
suggestqueries.google.com
URL
https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
Domain
www.jackpotcitycasino.com
URL
https://www.jackpotcitycasino.com/canada/?s=bfp44009&a=bfpadid189291
Domain
dm.imagethumb.com
URL
https://dm.imagethumb.com/images/jpc/sgbv/WowSingleGameBox.mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| referrer string| visitID object| dataLayer function| gtag object| placeholders object| theme object| linkedUrls object| ePrivacyEl function| changePrivacySettings string| JPC_BackText string| JPC_CloseText string| JPC_MenuText function| $ function| jQuery function| s247r string| eprivacy_language string| eprivacy_clientName function| Swiper function| toggleClass function| httpGetCurrencyExchange function| httpGetjackpotsTotal function| httpGetCounters function| displayJackpotWinners function| updateJackpotWinners function| PrintProgressiveTickerTotal function| PrintProgressiveTicker function| updateTicker function| currencyConversion function| updateCurrency function| _triGameBox function| _isElementPresentAlt function| imgError function| isInViewport function| setValue function| increaseValue function| decreaseValue object| vtrk object| google_tag_manager object| google_tag_data function| removeCookieValue number| dataConversionRate string| dataCurrencyFormat string| dataSeparator string| dataDelimeter string| dataCurrency string| locale object| ensBootstraps object| Bootstrapper object| ensClientConfig boolean| ensBrowserSupported object| gateway number| decimal string| gameName function| onYouTubeIframeAPIReady object| gaGlobal string| _gtm_global_version string| gtm_trck_a string| gtm_trck_s string| gtm_trck_b string| gtm_venge_visit function| getCookiebyName function| extractVisitCookie function| extractFromInput function| _collectVisitData function| _domReady string| _gtmEvtCategory

35 Cookies

Domain/Path Name / Value
www.jackpotcitycasino.com/canada Name: qs
Value: s%3Dbfp44009%26a%3Dbfpadid189291
.erwinkeuph8vw.pages.dev/ Name: __cf_mw_byp
Value: roBYsZL08NB7Ci4sUaE.OQUS5cR1EzVWFePK0q6T7co-1725336745-0.0.1.1-/
proftrafficcounter.com/ Name: uid_id2
Value: 48e73daa-944b-485c-bace-0a0266f89821:1:1
erwinkeuph8vw.pages.dev/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 48e73daa-944b-485c-bace-0a0266f89821%3A1%3A1
blackmailarmory.com/ Name: u_pl
Value: 20116979
blackmailarmory.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDExNjk3OSwiayI6Ijg0MTU1MWRmNGFjZTQ3NzFhMjY0MjNjNTUwOGUxZjZhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODE2NzkxLCJwaWQiOjExMjMyMDQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoic3ZkOHBtYTMiLCJjcGtzIjp7IjI4IjoiODc1Zjg1ZDk4ZTAxODcxNjBkYWRlZjExMjkwODhhMWMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI1Mzc1OTYyMSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMzQ0NzYsImJuIjoiQ2hyb21lIiwiYnYiOiIxMjgiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjozOSwiYyI6IkNBIiwibiI6IkNhbmFkYSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJlbGwgQ2FuYWRhIn0sInhmIjoiMTY2LjAuMjA1LjcwIiwiaXhmIjp0cnVlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Vyd2lua2V1cGg4dncucGFnZXMuZGV2LyIsImFyIjpbXX19.rKqGbINGimBIRdgzVC8K3jYXK68i085z4rAi5_jjRNM
blackmailarmory.com/ Name: uid_id2
Value: 48e73daa-944b-485c-bace-0a0266f89821:1:1
pallorirony.com/ Name: uid_id2
Value: 48e73daa-944b-485c-bace-0a0266f89821:1:1
interruptchalkedlie.com/ Name: u_pl
Value: 23958813
interruptchalkedlie.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzk1ODgxMywiayI6ImIzYjkzYWNhNDgzZjFkOWEyYWRiOGJlNmM5NTUyODcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDI3OTcwLCJwaWQiOjE5OTM1NTEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoidzF1ZGRnN3UiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjUzNzU5NjIxLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEzNDQ3NiwiYm4iOiJDaHJvbWUiLCJidiI6IjEyOCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjM5LCJjIjoiQ0EiLCJuIjoiQ2FuYWRhIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmVsbCBDYW5hZGEifSwieGYiOiIxNjYuMC4yMDUuNzAiLCJpeGYiOnRydWUsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZXJ3aW5rZXVwaDh2dy5wYWdlcy5kZXYvIiwiYXIiOltdfX0.FRXsfAAtwJG5IXriBX1Hi0R-2kXCJs4bgwRyq_17nZM
pallorirony.com/ Name: u_pl
Value: 23574961,18931059,23958833
pallorirony.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzk1ODgzMywiayI6IjIxY2YzYjAzNzMzMTlhNmE1NTcwMmFmNmI2MzM1YmU3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MDI3ODUyLCJwaWQiOjE5OTM1MjQsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoibmtkMnEyaTciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjUzNzU5NjIxLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEzNDQ3NiwiYm4iOiJDaHJvbWUiLCJidiI6IjEyOCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjM5LCJjIjoiQ0EiLCJuIjoiQ2FuYWRhIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmVsbCBDYW5hZGEifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Vyd2lua2V1cGg4dncucGFnZXMuZGV2LyIsImFyIjpbXX19.-HwCK6C9Sb_m4Ud_FaVooIqXpjjH2EZ06Xj__zgktbI
pallorirony.com/ Name: iprc60e9770233ac8de694002646270ed31f
Value: 5470186
pallorirony.com/ Name: pdhtkv
Value: true
pallorirony.com/ Name: uncs
Value: 1
pallorirony.com/ Name: pdhtkv23
Value: true
pallorirony.com/ Name: uncs23
Value: 1
interruptchalkedlie.com/ Name: uid_id2
Value: 48e73daa-944b-485c-bace-0a0266f89821:1:1
interruptchalkedlie.com/ Name: iprc60e9770233ac8de694002646270ed31f
Value: 5470186
interruptchalkedlie.com/ Name: pdhtkv
Value: true
interruptchalkedlie.com/ Name: uncs
Value: 1
interruptchalkedlie.com/ Name: pdhtkv23
Value: true
interruptchalkedlie.com/ Name: uncs23
Value: 1
www.jackpotcitycasino.com/ Name: affiliate_id
Value: bfp44009
www.jackpotcitycasino.com/ Name: campaign_id
Value: bfpadid189291
.jackpotcitycasino.com/ Name: __cf_bm
Value: OPFiHE2MUNcjgnSuouGCJTp91Gx7.WEUqyRpbwEUk9E-1725336754-1.0.1.1-VVMU.8VLiqcvPy9aLY3EPTqh67PN.7y9AAWPAd52f13h0SDbazpymwS_97JoXnf3l2gocZLRpx_zuO5AAsijGg
www.jackpotcitycasino.com/ Name: promo_id
Value: 24408
.jackpotcitycasino.com/ Name: DEFAULT_ENSIGHTEN_PRIVACY_BANNER_LOADED
Value: 1
.jackpotcitycasino.com/ Name: DEFAULT_ENSIGHTEN_PRIVACY_BANNER_VIEWED
Value: 1
.jackpotcitycasino.com/ Name: DEFAULT_ENSIGHTEN_PRIVACY_MODAL_LOADED
Value: 1
.jackpotcitycasino.com/ Name: vtrk
Value: {"data":{"code":"4127D4E0-2D9F-4835-8213-7FDE29D48287","visitId":"73adb985-9723-4f55-98e8-749581be9e54","url":"https://www.jackpotcitycasino.com/canada/","properties":{"referrer":"https://erwinkeuph8vw.pages.dev/"},"utcDate":"2024-09-03T04:12:37.000Z","cookies":{"qs":"s%3Dbfp44009%26a%3Dbfpadid189291"," affiliate_id":"bfp44009"," campaign_id":"bfpadid189291"," promo_id":"24408"},"parameters":{"promoid":"24408","a":"bfpadid189291","s":"bfp44009"}},"status":1}
.jackpotcitycasino.com/ Name: vtrk_visitid
Value: 73adb985-9723-4f55-98e8-749581be9e54
www.jackpotcitycasino.com/ Name: 69385
Value:
www.jackpotcitycasino.com/ Name: 69384
Value:
www.jackpotcitycasino.com/ Name: 62640
Value:

13 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.cordellvolante.biz.id/adsterra.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://sighhigherapprove.com/841551df4ace4771a26423c5508e1f6a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad.cordellvolante.biz.id/adsterra.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://sighhigherapprove.com/841551df4ace4771a26423c5508e1f6a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.cordellvolante.biz.id/get/site/js/96f68942922b52bb74183301da4f157f(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/d0ad831df891127170674f7100bd3428/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.cordellvolante.biz.id/get/site/js/96f68942922b52bb74183301da4f157f(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/d0ad831df891127170674f7100bd3428/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.cordellvolante.biz.id/get/site/js/239d70a2682d0e2ba746122d0db22353(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/b3b93aca483f1d9a2adb8be6c9552870/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.cordellvolante.biz.id/get/site/js/239d70a2682d0e2ba746122d0db22353(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/b3b93aca483f1d9a2adb8be6c9552870/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.cordellvolante.biz.id/get/site/js/35f35ef9fb48430fa4fa94de28d8722d(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/5c5c6ef5a97b0b7e4cb5be2a1545aeb3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.cordellvolante.biz.id/get/site/js/35f35ef9fb48430fa4fa94de28d8722d(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/5c5c6ef5a97b0b7e4cb5be2a1545aeb3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.cordellvolante.biz.id/get/site/js/4c9721127b5277f3a2fb77663db94928(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/21cf3b0373319a6a55702af6b6335be7/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://split.cordellvolante.biz.id/get/site/js/4c9721127b5277f3a2fb77663db94928(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/21cf3b0373319a6a55702af6b6335be7/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://erwinkeuph8vw.pages.dev/(Line 291)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://erwinkeuph8vw.pages.dev/(Line 291)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://tse1.mm.bing.net/th?q=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.cordellvolante.biz.id
api.rbccdn.com
blackmailarmory.com
cdn.cloudimagesb.com
cdnjs.cloudflare.com
dm.imagethumb.com
erwinkeuph8vw.pages.dev
fonts.googleapis.com
fonts.gstatic.com
gateway.src-play.com
interruptchalkedlie.com
media.src-play.com
nexus.src-play.com
pallorirony.com
pop.dojo.cc
proftrafficcounter.com
recordedthereby.com
sighhigherapprove.com
split.cordellvolante.biz.id
static.site24x7rum.com
suggestqueries.google.com
tse1.mm.bing.net
www.google-analytics.com
www.googletagmanager.com
www.jackpotcitycasino.com
www.topcreativeformat.com
dm.imagethumb.com
suggestqueries.google.com
www.jackpotcitycasino.com
104.18.159.31
172.240.127.234
172.240.253.132
192.243.59.12
192.243.59.20
2606:4700:3033::ac43:d0d9
2606:4700:3034::6815:2bf0
2606:4700:3037::ac43:bd06
2606:4700:3108::ac42:2b3c
2606:4700:310c::ac42:2fca
2606:4700:4400::6812:2489
2606:4700:4400::6812:2abd
2606:4700:4400::ac40:9143
2606:4700:4400::ac40:95d9
2606:4700::6811:180e
2607:f8b0:4006:80c::200a
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2003
2620:1ec:33:1::10
3.213.14.153
45.133.44.9
52.85.61.19
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02b6643a122a84ac2b2d185c74850f9421b1e515a348c6a29168737729afa157
04d16747059812b52a8c10fb282c4fdc12933aaad26f639c37b8df9fece62f9e
06096125af576d873bcf0bb27560fcd4cdd7a0835b703177210a5b5c0c78ba44
0700b080b759a8c3315f6574e47561508bc3bdd91c798bb7a1817653a05ea1e1
0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10
0ffaec2975ef483984c4e2a6ae7ba9919a84a3ef96dad999a9c77b3aff1c46a4
1166154946b5da237a0007007fc4b5451beb22e5bcc245cfa89a1ab9bf66ae0c
123cdfc51128c108a50cfde3001f39dd7d5119ff20a712607f8479ef52d3d846
13f681e0a0806f6c2792831f69aa1e4694c2f32c9f29049ea4225e076d39f1b1
1e00d6167c033989d979578214a9babfc76e4fdc01516a707dc97ecf6619c192
24a476dce6ed889900ff0252ed88051d7c9e001968cdf252a7aca95b13140959
26c7e2f7ffa2be2d2a6afdc5413efc224701ce38254fe814cc03f585a811d374
2bf3572b8cc4a77f1d2387f85a2922769b3d1678d0c8a6b2a5c754d843bbf9f2
2ecc5c1ab28c8dcdb80c88cb750d6d3ca9f3f4414680850c9a8fb8423d51a785
3095d19aef2bae3478401f18418daf3ed69c302dd1f88dc22eb3589ec961b808
35a8e42acf300e5910d6d683d9949f96500c580cbb31264fd71db96f63989ed8
37833ddc7b70793c7c41763745a051f7c606b068ff6cc60e271c78a2cdf44ab9
3872e9b39760a1b59ac1e192633dbb3b58e595b4d423930ac7ded525e9ae25e0
3a3736869d08ca37cdc699f782e9f2667f72d69a7044c0b45e7be858c23bc8ee
3b6f337c9d0db78500fcc75b0edce285118c63e7e477ae05b0376a8600692b2e
454d8f5db1507403500dc3f954f783d371d8f4c810944c70e4488052058e3a51
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
4654e200fa4ea63f53a9172dad046cc6605e3c76dd06b5f8d422b3f637804249
475bb4b37138bbf4cde349e961a82ae42d183de35d9510ba39118cde693b8c69
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
4eb09e0b86d6ee1db71ce9ec93aea26389e4652247c85348f7d72c679ca7d822
530782898270dff98a6857a5489ff824f1f54b6600407cca0fba1b7334f83cb3
53ac276086d17ff935794f7be6b7a619fe537c6e92eb9f121f9cca16fb3bb6a2
5775cc284d70889f185ea1ad5ec55d65dadcf41b05e114598e530219ba5acf4e
59c50b7c81c6f9d495de9a2d29c3ff74df0dfe52a9cdea882a88ec1621996661
5e59aec8e7d030aed6e4522c0f76586d09c0e4185203c889a1ebeb2682a459c1
5f3ef0038c337c1666fdb5b553846e80caf760f7e115dc913ef814d278ab92b7
60a63d058457d7486e5109237fb15aa456acc71ba92b0a85edeb93944258f370
61e59efdc7ffb29b5e54084e4030bc080b872c4d792cd4de1d1d702783365e10
66bff63483c26d37357d74f4811b08cd67e84b219b3051dc527e202d32f9f984
69a58452ad54d86835217de65dd0f87d5fb306d785f991d23ef12bec73738c9f
6a73f6e1ab7a72bc613acb4bbff984703188b43e69c8e76ff506332b7eed5dbe
6e9d0954970365628cfb546146b13ec29b6c20e2f05f651cbe60994c1534fb8c
709b49b664b7914dbcb61c6e2df479dc700008e5ee52fd49faad6bd01f7c5413
7132c339018a46dd888a7b14ce500b92ab3b348c042319ff727e555dafee9cbc
7248db4c76af8377e4fe3ca436986a0e9f8394b4df417daa1c8658ec315bcbc3
72aeae927adaabe29edfec4d404e9a8185546a807aabbf5cbb6cf958bd259393
745a44a3a5de4de96e527138adf43daf8890431471b0bc330e0cb0c61f125a8c
748778f4c732b37a800871e6a4824988dffd92a00fde1ced25bb16e368899c4f
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7a22d3a3837b2b91a395fc1330bd6e4608b69d0c17534819b479cfd771ad58ed
7b1fa2b593ff4d4930f0b202ef446127d7b7c0be03b14aa033b57f465f4b9553
7c925a2ae39b2b86b706f23326e349478fda09e3783c2dddde730ae2cc6b12b7
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
82b92d5132dae507c81bbf12fb4fc3bffc64d01717a5dc096567f5d4b387e164
8326ea7d507c663d55cdad9285877053ca276fee6074c4eca6296d7df66a3ab7
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
86dc38760239a678248d0e0466dcbdda97696b2403cf81043cbb9c6edddc257a
87b9ce2080bc825b2ecfb291779967ec79e9f3483054224dbeaf08b668c29430
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e5f273a6d2f5ae29fa3a18e0fe79328b0c3e7ebaa94824e7e6fd13daf0b2a7a
90a154643004f4a24e5a2e88baa7940f37ea6e8f411c9df2dca33b219ffc271e
9423bccc123a7b4a013212309e05cbcaf9a52f23950be48b0fe743c9046fb3a9
986f69585fb523451147516f295058320c04446a02535657f6fcd22e0a3f0bf0
99d6a5bb202a4dae41eda7bc6e71c513fd96ba297818028196710d299ea0b966
9ce03a1c9a375cb89461db1b8f8b9b8b4a79570af988aac01be3dd8822232468
9f359e5193dbe3fd967e7f4388837c3447ce67ef46433c3bf51999bfde9dc533
a1f353b48de3ec72ca1290f125e253ab598b591dd467da8d4666a08ca9d51d39
a6d343d425bc38db90152fa06058b1c7391eca9264f334ef65c1ce175085c6f6
ab478df11475385fe341b8560c49cb6fafea26c89c9ab7db81d31217ae175a64
ab8b75503da12e46d60eed5b809f14ad56b9c5ee2aeb1d51f433626461d45794
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b0165ceaec1b0b8cfce5658bbc88fad40b6f17f5c24965239f01a5f5670addfc
b1223996bf26a243b9cf7f9621a50407e2b66e718615b0da6617389d359df003
b7fb43007a2fa84c66bc14d99662c2f8c9b9ef2793c28e505bee5c4b7c5f85df
b8d91636de8392a65bda6f9f36a89a2fae8ce1690b95011ff0e0e24013d13e94
b9dd31dff5493086ecbcd6f200b0529ceaa04bfb91eaa3a8514627c9c0d7e11e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
bc0fafc81a11bb4eb7cf3f8ada1ed6953da73346f1bee38459a6a1db7eede44a
bc6d43461df4f2fcd7dfe170ab7d6e434e91d4b77ae821e73388db330ab3317c
bdb1c151de043fb1e66cd7d3ea3581b9737c880abadb5a8d126abde141a6941b
be1c9262fabf74ccb285e0c65168375398e3ed91b101bba9c47cbd8b02f05c24
c3330ea0be7273ad2d9b6103db0be3ed37cb0beb7b93b25a89be99194fe8195f
c640776201e6b724486afc95a95d0ee1a825f2b276f6e1aec5d70fefb04c1dac
c721588b5b617400c3c81d6a5e619f674559869d1945ed3e0b2e56ded21ee39a
cbed2a99bf87f622779d2bb50eed2276cd5a8948b03e59f6c37f65a37d052d92
cd3a1cda1d1878324b929ba7358f8fc173f252fc6f218868cdbbb10231ff48ab
cee8ac1bd83999622569ff354f685e72e8405dca163ae04eb9127c7282f2acc0
d1f2861c0bbf450a45261e3e1d3a0fef8d6c2462ce735f1f452c52ad240820ae
d6d96bec3225aafd281eff213d8b429a4b2f415a2c05acfb3b3acb48d15f6aa7
dc595881d3dc51805fc9dc4500028b4fb3d5a1e793c8309eaee1dd16a38c5611
df6b6c08f6ea4a2f1840fe9f877610c1dd5d78df4e75c7a32e3b461a986d54d0
e39084f392ec92ba74b0816f4fb14e7305e150fd17c566a68ed545ad5c3aefd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47c8573ebb979bd15cb0722301ce6f3b877b31f447d8b82de0e24fa745f976b
e6566ce6c047c05b756a162774bbaa46c146050fd5542d4d9c764dd2706f7787
e7f462576bc9d86987686334d8ed854f9c230779b433ebcd7707358280f06c93
e8e61cf5bae069200972eacfdb05c32dda25fbda6aea8cf0e4f52deda07a20ae
eae1ea2216e3c95f5a6c53f8b033c9b0cdeb15710ab70a432330cd4013699425
eb3126719a1cdfb87487b58c778bab80e3c91e5bc4398804cb1edde7ccefb985
f00fa5f10a3876b4987a9617e490f8f5421bb0cca45881d73137e13f254664e9
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f364cbb0435cf32cdf6b12944c960604dc887f66517ecf3aa7d9cacdbbdcc7cd
fa4c1a0ccefee23b9f4af6b291444d708cd7215bea7ef00207b68eba0aff683c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e