urlscan.io logo urlscan.io
SecurityTrails logo

harvestrains.live Open in urlscan Pro
2606:4700:3030::ac43:97eb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/wqaxszdecc/mdsghq4.html#redirect.php/c17827mJgRZ5020375lPVg715nMw8393vFKH1002
Effective URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Submission: On March 10 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3030::ac43:97eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is harvestrains.live.
TLS certificate: Issued by GTS CA 1P5 on February 27th 2023. Valid for: 3 months.
This is the only time harvestrains.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 2 94.102.4.223 51559 (NETINTERN...)
1 195.54.167.231 49392 (ASBAXETN)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
28 8
1    2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    94.102.4.223 (Turkey)

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: enviro.concept-websites.co.uk
emanhtap.arfiandi.me
1    195.54.167.231 (Russian Federation)

ASN49392 (ASBAXETN, RU)
microfilmnsaps.com
1    2606:4700:3031::6815:3de5 (United States)

ASN13335 (CLOUDFLARENET, US)
gridlockgates.com
15    2606:4700:3030::ac43:97eb (United States)

ASN13335 (CLOUDFLARENET, US)
harvestrains.live
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-epicurei.com
event.trk-epicurei.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 harvestrains.live
harvestrains.live
210 KB
5 trk-epicurei.com
trk-epicurei.com — Cisco Umbrella Rank: 161831
event.trk-epicurei.com — Cisco Umbrella Rank: 212669
3 KB
3 gstatic.com
fonts.gstatic.com
68 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 396
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 305
35 KB
2 arfiandi.me
emanhtap.arfiandi.me
597 B
1 gridlockgates.com
gridlockgates.com
696 B
1 microfilmnsaps.com
microfilmnsaps.com
421 B
28 7
Domain Requested by
15 harvestrains.live microfilmnsaps.com
harvestrains.live
4 event.trk-epicurei.com trk-epicurei.com
3 fonts.gstatic.com fonts.googleapis.com
2 emanhtap.arfiandi.me 1 redirects storage.googleapis.com
1 trk-epicurei.com harvestrains.live
1 ajax.googleapis.com harvestrains.live
1 fonts.googleapis.com harvestrains.live
1 gridlockgates.com 1 redirects
1 microfilmnsaps.com emanhtap.arfiandi.me
1 storage.googleapis.com
28 10

This site contains links to these domains. Also see Links.

Domain
www.gambleaware.co.uk
www.gamcare.org.uk
Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
microfilmnsaps.com
R3		 2023-02-17 -
2023-05-18		 3 months crt.sh
*.harvestrains.live
GTS CA 1P5		 2023-02-27 -
2023-05-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-07 -
2024-02-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Frame ID: 81DB11431A265BEE4D7AF0157F180D26
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TitanSpins

Page URL History Show full URLs

  1. https://storage.googleapis.com/wqaxszdecc/mdsghq4.html Page URL
  2. http://emanhtap.arfiandi.me/redirect.php/c17827mJgRZ5020375lPVg715nMw8393vFKH1002 Page URL
  3. http://emanhtap.arfiandi.me/track/c17827mJgRZ5020375lPVg715nMw8393vFKH1002 HTTP 302
    https://microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/5020375-715-8393 Page URL
  4. https://gridlockgates.com/?s1=350977&s2=942650752&s3=2543&s10=1404 HTTP 302
    https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

8
IPs

4
Countries

317 kB
Transfer

5214 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/wqaxszdecc/mdsghq4.html Page URL
  2. http://emanhtap.arfiandi.me/redirect.php/c17827mJgRZ5020375lPVg715nMw8393vFKH1002 Page URL
  3. http://emanhtap.arfiandi.me/track/c17827mJgRZ5020375lPVg715nMw8393vFKH1002 HTTP 302
    https://microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/5020375-715-8393 Page URL
  4. https://gridlockgates.com/?s1=350977&s2=942650752&s3=2543&s10=1404 HTTP 302
    https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://emanhtap.arfiandi.me/track/c17827mJgRZ5020375lPVg715nMw8393vFKH1002 HTTP 302
  • https://microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/5020375-715-8393

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
mdsghq4.html
storage.googleapis.com/wqaxszdecc/ 		274 B
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/wqaxszdecc/mdsghq4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
274
content-type
text/html
date
Fri, 10 Mar 2023 14:30:08 GMT
etag
"ac1ca4e8ee8e94cba92eb2562ae317d4"
expires
Fri, 10 Mar 2023 15:30:08 GMT
last-modified
Wed, 22 Jun 2022 16:58:57 GMT
server
UploadServer
x-goog-generation
1655917137553463
x-goog-hash
crc32c=1MKBPA== md5=rByk6O6OlMupLrJWKuMX1A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
274
x-guploader-uploadid
ADPycdsEhvgnYwVdaUdUWdgqT-or6SG0AGlOKBZxbXIlU1QxXQeFul99UiPDvpF6J1IGwEXeCD6C3gBG_OgBWFZhK8SbLcMpOzrG
c17827mJgRZ5020375lPVg715nMw8393vFKH1002
emanhtap.arfiandi.me/redirect.php/ 		253 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
http://emanhtap.arfiandi.me/redirect.php/c17827mJgRZ5020375lPVg715nMw8393vFKH1002
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/wqaxszdecc/mdsghq4.html
Protocol
HTTP/1.1
Server
94.102.4.223 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
enviro.concept-websites.co.uk
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
253
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Mar 2023 14:22:57 GMT
5020375-715-8393
microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/
Redirect Chain
  • http://emanhtap.arfiandi.me/track/c17827mJgRZ5020375lPVg715nMw8393vFKH1002
  • https://microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/5020375-715-8393
129 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/5020375-715-8393
Requested by
Host: emanhtap.arfiandi.me
URL: http://emanhtap.arfiandi.me/redirect.php/c17827mJgRZ5020375lPVg715nMw8393vFKH1002
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.167.231 , Russian Federation, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://emanhtap.arfiandi.me/redirect.php/c17827mJgRZ5020375lPVg715nMw8393vFKH1002
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
129
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 14:30:16 GMT
server
Apache

Redirect headers

Content-Length
118
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Mar 2023 14:22:57 GMT
Location
https://microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/5020375-715-8393
Primary Request 546739dcb8c3fede4cbc73f08d9d2d77
harvestrains.live/
Redirect Chain
  • https://gridlockgates.com/?s1=350977&s2=942650752&s3=2543&s10=1404
  • https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Requested by
Host: microfilmnsaps.com
URL: https://microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/5020375-715-8393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa1a5a2ffe5e8fec9cb0b9559783413bdf296566284cada18489d266021879f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://microfilmnsaps.com/0/0/0/a8dc5f84c267280047c74634f7867b45/7/2013-17827/5020375-715-8393
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a5c41358c429012-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 14:30:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLkdu%2BvJto8VtrdYsekGd%2FCSQzjqxiVHh%2BEAl3vUGVSBV4wulXFslX%2B9YcCqfzEEMnFQwntmkXG7sLdCwc6oFcBgaRee0IvGgbxfjA3F454Z05KjBtprorvKBiji1gK6J13Dy0wuDKdUzyAOsKpqMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7a5c41319fb82c71-FRA
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 14:30:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3myzxiEInyxFpCpctP0LyocnRDf7ZHgRqxDmVv58WsRH41SOp3eQKpSqrCUw81gGt0HlTWm2koi2tPNQUph02F1kabZnwMItdfceZjwPAqKtgso6QUuhOftdLrNTZuAm1yLd%2FBhavkxQ%2BEUY%2Bn9edw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
harvestrains.live/fim/771c6a628c9963692cff73b6552e1f30/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/fim/771c6a628c9963692cff73b6552e1f30/bootstrap.min.css
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/bootstrap.min.css"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wd9jK9HdPMMM4%2B9KrAElePsaFDTzbAyWAKNUHP%2F60biJcJG8KDrJtCpCbZVBZvBzFHRm1ldenOmxn6OyfnP8MifcaLz6oSh1iyIywi0rC8slaYRGPaoA%2FnyfbZxyWVbX2hYFxBte4LoNi3W9zpd%2BSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5c4138d80a9012-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
css
fonts.googleapis.com/ 		3 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Mar 2023 14:30:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 14:30:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Mar 2023 14:30:17 GMT
style.css
harvestrains.live/fim/771c6a628c9963692cff73b6552e1f30/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/fim/771c6a628c9963692cff73b6552e1f30/style.css?v1.05
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a040933cb5dc29937509e87e348bbbd111024182ad2a3109c4a711aaa05c1e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/style.css"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97lskRIx5YPX4bu1btIAOAylexgIS2F8KK9ZGRHPVMaFvoFSFRuoCy65nBtQgE9BscJ3J9I5oi3eXkcrIyXJFL4Fl2vHvnhHpW7ZaKBcb9bRNtuy%2FY%2FagWl4%2FsTTW4gY%2BFZCW5hJaqDO718EPJbNJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5c4138d80c9012-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
msg.js
harvestrains.live/inc/ 		942 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/inc/msg.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
113634
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 12:25:37 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9giwhQcQesfPNG%2FpVatn3oo8%2Fgxk11eUIsUCxIHZGYmaq2YV94vgy4Ngnlyg0WN4njIqPqFNav4koX4o9%2BcFNWC%2BT8BJAIo0KfbmAA1APVCSfyYTPtrTXdVu45tLpTrry%2FjCM%2FCi6vm9JiwJN8WbDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7a5c4138d80f9012-FRA
expires
Thu, 16 Mar 2023 06:56:23 GMT
a0a8bc254435c21c2efdc90033bf2345.png
harvestrains.live/fim/1404/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1404/a0a8bc254435c21c2efdc90033bf2345.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:19 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39898
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 14:04:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xq5M59yAXlgo29ISUEBHcNe5p0py1OYIlOQx0ZZRbgC0glCkBBHoIKT1ujCZ2rFh7E1wjwapnXY5qS0bjkOskIpcLsxGFuLVckc3WIoRjNqaOPJQ6cKCsoLCea9mz2ZbO5N0q6LCiUrdP6DldTK%2BcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5c413d8cc93837-FRA
expires
Fri, 17 Mar 2023 14:30:18 GMT
4353b6c248ee6c8e60e4327d7e725dfa.png
harvestrains.live/fim/1404/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1404/4353b6c248ee6c8e60e4327d7e725dfa.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24575
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 14:04:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnSi9Xxebjka%2B%2BnL5B2fCOvvD86UPi%2BcvgY4hGBoPPehua7tn8UsUBscgaKL%2B2TL36%2BK%2FXwx2%2FzD3K1uu8nF%2BpR2aNAkn%2BLbD2PSmaA2z%2Fv0rliPsRF0q9IsNUDhvEUAmP1s%2BmcjeEmrZRhi4UfKPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5c413d8ccb3837-FRA
expires
Fri, 17 Mar 2023 14:30:18 GMT
64e86b4a1747cc3769ec6536b4a7946d.png
harvestrains.live/fim/1404/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1404/64e86b4a1747cc3769ec6536b4a7946d.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3458
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 14:04:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQ5QpxVqz%2FqqhRx3SvHzO2Hak0CtHfom62wrnXqbQPfV6OegEseF9wcqioRLAVxgtqqtxzW3dvW9TgS9q1oYTxUPPUjLarcON8v1E2c6SjxhPM%2Bv20BheSX5WJHvTSPitai%2BQeFlhZkSs0v%2Bi%2F%2B2ew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5c413d8cce3837-FRA
expires
Fri, 17 Mar 2023 14:30:18 GMT
f48e53cdb12f549d34ae9064dd6e8f46.png
harvestrains.live/fim/1404/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1404/f48e53cdb12f549d34ae9064dd6e8f46.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3661
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 14:04:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rT5wgaYJGKtbO7HYF%2FhZA5DgIvXSdqjEi47nfi%2BJczC0Ip9MfqJ44WjrG2gLsEpA7W7B%2BGSr7L1iocMyL0YLUBa7CTYIX%2Fj04o2kwceqDP9WALHAPkCBgBkSA4MQI8mLXYDwyPo2tm0RyTvapqeGZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5c413d8ccf3837-FRA
expires
Fri, 17 Mar 2023 14:30:18 GMT
4026c8c96b43b9952f14995646ed9097.png
harvestrains.live/fim/1404/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1404/4026c8c96b43b9952f14995646ed9097.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3613
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 14:04:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkp6hYxApYYc0D6nDAec9EWrWATUOgViO4G4n8Mts6C4ps4GEtR3OVq3IomO5M%2Fwuc%2Fics79e5B1t6vcUEj5IDs8Bz1WH4Fu8Wsm0vejziqP6hfG%2BHF3h0KnxWTA1WDxJBnYPzF10irqMDTzvw%2FgrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5c413d8cd03837-FRA
expires
Fri, 17 Mar 2023 14:30:18 GMT
5dacefe3598039366f55d20a05b7e081.png
harvestrains.live/fim/1404/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1404/5dacefe3598039366f55d20a05b7e081.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12169
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 14:04:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfAjtWfsg3WbIeo4S6wLCh567QngKYPSwVewvOwTxKZERjESqccfM2AEJ3AlEpQfU3EGgG1alZ81D6SrRTMKfDhfsZtCx%2BDBnZRNlbOJN%2B9zkkDvFRNj99T%2BvxfLjBwC%2BnTX9fmxRN2%2FZzwSw9R2yw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5c413d8cd13837-FRA
expires
Fri, 17 Mar 2023 14:30:18 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 10:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 10:35:38 GMT
bootstrap.js
harvestrains.live/fim/771c6a628c9963692cff73b6552e1f30/ 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/fim/771c6a628c9963692cff73b6552e1f30/bootstrap.js?v=1.0
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d140144d75fee3c058ac806a2bc7f9fa4ecb778d00b31f02710513e61e71ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/bootstrap.js"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63xTUPBrzXCaom1NCL7iwdrc7AJO4c%2B3XdOHewCZbMfL4B512OoMV1%2BkkM8XXue6qM50DefptXWGih9Hr%2FQ28pgTLfP3NEpa8YbhI9CZzrX0k8M1VNR5COT6JUo4dlyqSi73yoCwEDPS%2BWb4xvGrdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5c413c2aac3837-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
common.js
harvestrains.live/fim/771c6a628c9963692cff73b6552e1f30/ 		768 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/fim/771c6a628c9963692cff73b6552e1f30/common.js
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1669a1f2809856365657b64b61614f40ea490d99156733ec137cd55e095f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/casino/titanspins-casino-us-v2/assets/common.js"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBYg9rOQZI%2BEghLf1RQBeJ88k8nHitF0Phu2PPyCKkqwaF68CzH%2BDObHN8D0ECPO3eNOjlpP9yUY3308grO4eBSztqVKWqLU3qlu5kO1v7vNooRu2AUwnv48%2Fbbz%2FD8D0UjEdqrjjkEWxMhqZbvnCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a5c413d7c953837-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
v9e118mez8
trk-epicurei.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-epicurei.com/scripts/push/v9e118mez8
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/inc/msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
681
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 10 Mar 2023 14:18:57 GMT
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DnjI03Tz2jiBTuK7NkgQbdKTkGc5f4RLvSfuR%2FF87jV1HGEnohYTfEYpWpgSYT5fbkR2yFDm7GCLhyqYodKghz903iQow5lXLVM2Jgeo1KQECR721C5txi3our25GQMMtl5YwJcxRlWlGC9gIB5"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5c413ddbe69090-FRA
expires
0
c03d54e2d235efde64af09cdd57557a1.jpg
harvestrains.live/fim/1404/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1404/c03d54e2d235efde64af09cdd57557a1.jpg
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:19 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
72488
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 14:04:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwitR9gHtA98vXBcxEfNfua3xPcsXUXubTYuFgi0uQ7HxBKm%2F3J4GUe6AwMJgrlXtIvoyaNCGp9zEHRoYAIA5uyKGYWY0uI7RVVS81nK7HgaGjTF21aKkR%2B7rlJqduzrkPmHYt1%2FGU4VuUy9kAqxUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5c413dbd133837-FRA
expires
Fri, 17 Mar 2023 14:30:18 GMT
ce020209da4e7ea784584874fa62db71.png
harvestrains.live/fim/1404/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://harvestrains.live/fim/1404/ce020209da4e7ea784584874fa62db71.png
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1312
x-xss-protection
1; mode=block
last-modified
Fri, 10 Mar 2023 14:04:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5s8d4In2IqR20Zt03NwLQqeKxC1nl3Aakjc7HYBSXSxCBw7dKRkpI8g%2FfBSO1uJ%2BhcVosXzHKFQakm1617tJ%2Bg9pSmQIZV7gIjVCpUaRDKOaGHRPibisrYbS6PCG20fRP6NoYTWIv8%2FHuJhxX6pFYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7a5c413dcd2a3837-FRA
expires
Fri, 17 Mar 2023 14:30:18 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:09:33 GMT
x-content-type-options
nosniff
age
69645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 19:09:33 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 16:25:00 GMT
x-content-type-options
nosniff
age
165918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Mar 2024 16:25:00 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,300,100,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://harvestrains.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 21:47:53 GMT
x-content-type-options
nosniff
age
60145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 21:47:53 GMT
bg-video.mp4
harvestrains.live/views/casino/titanspins-casino-us-v2/assets/ 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://harvestrains.live/views/casino/titanspins-casino-us-v2/assets/bg-video.mp4
Requested by
Host: harvestrains.live
URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:97eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 10 Mar 2023 14:30:18 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7189
Content-Range
bytes 0-4765376/4765377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4765377
x-xss-protection
1; mode=block
last-modified
Fri, 03 Jun 2022 14:54:45 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FxuYcLt6mHMqK7HocN8tSrjd7u1qOQTww3%2F8xUbDBRcSrYeofVpD%2Bv1ij9LVEF7nfpxGRQ2WYkkgz%2FtgGGTkd33D9B09waezbQN8g7yazI1yEv%2F99XFH1Hj%2B1E8rUgohzPurbgli0G5LsOyMrPkJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7a5c413e2d9c3837-FRA
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://harvestrains.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a5c41450ef73aa3-FRA
content-length
0
date
Fri, 10 Mar 2023 14:30:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6v%2B64FZ7jgcPHLJ8Pe7tpYbfkQTRGqL%2FhoG265DocAWAXl0SZHjpPJBH6jlUXR3x44HrAA2p6k8y6%2B5iNxDqC4DYLpGWt2x0K01SEybcOm9ndZXHy4riFRxKUF%2BWfbmwzR0QgY07lcRIE7PxOZWNG9m%2FGCJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 10 Mar 2023 14:30:19 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKklIGQ%2BKUwww%2FeEwMoC%2B4hB5JWJ9g8xZWlO9AVJRMHqe4MTyZHNdrhVm58EOee1zi9G0B4fO5Maawa0CHy6vOXslrf4WtfsALrku%2B4hia4aTG0V1Lq3eEuSkWSOFwtPZTSgucHE5qcWBKobsUOVneW%2B46IJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5c4145b8123aa3-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://harvestrains.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a5c41450ef93aa3-FRA
content-length
0
date
Fri, 10 Mar 2023 14:30:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRJ9IQSP8wPlB5cW1qjfOgsd%2BP3Ut3ajN8ZZh4rtnt8iT1CQS4ybpZNpA1%2Fth1RFU5ia8kD90NjUfRziXsMHaIfm1WNbgUAJ%2BJFdBNSK7IIFF46hP6c9exbDCaesGDAaa5mnXbgQRRb0o8Yk1TGOhMbEiJqk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
v9e118mez8
event.trk-epicurei.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-epicurei.com/register/event_log/v9e118mez8
Requested by
Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://harvestrains.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Fri, 10 Mar 2023 14:30:19 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObAV9dyseXGhu5tiJHnQOkhVu3kYTombboEyKpILeHYPvM%2FAVzkSAa%2B8v9GQntTsL45jhk3PdhUceYuTM6XmeFhKIS%2BhIwGutiNY4ZtWKy2dM2Cbsr5dXnShtM99qGpc0exYfIczNAl4XaFYg8ZrwktoOTT1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://harvestrains.live
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray
7a5c4145b80f3aa3-FRA
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| change object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| $ function| jQuery function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| backSubmit object| jQuery1113009083260269263649

3 Cookies

Domain/Path Name / Value
microfilmnsaps.com/ Name: uid2543
Value: 942650752-20230310093016-19319c73e48507c62d19020b569ec526-
gridlockgates.com/ Name: PHPSESSID
Value: 5b48fea7135f8192e69748a9670580e7
harvestrains.live/ Name: PHPSESSID
Value: 635fa68c03b26092fb61e17a74cc53ae

1 Console Messages

Source Level URL
Text
other error URL: https://harvestrains.live/546739dcb8c3fede4cbc73f08d9d2d77
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
emanhtap.arfiandi.me
event.trk-epicurei.com
fonts.googleapis.com
fonts.gstatic.com
gridlockgates.com
harvestrains.live
microfilmnsaps.com
storage.googleapis.com
trk-epicurei.com
195.54.167.231
2606:4700:3030::ac43:97eb
2606:4700:3031::6815:3de5
2a00:1450:4001:801::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:827::2010
2a00:1450:4001:828::2003
2a06:98c1:3121::3
94.102.4.223
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
12b4f4c131c2f2f4b969f2baf134b6967abb6a2c48f52b4d88bad971a44dbe90
7195c7c88d7ec9eef6c013593d20ec2dba28a76bff85cdaa465a4e1cdd82184b
85d140144d75fee3c058ac806a2bc7f9fa4ecb778d00b31f02710513e61e71ca
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
9aa1a5a2ffe5e8fec9cb0b9559783413bdf296566284cada18489d266021879f
a040933cb5dc29937509e87e348bbbd111024182ad2a3109c4a711aaa05c1e7a
a5af8eb61164cca569568bb63bb183a5caf9e575b5c708c8df98850ac9395ab4
a9d0832ebd7dc54e2ddf831ff23de969788279857cb659172929889389c4291c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b0d1f02aa6ba8768f4e5cb10cadf475f714479cd2dc925fe922ef61431dc4cb9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc13de9280e3a61fd747d92275aa9856396135507eb9ceece8760bba7376de67
f11982020059ca1e3529e154b058c4680091c7ae67d339b7ba2cbf77f99210a8
f255fe4742c1ef8931c9e6686b091aff09f2522bacff1c069376ec5aae853792
f35704d0bd4b1f7c1da4844418ea46091f70cefb86d050a6aac350d9605779d1
fc1669a1f2809856365657b64b61614f40ea490d99156733ec137cd55e095f93
fcc3c91f6e26d1f05dd92f6cf293b0ca557d14a98fe2d7e765812e4184949c5d