showslot.com Open in urlscan Pro
172.67.73.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mord-im-orient-express.live/
Effective URL:
https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect
Submission: On December 12 via api (December 12th 2024, 6:12:23 pm UTC) from US — Scanned from NL

Summary HTTP 101 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 28 domains to perform 101 HTTP transactions. The main IP is 172.67.73.78, located in United States and belongs to CLOUDFLARENET, US. The main domain is showslot.com.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time showslot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	172.67.73.78 172.67.73.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.23.60 13.32.23.60	16509 (AMAZON-02) (AMAZON-02)
6	99.86.4.80 99.86.4.80	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:440... 2606:4700:4400::ac40:97a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.3 99.86.4.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	157.240.30.27 157.240.30.27	32934 (FACEBOOK) (FACEBOOK)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	23.213.165.149 23.213.165.149	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.67.72.56 172.67.72.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:895::1931	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	104.126.37.185 104.126.37.185	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2a02:26f0:350... 2a02:26f0:3500:287::14a9	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2606:4700:440... 2606:4700:4400::ac40:9473	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.31.25 18.245.31.25	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2014	15169 (GOOGLE) (GOOGLE)
3	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
3	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
2	157.240.30.35 157.240.30.35	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::ac40:96d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.8.44.252 51.8.44.252	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1	178.250.1.9 178.250.1.9	() ()
101	34

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mord-im-orient-express.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.67.73.78 (United States)

ASN13335 (CLOUDFLARENET, US)

showslot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gc.showslot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-60.fra56.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.4.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-80.fra6.r.cloudfront.net

app.uptain.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::ac40:97a6 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-3.fra6.r.cloudfront.net

app.uptain.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.30.27 (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-prg1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.72.56 (United States)

ASN13335 (CLOUDFLARENET, US)

stapecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:895::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a104-126-37-185.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:287::14a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

cdn-4.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9473 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-25.fra56.r.cloudfront.net

integrations.etrusted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gtm-mczdx83-zjezz.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.30.35 (Prague, Czech Republic)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-prg1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:96d8 (United States)

ASN13335 (CLOUDFLARENET, US)

in-automate.brevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.8.44.252 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	showslot.com showslot.com gc.showslot.com	529 KB
10	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 9092	174 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 934 psb.taboola.com — Cisco Umbrella Rank: 6026 trc.taboola.com — Cisco Umbrella Rank: 763 trc-events.taboola.com — Cisco Umbrella Rank: 2914	25 KB
7	uptain.de app.uptain.de — Cisco Umbrella Rank: 301837	39 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 953	6 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	141 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625 f.clarity.ms — Cisco Umbrella Rank: 12256	30 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	446 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
3	criteo.com dynamic.criteo.com — Cisco Umbrella Rank: 3682 gum.criteo.com — Cisco Umbrella Rank: 450 sslwidget.criteo.com	23 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1065	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 902	88 B
2	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5939	167 KB
1	brevo.com in-automate.brevo.com — Cisco Umbrella Rank: 24219	99 B
1	appspot.com gtm-mczdx83-zjezz.uc.r.appspot.com	594 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	etrusted.com integrations.etrusted.com — Cisco Umbrella Rank: 66178	2 KB
1	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 23280	4 KB
1	convertexperiments.com cdn-4.convertexperiments.com — Cisco Umbrella Rank: 8759	312 B
1	stapecdn.com stapecdn.com — Cisco Umbrella Rank: 35652	8 KB
1	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3405	9 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 514	313 B
1	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	14 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	mord-im-orient-express.live 1 redirects mord-im-orient-express.live	553 B
101	28

	Domain	Requested by
27	showslot.com	showslot.com static.cloudflareinsights.com
10	cookie-cdn.cookiepro.com	showslot.com cookie-cdn.cookiepro.com d2wy8f7a9ursnm.cloudfront.net
7	app.uptain.de	showslot.com app.uptain.de
6	ct.pinterest.com	s.pinimg.com d2wy8f7a9ursnm.cloudfront.net
5	analytics.tiktok.com	showslot.com analytics.tiktok.com
5	www.googletagmanager.com	showslot.com www.googletagmanager.com
4	trc-events.taboola.com	cdn.taboola.com
3	f.clarity.ms	www.clarity.ms
3	bat.bing.com	showslot.com bat.bing.com
2	www.facebook.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.clarity.ms	showslot.com www.clarity.ms
2	sessions.bugsnag.com	d2wy8f7a9ursnm.cloudfront.net
2	vjs.zencdn.net	showslot.com
1	sslwidget.criteo.com	dynamic.criteo.com
1	in-automate.brevo.com	sibautomation.com
1	gtm-mczdx83-zjezz.uc.r.appspot.com	stapecdn.com
1	region1.google-analytics.com	d2wy8f7a9ursnm.cloudfront.net
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	d2wy8f7a9ursnm.cloudfront.net
1	integrations.etrusted.com	www.googletagmanager.com
1	sibautomation.com	showslot.com
1	cdn-4.convertexperiments.com	www.googletagmanager.com
1	stapecdn.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	gum.criteo.com	dynamic.criteo.com
1	dynamic.criteo.com	www.googletagmanager.com
1	gc.showslot.com	showslot.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	d2wy8f7a9ursnm.cloudfront.net	showslot.com
1	static.cloudflareinsights.com	showslot.com
1	mord-im-orient-express.live	1 redirects
101	35

This site contains links to these domains. Also see Links.

Domain
www.eventim.de
support.showslot.com
business.safety.google
www.cookiepro.com

Subject Issuer	Validity	Valid
showslot.com WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
app.uptain.de Amazon RSA 2048 M03	`2024-07-11` - `2025-08-08`	a year	crt.sh
cookiepro.com WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-20` - `2025-04-15`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-01` - `2025-12-31`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2024-12-09` - `2025-12-09`	a year	crt.sh
stapecdn.com WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-02` - `2025-08-07`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-11` - `2025-09-10`	a year	crt.sh
sibautomation.com WE1	`2024-12-01` - `2025-03-01`	3 months	crt.sh
integrations.etrusted.com Amazon RSA 2048 M03	`2024-02-05` - `2025-03-04`	a year	crt.sh
*.appspot.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
brevo.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect
Frame ID: 12AD47F3C41FFDB64720009AA3BDAE01
Requests: 94 HTTP requests in this frame

Frame: https://app.uptain.de/static/index.html?sToken=dhQde1Qg9iVRqeOC&shopId=4989&__up_tabId=20928539-c4f9-41b4-aa91-e4c96daa3367&__up_clientId=e12f7d15-7a22-4ad5-8ae2-9fb2f0ed73a4&__up_sessionId=null&uptainApiUrl=https%3A%2F%2Fapp.uptain.de%2Fv2&url=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&__up_qp_uptainConfigUrl=https://app.uptain.de/v2/configs/&__up_qp_uptainBaseUrl=https://app.uptain.de&__up_dp_type=article&__up_dp_lang=de&screen_height=1200&screen_width=1600&window_height=1200&window_width=1600&version=2.7-104-gcde2c6a3
Frame ID: E50CE21D00A8545AFF12327F787E561E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=showslot.com&origin=onetag
Frame ID: 99BE83EE44F5662D66AE08E153D72587
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fshowslot.com
Frame ID: 191286017E8A9D18BABE5D85E3F15A31
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 0B99B7FDA8AEE643128D5A5DB17801A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MORD IM ORIENTEXPRESS - ShowSlot

Page URL History Show full URLs

https://mord-im-orient-express.live/ HTTP 301
https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirec... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

101
Requests

100 %
HTTPS

47 %
IPv6

28
Domains

35
Subdomains

34
IPs

5
Countries

1741 kB
Transfer

5179 kB
Size

18
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eventim.de/city/bremen-2/?affiliate=NG8&utm_medium=dp
Title: TICKETS SICHERN

Search URL Search Domain Scan URL

URL: https://www.eventim.de/city/duisburg-53/?affiliate=NG8&utm_medium=dp
Title: TICKETS SICHERN

Search URL Search Domain Scan URL

URL: https://www.eventim.de/city/frankfurt-6/?affiliate=NG8&utm_medium=dp
Title: TICKETS SICHERN

Search URL Search Domain Scan URL

URL: https://www.eventim.de/city/hamburg-7/?affiliate=NG8&utm_medium=dp
Title: TICKETS SICHERN

Search URL Search Domain Scan URL

URL: https://www.eventim.de/city/koeln-9/?affiliate=NG8&utm_medium=dp
Title: TICKETS SICHERN

Search URL Search Domain Scan URL

URL: https://www.eventim.de/city/mannheim-1634/?affiliate=NG8&utm_medium=dp
Title: TICKETS SICHERN

Search URL Search Domain Scan URL

URL: https://www.eventim.de/city/muenchen-11/?affiliate=NG8&utm_medium=dp
Title: TICKETS SICHERN

Search URL Search Domain Scan URL

URL: https://www.eventim.de/city/stuttgart-12/?affiliate=NG8&utm_medium=dp
Title: TICKETS SICHERN

Search URL Search Domain Scan URL

URL: https://www.eventim.de/?affiliate=SNF&utm_medium=dp
Title: Eventim.de

Search URL Search Domain Scan URL

URL: https://support.showslot.com/hc/de
Title: Zum Hilfecenter

Search URL Search Domain Scan URL

URL: https://support.showslot.com/
Title: Hilfecenter & Kontakt

Search URL Search Domain Scan URL

URL: https://business.safety.google/privacy/
Title: Google Privacy-Info

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mord-im-orient-express.live/ HTTP 301
https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

101 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
showslot.com/mord-im-orientexpress/
Redirect Chain

https://mord-im-orient-express.live/
https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

74 KB
17 KB

156ms
70ms

Document
text/html

172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a849f6f58c8be2195864bebf47181f05dd3fd93645300649696c6ce3a370d1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 46179
alt-svc: h3=":443"; ma=86400
cache-control: max-age=691200
cf-apo-via: tcache
cf-cache-status: HIT
cf-edge-cache: cache,platform=wordpress
cf-ray: 8f0fae801a989f96-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 12 Dec 2024 18:12:16 GMT
expires: Wed, 11 Dec 2024 21:03:03 GMT
last-modified: Wed, 11 Dec 2024 20:53:03 GMT
link: <https://showslot.com/wp-json/>; rel="https://api.w.org/", <https://showslot.com/wp-json/wp/v2/pages/8472>; rel="alternate"; title="JSON"; type="application/json", <https://showslot.com/?p=8472>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uD%2FMMkFVtwaXfmgeQWD30Bw3cfLQm6uSRPEu10b7gwQiM0gJPcx15BrW9e7UQ1YzZO9TUFIKCK8BFxes3A9xjwX4vtmBBwxdGE%2B3fxQlQJBL6TcP3Ua8Sd6AE6FElg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="HIT" cfL4;desc="?proto=QUIC&rtt=17287&min_rtt=14836&rtt_var=5538&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4294&recv_bytes=4511&delivery_rate=42461&cwnd=12000&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=106&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: max-age=3600
cf-ray: 8f0fae7f4acf0ba8-AMS
content-length: 167
content-type: text/html
date: Thu, 12 Dec 2024 18:12:15 GMT
expires: Thu, 12 Dec 2024 19:12:15 GMT
location: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XEV1FFQVM%2Bmb%2BlD1Pr2LuGAYDIEWzdKd%2ByHhWKHwccGfd6lrISAz5T6V2Cijz13s0fAKRbWngs12bK%2F9BSq6CbYiaarRAF8Fs6EbNHXxyH8%2FqxtegM%2BG8%2BUZfhMchQZ76FsA6Lth2fH%2BN2L5b50%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 bootstrap.min.css
showslot.com/wp-content/themes/showslot/css/ 152 KB
24 KB 55ms
50ms Stylesheet
text/css 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/css/bootstrap.min.css

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc77c5873fbd6439d90edfdff08e736dc9085d2fd75ec6e95dc6369e73c3e469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"25fbe-5d7e9c47af25b-br"
age: 97770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NR9T6xOMyC2z5pUP3tAJnHz5XPoGlZQ598nU0ySVo33MncArOxWXbdgcpTotv3GU%2FP9teuoltik8j56A7b%2FYtYEGG5RDGfxHKHg%2FBYGigjDoB11RFq%2Bahi5rinV0Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 14 Dec 2024 17:38:40 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16150&min_rtt=14655&rtt_var=1108&sent=35&recv=33&lost=0&retrans=0&sent_bytes=24963&recv_bytes=10720&delivery_rate=436098&cwnd=22800&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=216&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/css
last-modified: Sun, 13 Feb 2022 17:38:27 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae80ebc29f96-AMS
server: cloudflare

GET
H3 200 style.css
showslot.com/wp-content/themes/showslot/css/ 33 KB
6 KB 66ms
55ms Stylesheet
text/css 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/css/style.css?ver=7

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0ba0ebc5486fb8754c964b7412178bb58758c1f1ff036f60fdc6e4a26ad3c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"827f-6117b0d0d9a52-br"
age: 1170845
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbqx5oTYi3tX3nTE9Mg%2B0LUC89QgYRCFVek8syXN3HsfNseEfl1alXtB%2FAW77zJpxNrIz8oe%2BMYTzSZ40Ki1AOptQ%2F%2BeNwRfqggjXWLqeT6MFm7NpanyuGwnJsMLGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 05:29:48 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16150&min_rtt=14655&rtt_var=1108&sent=52&recv=33&lost=0&retrans=0&sent_bytes=45338&recv_bytes=10720&delivery_rate=436098&cwnd=22800&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=220&x=1", cfExtPri, cfHdrFlush;dur=7
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/css
last-modified: Fri, 16 Feb 2024 07:54:17 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae80ebcf9f96-AMS
server: cloudflare

GET
H3 200 aos.css
showslot.com/wp-content/themes/showslot/css/ 25 KB
2 KB 46ms
39ms Stylesheet
text/css 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/css/aos.css

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"65c5-5d3a3a6ad833b-br"
age: 1044723
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BBlccCrU6oql2hd5%2FmuAiJZDKoTvKfXmd4QEpMhopukueLJmtesFZewk9wKdluIwpVsiUItkBh6KTxdWgesLnGbjt69%2FB%2Bn69yHyWrAq0%2BJSE506L6ZpCjAWPrRHFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 07:10:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16150&min_rtt=14655&rtt_var=1108&sent=32&recv=33&lost=0&retrans=0&sent_bytes=22538&recv_bytes=10720&delivery_rate=436098&cwnd=22800&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=212&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/css
last-modified: Tue, 21 Dec 2021 08:18:33 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae80ebd49f96-AMS
server: cloudflare

GET
H3 200 responsive.css
showslot.com/wp-content/themes/showslot/css/ 23 KB
6 KB 67ms
59ms Stylesheet
text/css 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/css/responsive.css?ver=5

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36550dcb5d7bae141b362cb37b80b64f0ba0fa43fd7ade5350b86d482746c9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"92c2-5e6fd0bba371f-br"
age: 1044722
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VC8OQ29VZ8FQRbH8kaUYSdfUz3noeJWvTh3csw1kMBILbj%2B5AQ1vrLNc0DPTF48%2FoKBGhOAn28GYnhH32yHezSAcb3%2BD8c8fm7PFLw8Ua1yKfHxG9I6TA5me4P8s8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 05:51:14 GMT
cf-polished: origSize=37570
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16150&min_rtt=14655&rtt_var=1108&sent=52&recv=33&lost=0&retrans=0&sent_bytes=45338&recv_bytes=10720&delivery_rate=436098&cwnd=22800&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=218&x=1", cfExtPri, cfHdrFlush;dur=14
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 13:56:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae80ebd79f96-AMS
server: cloudflare

GET
H3 200 swiper-bundle.min.css
showslot.com/wp-content/themes/showslot/css/ 15 KB
5 KB 67ms
60ms Stylesheet
text/css 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/css/swiper-bundle.min.css

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341e796999f75315cb6f6842363c57def0196cd31675a6023cd7db7ad0eee8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"3ccb-5d3a3a6ad40d3-br"
age: 1044722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpUR3zdNfg4rn40LvAznGRKRZQPoXn9OeL1eDEqEphuB%2B27i4ET2ASL%2B8kFKEVKdRzakNtOassL2kG3g76dJ30FFzJPazu9cQIR8oENm%2FXb0QFFzRjZ3Gvtpbp8uKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 17:56:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16150&min_rtt=14655&rtt_var=1108&sent=45&recv=33&lost=0&retrans=0&sent_bytes=36963&recv_bytes=10720&delivery_rate=436098&cwnd=22800&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=217&x=1", cfExtPri, cfHdrFlush;dur=15
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/css
last-modified: Tue, 21 Dec 2021 08:18:33 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae80ebdc9f96-AMS
server: cloudflare

GET
H2 200 video-js.css
vjs.zencdn.net/7.17.0/ 45 KB
11 KB 73ms
19ms Stylesheet
text/css 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.17.0/video-js.css
Requested by: Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d86730f73982f170cb0943d0d47c3c2520743d6a3d6cf5330cde12667df675ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

timing-allow-origin: *
content-encoding: gzip
etag: "514fccb15bdc95ea2c2b6fddaded8ecc"
access-control-allow-origin: *
x-cache: HIT
content-length: 10921
date: Thu, 12 Dec 2024 18:12:16 GMT
last-modified: Wed, 10 Nov 2021 19:41:49 GMT
content-type: text/css
x-served-by: cache-bru1480025-BRU
x-cache-hits: 1
vary: Accept-Encoding

GET
H3 200 global.css
showslot.com/wp-content/themes/showslot/css/ 2 KB
1 KB 67ms
60ms Stylesheet
text/css 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/css/global.css

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf5ade8d8da984919a262bdaca3e3f8f2dc0fa0ea82e86f669ea2d3cc6aa6252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"92c-5d7aa21d2549e-br"
age: 620532
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kmsy07WJ5nW1FVXqmG72vlBLWlVe32nr%2BkOVQplFutiFo4VEh5dI7ALaJIq0jFARooSyKW3lON7A5LfDSXzv1uyBkziAscB2k1BU6VFlHH7zUPsqGX7IVlNA5ADA9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 01 Jan 2025 07:28:45 GMT
cf-polished: origSize=2348
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16150&min_rtt=14655&rtt_var=1108&sent=52&recv=33&lost=0&retrans=0&sent_bytes=45338&recv_bytes=10720&delivery_rate=436098&cwnd=22800&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=221&x=1", cfExtPri, cfHdrFlush;dur=11
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 13:43:15 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae80ebde9f96-AMS
server: cloudflare

GET
H3 200 logo.svg
showslot.com/wp-content/themes/showslot/images/ 8 KB
4 KB 65ms
60ms Image
image/svg+xml 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/themes/showslot/images/logo.svg

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d2bf0ba5f422ad4f4b55e71d0ad6d8c9c3e5901ec4d914d7ea4d9ea97df0d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2048-5d3a3a7f38a1a"
age: 1024376
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vuyd1VS7D%2FI7dORFNaMhkWmLAcVZRVRVkuiY4jefLLaiIsiCzZ4WBrd3X4UH8TouRYfrJihyc%2By8%2Fh%2Bzz6R3bbRGDST41n88oRaBeY%2BmD9a0%2Bk6DLhCzXNRisbMnzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 14 Dec 2024 21:57:07 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16150&min_rtt=14655&rtt_var=1108&sent=52&recv=33&lost=0&retrans=0&sent_bytes=45338&recv_bytes=10720&delivery_rate=436098&cwnd=22800&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=227&x=1", cfExtPri, cfHdrFlush;dur=5
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/svg+xml
last-modified: Tue, 21 Dec 2021 08:18:54 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae80ebe09f96-AMS
server: cloudflare

GET
H3 200 m-logo.svg
showslot.com/wp-content/themes/showslot/images/mobile/ 915 B
1 KB 63ms
61ms Image
image/svg+xml 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/themes/showslot/images/mobile/m-logo.svg

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a520bdb102175e1ce42323eab2dc82037ef7ddd1092eead5744e18a8d842775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"393-5d3a3a80164e5"
age: 104220
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOixS3lbTSGItLqisRLD%2Bsd2ty4LCh0ddYu9AvhCKdDFC0T2n57a1vS0YhZkhPDnBcz%2BHeeooTNZTTi0qm7ht%2B4r2w9z2HdoK8oD58Ttkb1R99nFcEYUezlRZFAN0g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 31 Dec 2024 02:04:40 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16150&min_rtt=14655&rtt_var=1108&sent=35&recv=33&lost=0&retrans=0&sent_bytes=24963&recv_bytes=10720&delivery_rate=436098&cwnd=22800&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=216&x=1", cfExtPri, cfHdrFlush;dur=16
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/svg+xml
last-modified: Tue, 21 Dec 2021 08:18:55 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae80ebe49f96-AMS
server: cloudflare

GET
H3 200 MIOX_Logo_schatten_600x316.png
showslot.com/wp-content/uploads/2024/11/ 35 KB
36 KB 146ms
144ms Image
image/webp 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/uploads/2024/11/MIOX_Logo_schatten_600x316.png

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9ef8e5e074c2d9aa87625297b9a2c401d85a20cf34c439d2411216de3fc9115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

cf-bgj: imgq:85,h2pri
etag: "da8b-626258e299718"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQdFzLs7tEyyKfvEnsb3MiUgUdW%2Fzm%2BTYnieMarYC%2Bu2M4NQwmvoIHCXaznWD2OKCAoq1SOglDb7dtxUG0HVZE45wawx8OYTfuoVal2qaOIzwo0UyfM7vei3KyDRyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 17:19:31 GMT
cf-polished: origFmt=png, origSize=55947
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=393&recv=96&lost=0&retrans=0&sent_bytes=433606&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=306&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/webp
content-disposition: inline; filename="MIOX_Logo_schatten_600x316.webp"
vary: Accept
last-modified: Tue, 05 Nov 2024 07:43:20 GMT
priority: u=2,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae810c099f96-AMS
accept-ranges: bytes
content-length: 35988
server: cloudflare

GET
H3 200 MIOX_Logo_schatten_600x316-375x198.png
showslot.com/wp-content/uploads/2024/11/ 27 KB
28 KB 57ms
55ms Image
image/webp 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/uploads/2024/11/MIOX_Logo_schatten_600x316-375x198.png

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9152ead7c21e6070225f6e7015180028381b3f31a6b2e24c2380ec01d82eb17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

cf-bgj: imgq:85,h2pri
etag: "9f4d-626258e729242"
age: 3135560
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZdJPYO208W9U8ra%2B%2F2ohWGyE%2F73XatGK8g3jnvlGpL3epbWsQOIt1O11IUHYFlZq7u5q%2FEMgvWWpcXSmsPX3lZmbGOVD4c6KU5Qb9HLs17gBbGjT1gQhO81d%2BlQTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 08:36:40 GMT
cf-polished: origFmt=png, origSize=40781
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17983&min_rtt=14655&rtt_var=2823&sent=92&recv=45&lost=0&retrans=0&sent_bytes=86948&recv_bytes=11236&delivery_rate=555685&cwnd=37500&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=243&x=1", cfExtPri, cfHdrFlush;dur=4
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/webp
content-disposition: inline; filename="MIOX_Logo_schatten_600x316-375x198.webp"
vary: Accept
last-modified: Tue, 05 Nov 2024 07:43:25 GMT
priority: u=2,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae810c0e9f96-AMS
accept-ranges: bytes
content-length: 27538
server: cloudflare

GET
H3 200 MiOX_Text1.jpg
showslot.com/wp-content/uploads/2024/11/ 78 KB
79 KB 48ms
46ms Image
image/webp 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/uploads/2024/11/MiOX_Text1.jpg

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98da5a7407e069a789ce9cfccdc767b1ca4ec683d947b0ced8f5212c4cbca2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

cf-bgj: imgq:85,h2pri
etag: "52385-626264556f232"
age: 3203291
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Gbm9tkEaL7O5ujsoXwYCMMrPEoez%2FVHmG6EneTKi0qp%2BZLoe1qiDIKah7G0r5op2slhidJ1AH03a0e%2F0z416Sl89F6UlpZyzcMoWC%2Fqc7g%2F7nwWZy%2BB6ZtT0qOEBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 08:36:19 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=336773
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18927&min_rtt=14655&rtt_var=2121&sent=84&recv=43&lost=0&retrans=0&sent_bytes=79087&recv_bytes=11150&delivery_rate=517990&cwnd=36600&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=236&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/webp
content-disposition: inline; filename="MiOX_Text1.webp"
vary: Accept
last-modified: Tue, 05 Nov 2024 08:34:34 GMT
priority: u=2,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae810c109f96-AMS
accept-ranges: bytes
content-length: 80012
server: cloudflare

GET
H3 200 MiOX_Text2.jpg
showslot.com/wp-content/uploads/2024/11/ 96 KB
96 KB 74ms
72ms Image
image/webp 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/uploads/2024/11/MiOX_Text2.jpg

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea595f63bb6ce1595abcfed7d75878b3a97693bec20b3e7991a6502c684ce837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

cf-bgj: imgq:85,h2pri
etag: "87c87-6262645b66b09"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbNSR57qh3icg5BqQpjR%2BXMGbP%2FjKXfyhMKwT0shYcc5Ef4lT3%2BF8ZmV0lmxHGzAipsEls0XY2X72ZU8cdbHKzliaW2cgfzLv%2B7k6Xm29Hgs8KCYpBvv7JmyPj3zfg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 22:26:14 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=556167
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15677&min_rtt=14655&rtt_var=576&sent=135&recv=59&lost=0&retrans=0&sent_bytes=136987&recv_bytes=11850&delivery_rate=685493&cwnd=57900&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=251&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/webp
content-disposition: inline; filename="MiOX_Text2.webp"
vary: Accept
last-modified: Tue, 05 Nov 2024 08:34:40 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae810c129f96-AMS
accept-ranges: bytes
content-length: 97940
server: cloudflare

GET
H3 200 fragen.png
showslot.com/wp-content/uploads/2022/02/ 3 KB
4 KB 73ms
71ms Image
image/webp 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/uploads/2022/02/fragen.png

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47fbb810446552b7b810897dcb760c9f8e11c975ff004f8686f7a8b77c14ccd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

cf-bgj: imgq:85,h2pri
etag: "192b-5d7e24936bc25"
age: 780219
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNE%2BYmNYCau70VBxrLKcGhsOhovKFDTaWWJ3mbGuTLUx2YjYrYH7VYJ6mOkmkTaDyLPEqwLMyILpJp7%2FywxbOY6oT1yfs8evMoAE4TOi0tRZOAo0PaqK8PBf3bjSyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 14 Oct 2025 17:56:31 GMT
cf-polished: origFmt=png, origSize=6443
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18927&min_rtt=14655&rtt_var=2121&sent=87&recv=43&lost=0&retrans=0&sent_bytes=81938&recv_bytes=11150&delivery_rate=517990&cwnd=36600&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=237&x=1", cfExtPri, cfHdrFlush;dur=5
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/webp
content-disposition: inline; filename="fragen.webp"
vary: Accept
last-modified: Sun, 13 Feb 2022 08:42:54 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae810c179f96-AMS
accept-ranges: bytes
content-length: 3456
server: cloudflare

GET
H3 200 rocket-loader.min.js Show response
showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 44ms
42ms Script
application/javascript 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675318bd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaFvPjP7IF8ZaQWxIpYnEh7wO5pMSLzv%2FLPOBFchmcJEibJTkQQtouHm%2FOGXZfjCFow%2F1CknjwWg9f8fmFrXK2p95Zmf4NZfEo5VfdD3yt7lNrYimXmidSSIF%2Fi8iw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f0fae810c199f96-AMS
expires: Sat, 14 Dec 2024 18:12:16 GMT
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 69ms
28ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://showslot.com
Referer: https://showslot.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8f0fae814e2f9fa5-AMS
access-control-allow-origin: *
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 676d8f37c59f35185a911647538c718049f1c9db038241b885b716f3449a458e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.17.0/ 558 KB
156 KB 21ms
17ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.17.0/video.min.js
Requested by: Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0e12b6aea62f8d1c2e29e27393e231a8a17472728b303b586e2d4fb3ff5b481f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

timing-allow-origin: *
content-encoding: gzip
etag: "6d53ab10ac8d6c3be0ee1df6b4bdc00f"
access-control-allow-origin: *
x-cache: HIT
content-length: 159939
date: Thu, 12 Dec 2024 18:12:16 GMT
last-modified: Wed, 10 Nov 2021 19:41:49 GMT
content-type: application/javascript
x-served-by: cache-bru1480025-BRU
x-cache-hits: 42
vary: Accept-Encoding

GET
H3 200 custom.js Show response
showslot.com/wp-content/themes/showslot/js/ 8 KB
3 KB 53ms
50ms Script
application/javascript 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/js/custom.js?ver=139

Requested by

Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4de05b6668ac00b733e7e5f790e79204d1603d3f0baab4ed32ac528fdec788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"214a-616571ac4cf0c-br"
age: 92491
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQrxI2v78aVon0054ezJa6064zngXqWAUk3OsqfoWL7S0ri81zLoq%2Fr0nqWG7g1cHZiP73eyTdYqK1ILV7WDhxsO5%2BUNG1W%2BMZ2rgJe6WQvBoE7%2Fl08UuDf3prPNow%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 04 Jan 2025 06:31:33 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=275&recv=96&lost=0&retrans=0&sent_bytes=296326&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=296&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 04:07:07 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae817cb29f96-AMS
server: cloudflare

GET
H3 200 moment.min.js Show response
showslot.com/wp-content/themes/showslot/js/ 61 KB
21 KB 53ms
51ms Script
application/javascript 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/js/moment.min.js

Requested by

Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fd8182137ac717e1b8864226b012771a08e2ec3ce387b61a3d25cd9d4e63ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"f232-5d4323efccb6f-br"
age: 660949
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hct5MT0Ox7lH76TTqwdaEXPhbtf5rp4pCQIB24KvJVYEbRAEHmheqWJjkfM2ubU87psswNFID5lfxGq0y7rOlSlNeGXXag7QrzHS97vUdXIkWQ3C%2FZTkimlHhNr06Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 19:19:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=278&recv=96&lost=0&retrans=0&sent_bytes=299646&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=296&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 10:25:53 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae817cb39f96-AMS
server: cloudflare

GET
H3 200 bootstrap.bundle.min.js Show response
showslot.com/wp-content/themes/showslot/js/ 77 KB
23 KB 55ms
53ms Script
application/javascript 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/js/bootstrap.bundle.min.js

Requested by

Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"13397-5d3a3a65df86e-br"
age: 660949
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J9RzdaCJ7G3YBHcHnRg1gw6Jv2UcwRMPVYpPEeg3inz80QF8TSCZSWg%2F3hUdNQEYytUO1GMSJhsWlFTg3AvxWGc09NeKoQYvZuKpfWB%2BA%2FXrM4DL1uQkNNB3FcDYGg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 01:44:28 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=325&recv=96&lost=0&retrans=0&sent_bytes=354850&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=300&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Tue, 21 Dec 2021 08:18:27 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae817cb69f96-AMS
server: cloudflare

GET
H3 200 swiper-bundle.js Show response
showslot.com/wp-content/themes/showslot/js/ 133 KB
39 KB 57ms
54ms Script
application/javascript 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/js/swiper-bundle.js

Requested by

Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"212e8-5d44b12e77527-br"
age: 248644
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ne1dUWpHNbC8zmq2vAK3GFy5QLdnypnBI16YxP8Uy9cpRPcrQKrg2aiVaOty8yd9lwy%2F0T%2BgyEoXV%2FmdAU1VrhuiXEDUaetRQyAGOb5uO2OLruyzoYuvyT4Edg49eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 06:21:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=345&recv=96&lost=0&retrans=0&sent_bytes=378850&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=302&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Wed, 29 Dec 2021 16:03:08 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae817cb79f96-AMS
server: cloudflare

GET
H3 200 jquery-3.5.1.slim.min.js Show response
showslot.com/wp-content/themes/showslot/js/ 87 KB
32 KB 53ms
51ms Script
application/javascript 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/js/jquery-3.5.1.slim.min.js

Requested by

Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"15d9c-5d3e0879f4f64-br"
age: 1342018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FnYCTLPeetEMwTVPhaYc5khYCYGXrO1NGFCZG2hlj3ERruIJ%2F1arFQtTQBiukoZ80cFt9OWyYExvTRyGeQ%2BC5SShMaFKxYPfr6HsufR9zZNWLlmnUtOhjdKCai6W1g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 06:31:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=297&recv=96&lost=0&retrans=0&sent_bytes=321429&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=298&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Fri, 24 Dec 2021 08:56:25 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae817cbb9f96-AMS
server: cloudflare

GET
H3 200 aos.js Show response
showslot.com/wp-content/themes/showslot/js/ 14 KB
5 KB 78ms
76ms Script
application/javascript 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/js/aos.js

Requested by

Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"379f-5d3a3a65ba2ca-br"
age: 660949
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iOJoLyQlAxvhR3AJgI8n6WtksRwmSbFlP0tSsw%2B5fCFricS5Fz7yPgyKdELRBx6QAupW4m1VIoPYj%2B7wkUoFSN3Yb7NNXtnDUIP%2F9hzebUTi0wZ2WytR%2BuS89%2FJ7UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 14 Dec 2024 21:33:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=380&recv=96&lost=0&retrans=0&sent_bytes=419755&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=304&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Tue, 21 Dec 2021 08:18:27 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae817cbc9f96-AMS
server: cloudflare

GET
H3 200 masonry.pkgd.min.js Show response
showslot.com/wp-content/themes/showslot/js/ 24 KB
8 KB 77ms
75ms Script
application/javascript 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/js/masonry.pkgd.min.js

Requested by

Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5e27-5d3a3a65e3306-br"
age: 1170845
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TdLL66idfdB6j6cOZP8RHfNJv5u7nigohj4yeTbIXnaR%2FcwpJkN%2BN7YkWKUMlc4mchToubuoCsVea%2BYF2tLHWUOllEIQxKmVpS1zlgbrNlhCjwrfdhV4%2Bv%2BFkyJt7w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 28 Dec 2024 04:37:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=385&recv=96&lost=0&retrans=0&sent_bytes=425033&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=305&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Tue, 21 Dec 2021 08:18:27 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae817cbe9f96-AMS
server: cloudflare

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v7/ 43 KB
14 KB 164ms
35ms Script
application/javascript 13.32.23.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Requested by: Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9206ba27ab33effd43093776bb54588a1df2103964e14da7b93322836617d69b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

Content-Encoding: gzip
ETag: W/"e8568c163174e8c2e5f336eaaaecd340"
x-amz-version-id: f16Cc._ARQFq6z9lYMvuaoOCfNG4aVmw
Age: 11804469
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 47OaQ3Ix6tpmxu76_-sGkhvxi8A16-BjnG_gw1vK_n1BsF3Vau4BIw==
Date: Mon, 29 Jul 2024 03:11:08 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 03 Jul 2024 16:01:44 GMT
Transfer-Encoding: chunked
Cache-Control: public, max-age=315360000
Connection: keep-alive
Via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 uptain.js Show response
app.uptain.de/js/ 33 KB
9 KB 129ms
26ms Script
text/javascript 99.86.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uptain.de/js/uptain.js?x=dhQde1Qg9iVRqeOC
Requested by: Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-80.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a389baab07521e7adf865e75bf98cfb646aaaf40523b2ce9a3e8d304424ed2e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

vary: accept-encoding, Origin
content-encoding: br
etag: W/"42c29537f78e0789529d37647869c330"
x-amz-version-id: SjclFPwzjZMbsX86esy35GEbuznGSOCE
age: 67321
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: o9wro2wTOppg8VCRWFPJDd_skeFEpEqzivKD-5QbcHH4ItD80ONsDA==
date: Wed, 11 Dec 2024 23:30:16 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 09:42:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 22 KB
8 KB 149ms
49ms Script
application/javascript 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: showslot.com
URL: https://showslot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD14CFE5650EC1
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 69186
expires: Fri, 13 Dec 2024 18:12:16 GMT
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Thu, 05 Dec 2024 01:55:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: f4837c86-201e-0069-4e69-4712f0000000
cf-ray: 8f0fae821f311c8a-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7211
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 circle.png
showslot.com/wp-content/themes/showslot/images/ 640 B
1 KB 73ms
73ms Image
image/webp 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/themes/showslot/images/circle.png

Requested by

Host: showslot.com
URL: https://showslot.com/wp-content/themes/showslot/css/style.css?ver=7

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec6d609f38321b4de509c44f1aa17244c50ff2924d27e3b545bf717f11c38cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/wp-content/themes/showslot/css/style.css?ver=7

Response headers

cf-bgj: imgq:85,h2pri
etag: "6fc-5d3a3a7dcd5bd"
age: 6175872
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VmkME%2Bqn9lChdN%2FF6GihWaAzQEDoKF3W%2FHU9K%2FCfqORgTx%2Bn5aHXa%2F10AoEVbR1oGrAo2IU48kF3cj55jHpJiyjMmX7Fk6E7sltMQud3UuwxaMnEjzKH5RMXILEmA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 15:29:39 GMT
cf-polished: origFmt=png, origSize=1788
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16695&min_rtt=14514&rtt_var=1819&sent=425&recv=99&lost=0&retrans=0&sent_bytes=471237&recv_bytes=17102&delivery_rate=1759582&cwnd=184200&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=316&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/webp
content-disposition: inline; filename="circle.webp"
vary: Accept
last-modified: Tue, 21 Dec 2021 08:18:52 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae818cd49f96-AMS
accept-ranges: bytes
content-length: 640
server: cloudflare

GET
H3 200 MIOX_Website_HG_1440x1080-2.jpg
showslot.com/wp-content/uploads/2024/11/ 73 KB
74 KB 92ms
92ms Image
image/webp 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/uploads/2024/11/MIOX_Website_HG_1440x1080-2.jpg

Requested by

Host: showslot.com
URL: https://showslot.com/wp-content/themes/showslot/css/style.css?ver=7

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bc20849d2544dedc610864655aab1d15d57646a05587d7f667e060390f1d9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/wp-content/themes/showslot/css/style.css?ver=7

Response headers

cf-bgj: imgq:85,h2pri
etag: "73858-6263be20bcb61"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uzstXP8sdMMGCDWYtdfJerwdVjV2gmmZtnF8bmIPu1vaoov8fvc609RBeR9%2BZpoz1jQgzodtLmj8WSjqhiZR1ygNZYOUF8T2VQlhzLcTxwKV8PmcvB%2FXYh%2BJCLsQjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 20:58:03 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=473176
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23363&min_rtt=14514&rtt_var=5373&sent=430&recv=107&lost=0&retrans=0&sent_bytes=476184&recv_bytes=17462&delivery_rate=6525965&cwnd=184200&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=335&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/webp
content-disposition: inline; filename="MIOX_Website_HG_1440x1080-2.webp"
vary: Accept
last-modified: Wed, 06 Nov 2024 10:21:37 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae818cdb9f96-AMS
accept-ranges: bytes
content-length: 74464
server: cloudflare

GET
H3 200 coverimage.jpg
showslot.com/wp-content/uploads/2023/03/ 2 KB
3 KB 70ms
70ms Image
image/webp 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showslot.com/wp-content/uploads/2023/03/coverimage.jpg

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd21af98a1a413ea339cff00aba2eaf2e6c0dfaacf29a8b9792ebfdff4b632a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

cf-bgj: imgq:85,h2pri
etag: "4342-5f66668063723"
age: 1251550
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Rbe%2B2G7CkkWvmaJP4ROuJB0Zjq9ts2YusuchyHreK8U0dLQOmUMThNdUi5mkpoYbgMkAY0e2cBVL9Ny6Te37NSmwJvKygal5wcCgLREmEYLDzgduK8wXps4h0XGIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 19:26:54 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=17218
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15497&min_rtt=14514&rtt_var=319&sent=416&recv=96&lost=0&retrans=0&sent_bytes=461026&recv_bytes=16970&delivery_rate=7093580&cwnd=164700&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=313&x=1", cfExtPri, cfHdrFlush;dur=3
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/webp
content-disposition: inline; filename="coverimage.webp"
vary: Accept
last-modified: Wed, 08 Mar 2023 16:56:15 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae818ce29f96-AMS
accept-ranges: bytes
content-length: 2526
server: cloudflare

GET
H2 200 d7d33a53-0bcf-4f43-9a27-65bbc8a91d84.json Show response
cookie-cdn.cookiepro.com/consent/d7d33a53-0bcf-4f43-9a27-65bbc8a91d84/ 5 KB
2 KB 109ms
74ms XHR
application/x-javascript 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/d7d33a53-0bcf-4f43-9a27-65bbc8a91d84/d7d33a53-0bcf-4f43-9a27-65bbc8a91d84.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5351504db545fa24fc027b470b4d7d85cb0024de662f237594c6b1cbe61c4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: oZ/D0JC2HXd6Dh2m5ttlDA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD15F8882FEF6A
age: 17494
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/x-javascript
last-modified: Fri, 06 Dec 2024 13:18:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 8b0209f7-a01e-0048-43e1-47368b000000
cf-ray: 8f0fae82dfc366ae-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1728
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 424 KB
128 KB 123ms
60ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05806459e493d634369da8a07cab16a3ce370af4ee7c3dc24f7de98666a0a276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 12 Dec 2024 18:12:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130462
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 stm Show response
app.uptain.de/v2/ 172 B
553 B 25ms
23ms XHR
application/json 99.86.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uptain.de/v2/stm?x=dhQde1Qg9iVRqeOC
Requested by: Host: app.uptain.de
URL: https://app.uptain.de/js/uptain.js?x=dhQde1Qg9iVRqeOC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-80.fra6.r.cloudfront.net
Software: /
Resource Hash: f3f28c97d6267354a97df3c4b674064f3bddaa70b1a9151697cb21a332a826e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json; charset=utf-8
Referer: https://showslot.com/

Response headers

cache-control: max-age=172800
x-amz-apigw-id: CqVycEQaFiAEN2w=
age: 48600
x-amzn-trace-id: Root=1-675a69a8-2b58836e17535b00542368e7;Parent=0f44030935d94c77;Sampled=0;Lineage=1:9b485b16:0
access-control-allow-credentials: true
x-amzn-requestid: fd85ea12-6bb3-4371-a47d-0edbfae8bdc7
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 172
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 04:42:16 GMT
content-type: application/json
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: j4FdpBa3OLO7TP4ctxzqIBNshre9uMR4hxaQy0A5dPm5iplMPFv6EQ==

OPTIONS
H3 200 stm
app.uptain.de/v2/ Frame 0
0 52ms
24ms Preflight
application/json 99.86.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uptain.de/v2/stm?x=dhQde1Qg9iVRqeOC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-80.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://showslot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: *
access-control-max-age: 86400
age: 29836
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: application/json
date: Thu, 12 Dec 2024 09:55:00 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-apigw-id: CrDmSFvMliAEQwQ=
x-amz-cf-id: 8o8yeM1HlqDYVKylkengmgTdXZLzv1JnkX1TxfrQ0K6PRKXbPuRqlw==
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 7561fe0a-3b8f-454d-b659-eb2d6b25a72c
x-cache: Hit from cloudfront

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
88 B 152ms
150ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Bugsnag-Api-Key: 37144c9dd73556675a4664d405f86f5f
Referer: https://showslot.com/
Bugsnag-Sent-At: 2024-12-12T18:12:16.424Z
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/json

GET
H3 200 favicon.ico
showslot.com/wp-content/themes/showslot/favicon/ 15 KB
4 KB 45ms
44ms Other
image/vnd.microsoft.icon 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/wp-content/themes/showslot/favicon/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13aaa338cc3dd92e892cabe5442a3434a4a667a6ebe1c43c48861679d07ef2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"3aee-5dcea5b49cd5b"
age: 1041518
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RVl8u%2F2qTbK9hKqxrc7ULjhGYbXg0J8NMIJOCccilhzFmPqBuMa1Ew%2BREL%2BCQNY4eJKjTUg4W3wxz5AAKqUxUpRtm1pXGrCbntVGrr4w%2BiwAsNchU5pu%2FAaV%2F9KiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 14 Dec 2024 21:52:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40207&min_rtt=14514&rtt_var=8454&sent=497&recv=122&lost=0&retrans=0&sent_bytes=553278&recv_bytes=18536&delivery_rate=2924668&cwnd=184200&unsent_bytes=0&cid=60e1e0ade3cabf73&ts=504&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 18 Apr 2022 09:26:35 GMT
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae82beb99f96-AMS
server: cloudflare

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 213ms
150ms Preflight 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://showslot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 12 Dec 2024 18:12:16 GMT
via: 1.1 google

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 74 B
313 B 95ms
51ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

498b9857c51790a045b6b127fe4f95ef72e86dffd41b71f1d14d149a33e11b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://showslot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8f0fae83aa130bd1-AMS
access-control-allow-origin: *
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H3 200 / Show response
gc.showslot.com/ 16 B
768 B 106ms
49ms XHR
application/json 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gc.showslot.com/

Requested by

Host: showslot.com
URL: https://showslot.com/wp-content/themes/showslot/js/jquery-3.5.1.slim.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://showslot.com/

Response headers

access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ldXaZiq57fdymq%2FCtlws9ltwDPnC82Dd3Qp9uJCQhRsGkrYC8BB2w7waMR6Hx8x6bhfJ9ZoSDPuY9282Rz7BFLOdYcDskr0nUJ9rouSZRSix1clT8Qi%2BrGLhPPnlPA8ceA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14669&min_rtt=14425&rtt_var=3373&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4366&recv_bytes=4438&delivery_rate=41073&cwnd=12000&unsent_bytes=0&cid=6b546d3dcf68b04a&ts=77&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0fae83bd4506ca-AMS
access-control-allow-origin: *
content-length: 16
server: cloudflare
cf-apo-via: origin,host

POST
H3 204 rum Show response
showslot.com/cdn-cgi/ 0
138 B 22ms
21ms XHR
text/plain 172.67.73.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://showslot.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8f0fae836f859f96-AMS
access-control-allow-origin: https://showslot.com
date: Thu, 12 Dec 2024 18:12:16 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 main.js Show response
app.uptain.de/js/ 93 KB
22 KB 26ms
25ms Script
text/javascript 99.86.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uptain.de/js/main.js?uptainApiUrl=https://app.uptain.de/v2&uptainConfigUrl=https://app.uptain.de/v2/configs/&uptainBaseUrl=https://app.uptain.de&shopId=4989&x=dhQde1Qg9iVRqeOC
Requested by: Host: app.uptain.de
URL: https://app.uptain.de/js/uptain.js?x=dhQde1Qg9iVRqeOC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-80.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8246efbfde0b1c96b7c2571b6fcc1f88ad07ff65ddff1703ae731cf95f4f5c0d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

vary: accept-encoding, Origin
content-encoding: br
etag: W/"663966db0fa5316e98a30e7822addff4"
x-amz-version-id: PNzU6QqFKsCMjIjkQhecOtHfE4_y5dNk
age: 72906
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 0a829R2GHeKARM2RUj_-STK3aKdvWs1Y3zoyKAPrkOKjJw7uBYMMpA==
date: Wed, 11 Dec 2024 21:57:11 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 09:42:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256

GET
H2 200 index.html
app.uptain.de/static/ Frame E50C 0
0 326ms
280ms Document
text/html 99.86.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uptain.de/static/index.html?sToken=dhQde1Qg9iVRqeOC&shopId=4989&__up_tabId=20928539-c4f9-41b4-aa91-e4c96daa3367&__up_clientId=e12f7d15-7a22-4ad5-8ae2-9fb2f0ed73a4&__up_sessionId=null&uptainApiUrl=https%3A%2F%2Fapp.uptain.de%2Fv2&url=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&__up_qp_uptainConfigUrl=https://app.uptain.de/v2/configs/&__up_qp_uptainBaseUrl=https://app.uptain.de&__up_dp_type=article&__up_dp_lang=de&screen_height=1200&screen_width=1600&window_height=1200&window_width=1600&version=2.7-104-gcde2c6a3
Requested by: Host: app.uptain.de
URL: https://app.uptain.de/js/main.js?uptainApiUrl=https://app.uptain.de/v2&uptainConfigUrl=https://app.uptain.de/v2/configs/&uptainBaseUrl=https://app.uptain.de&shopId=4989&x=dhQde1Qg9iVRqeOC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-3.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://showslot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 77061
alt-svc: h3=":443"; ma=86400
content-length: 152
content-type: text/html
date: Wed, 11 Dec 2024 20:47:56 GMT
etag: "720d7159e47933c3b5e9a69a4bf7ee5f"
last-modified: Wed, 16 Oct 2024 09:42:46 GMT
server: AmazonS3
vary: accept-encoding Origin
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-id: k11MtO3Rs5Po3T3wyHibW9uzS4uAHxiy-pzEClc2WDn322PQEu5KrA==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: kImsfMasaI2HPdDLidokPShP_zgV1U5c
x-cache: Hit from cloudfront

GET
H3 200 de Show response
app.uptain.de/v2/configs/dhQde1Qg9iVRqeOC/ 360 B
771 B 32ms
31ms Script
application/javascript 99.86.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uptain.de/v2/configs/dhQde1Qg9iVRqeOC/de
Requested by: Host: app.uptain.de
URL: https://app.uptain.de/js/main.js?uptainApiUrl=https://app.uptain.de/v2&uptainConfigUrl=https://app.uptain.de/v2/configs/&uptainBaseUrl=https://app.uptain.de&shopId=4989&x=dhQde1Qg9iVRqeOC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-80.fra6.r.cloudfront.net
Software: /
Resource Hash: 47066eaafdd77cffe6c0083f94393ff8f899324d17bd6ff3b76703dc04db0605

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

age: 32216
x-amzn-requestid: e24f5419-7515-430a-8fc3-0c38580b1fe2
expires: Thu, 12 Dec 2024 21:15:20 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: e_3xa-9MsV3W4Zk7AbXzXKLoo9wIawvDNls8Hm_HJTOV2Kx0hdYqoQ==
date: Thu, 12 Dec 2024 09:15:20 GMT
content-type: application/javascript
cache-control: max-age=43200
x-amz-apigw-id: Cq9ybGdmFiAEL5w=
x-amzn-trace-id: Root=1-675aa9a8-639cbc1045ba81302d4ae596;Parent=541b9287fca0d770;Sampled=0;Lineage=1:9338696d:0
access-control-allow-credentials: true
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 360
x-amz-cf-pop: FRA6-C1

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
22 KB 110ms
35ms Script
application/javascript 2a02:2638:3::7
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=101893

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

af56b03668d04f400793e293c01779d2a0d4b0674bcd82c943801704a5792282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: public,max-age=10800
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: Kestrel

GET
H2 200 hysk30a62f Show response
www.clarity.ms/tag/ 717 B
972 B 526ms
200ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hysk30a62f?ref=gtm2
Requested by: Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e5c66d023e5989e915e7919aca4f41f8177984f9fe3c2cfef6711411ae98110a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 717
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/x-javascript
x-azure-ref: 20241212T181216Z-r19785d46cbsn46thC1AMSh2xg00000008a0000000000hbu

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/202403.1.0/ 442 KB
107 KB 50ms
50ms Script
application/javascript 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202403.1.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d1137d21f3ba78b8a882dbf77f7c88712ad02a3f5efdce5ff996a67c15a6bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: kUodklFyKXDEOUEPkRF3YA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5DFE870A223
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 49236
expires: Fri, 13 Dec 2024 18:12:16 GMT
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 21:40:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 6ba383b8-101e-0010-044e-41eed4000000
cf-ray: 8f0fae8429c51c8a-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 109667
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 de Show response
app.uptain.de/v2/content/optin/fomo/4989/0/ 27 KB
6 KB 1234ms
1234ms Script
application/x-javascript 99.86.4.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.uptain.de/v2/content/optin/fomo/4989/0/de
Requested by: Host: app.uptain.de
URL: https://app.uptain.de/js/main.js?uptainApiUrl=https://app.uptain.de/v2&uptainConfigUrl=https://app.uptain.de/v2/configs/&uptainBaseUrl=https://app.uptain.de&shopId=4989&x=dhQde1Qg9iVRqeOC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-80.fra6.r.cloudfront.net
Software: /
Resource Hash: 1569b8b0ae1964db4c09ec05d926e576a4c4349a55679488fe366255e6930386

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: gzip
x-amzn-requestid: 8508b3f0-a526-444b-8f07-fa8515e0c8a4
expires: Thu, 12 Dec 2024 18:17:17 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: M-chJNNjt-mbBd_rLBzd4p6l3NFxm3AZndalZFMeGXeluffUNMtfHQ==
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: max-age=300
x-amz-apigw-id: CsMcKGi8liAEP4w=
x-amzn-trace-id: Root=1-675b2780-5748116009bd13866d0d346c
access-control-allow-credentials: true
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1

GET
H2 200 de.json Show response
cookie-cdn.cookiepro.com/consent/d7d33a53-0bcf-4f43-9a27-65bbc8a91d84/018e7559-56f9-79d6-b02b-24ea5448e896/ 132 KB
27 KB 55ms
55ms Fetch
application/x-javascript 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/d7d33a53-0bcf-4f43-9a27-65bbc8a91d84/018e7559-56f9-79d6-b02b-24ea5448e896/de.json

Requested by

Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ccf48cc0ba27f2fcb5dadddd4b8453a1a7b481420ae12b7eb1bede9189addf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: sWCea89+ss7K7ErGyyEtbw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD15F88956D08B
age: 47182
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/x-javascript
last-modified: Fri, 06 Dec 2024 13:18:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 1b522899-101e-005d-217f-4b2138000000
cf-ray: 8f0fae84aa1266ae-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27335
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 syncframe
gum.criteo.com/ Frame 99BE 0
0 56ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=showslot.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=101893

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://showslot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 18:12:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 287941
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 99ms
34ms Ping
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1658769366.1734027137&npa=1&gtm=45He4cb0v830600055za200&gcs=G100&gcd=13q3q3q2q5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485&tft=1734027136821&tfd=983&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
98 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-761528755&l=dataLayer&cx=c&gtm=45He4cb0v830600055za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7c36c5ba3b6a07a8994f80c785ba0185036ab9da3696a88cfa9aada8dfcc189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 18:12:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99801
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 413 KB
132 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HQ4LYZ838W&l=dataLayer&cx=c&gtm=45He4cb0v830600055za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5d792796e18acedcf850cb8630a6b664e13a0a3e45deca3917fd807bfb23f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 18:12:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 135512
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
88 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-123456&l=dataLayer&cx=c&gtm=45He4cb0v830600055za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0af3e31c0e3c7a6013da6b3c107f7cbf626e041df122df1aeaa8ee4b85bd4e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 18:12:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89982
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 71ms
34ms Script
application/x-javascript 157.240.30.27
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.30.27 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-prg1.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ysiKao9h' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ysiKao9h' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4511, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 84WqNN+7PVSMDEI0po0yx/5L0BM+h+M66q7YlE8nP1k7wct8IqvO3ivsCu56b6NFXj5OxZ5r3Lt3sLyR2YM/3A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1521506/ 71 KB
22 KB 64ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1521506/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57e2f426506961cdd99d04c33c605c7d420e580f613afa8bfc03de5f87d53ec1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: gzip
etag: "422511c51b9fbcb465cf6814e466b2d6"
x-amz-version-id: GclZM3XjD_S0bSIaEbXrEEOpUhNbWoJy
age: 112
x-cache: HIT
date: Thu, 12 Dec 2024 18:12:16 GMT
last-modified: Sun, 08 Dec 2024 11:16:33 GMT
x-served-by: cache-ams2100147-AMS
x-cache-hits: 1
content-type: application/javascript; charset=utf-8
x-amz-id-2: HURsH165XmzPx2QUCpGBRy0fz4RSsqlwhjVw1uq4xCECGmMVD4ddzo9iTxTZJY9AUvGkJ+YiJGo=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1734027137.889364,VS0,VE1
via: 1.1 varnish
x-amz-request-id: T78GWNPXMXTXPRA5
accept-ranges: bytes
access-control-allow-origin: *
abp: 10
content-length: 22114
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 29 KB
9 KB 85ms
23ms Script
application/x-javascript 23.213.165.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-149.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6e26250e91083ef3b2bf7451aec2e8f4d097b7f8f3e01b74fcb0d927ce487fa8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "645276f4db308d8178f9ccebbaeb7585:1733911664.690199"
Connection: keep-alive
Expires: Thu, 12 Dec 2024 18:32:16 GMT
Accept-Ranges: bytes
X-CC: NL
Content-Length: 9067
X-RG: EU
Date: Thu, 12 Dec 2024 18:12:16 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 11 Dec 2024 09:30:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H3 200 v8.js Show response
stapecdn.com/dtag/ 19 KB
8 KB 79ms
36ms Script
text/javascript 172.67.72.56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stapecdn.com/dtag/v8.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99f2d8044a24b9817bc31c4e3f6c34c24ff4e05557ca70dcd2631f790785d8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=3FX0EQ==, md5=Q2N3pg683cW38pmbAJQgGQ==
cf-cache-status: HIT
etag: W/"436377a60ebcddc5b7f2999b00942019"
age: 103065
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9GR387u3YP7hY7ZL%2BkkNceCrGR%2FVcclElW9sTiCtvschVGhqNaqDrEwsji9e31BiqE8d046bYDedLnQvzvI8odGEUVKZzwXGbgb%2Bxhlvgtfelbwp3EbvIwwvU9SgYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-goog-stored-content-encoding: identity
expires: Wed, 11 Dec 2024 14:28:19 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 18978
server-timing: cfL4;desc="?proto=QUIC&rtt=15899&min_rtt=15435&rtt_var=4066&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4352&recv_bytes=4370&delivery_rate=36430&cwnd=12000&unsent_bytes=0&cid=18ec558b20294fcf&ts=51&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/javascript
last-modified: Tue, 09 Apr 2024 12:29:35 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-guploader-uploadid: AHmUCY2EVvKXXe9sI1ek0Yrf5phKtuxWmo6iBWY2abk32aMWlNFBgPZO5BfRZulLxEFkkNcGQQ
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
referrer-policy: same-origin
cf-ray: 8f0fae858fba0eaa-AMS
x-goog-generation: 1712665775294960
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 145ms
38ms Script
application/javascript 2a02:26f0:3500:895::1931
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:895::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 991d494be54f4f4777d6941532633b89976ed82be1c46275d910c1407d022725

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=7200
access-control-expose-headers: X-CDN
content-encoding: br
etag: "56ab8670135f76d12eef4f347a61fb24"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
access-control-allow-origin: *
content-length: 1859
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 110ms
32ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B2B43BED0234F718FB44AF85218E3FB Ref B: AMS231020512017 Ref C: 2024-12-12T18:12:16Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 434ms
348ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEDLQ0BC77UAS1JJRUJG&lib=ttq
Requested by: Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19d68e5924f991b2d551d9f6dee362d0836ea10dbe8148012a227ad5f941ba52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-249-138.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Thu, 12 Dec 2024 18:12:17 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=297, origin; dur=10, inner; dur=5
x-cache: TCP_MISS from a104-126-37-166.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 9da02b5.1204f0db
x-tt-trace-host: 013d23642961f76b5c2bfab02bc99eb8cbc66f98e3982799bbabf4de84dc5c591a72d8edaafa8eef710f3f4904fea1b1b414fa476d2bed593bf9854625bbc4dcb8a40fb1a79147a3100df1a2a87d203393a17831f915d8a458089ed5973bedf86656e9187aad8a60d13ffe00c2d5becbe4
x-origin-response-time: 10,23.48.249.138
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2412121812179A5B583B94D8A2B089C4-3D0B9B6A5DCC04F7-00
content-length: 2035
x-parent-response-time: 305,104.126.37.166
x-tt-logid: 202412121812179A5B583B94D8A2B089C4
server: nginx

GET
H2 200 10042218-10042749.js Show response
cdn-4.convertexperiments.com/js/ 69 B
312 B 117ms
35ms Script
application/javascript 2a02:26f0:3500:287::14a9
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/10042218-10042749.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:287::14a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 7bf8a5230cd6f3c0e0ed5fea4a53a5e106d86d4899442cc7dbc038d81c8ac4d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

access-control-max-age: 86400
cache-control: public, max-age=1800
content-encoding: gzip
access-control-allow-methods: GET,HEAD,POST,OPTIONS
expires: Thu, 12 Dec 2024 18:42:16 GMT
access-control-allow-origin: *
content-length: 86
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 sa.js Show response
sibautomation.com/ 9 KB
4 KB 76ms
38ms Script
text/javascript 2606:4700:4400::ac40:9473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/sa.js?key=hi8rxjjv3pbiv8zpfzmw5x14
Requested by: Host: showslot.com
URL: https://showslot.com/mord-im-orientexpress/?utm_source=mordimorientexpresslive&utm_medium=redirect&utm_campaign=redirect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash: 9680db1d99dff3e6829a1955e2979b882a827c683ff29cf776222b588c78ce85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

cache-control: public, max-age=60
content-encoding: gzip
cf-bgj: minify
etag: W/"368b-zwq7egVp/QTsQMN1DQYrC6IzUxg"
age: 3306
cf-cache-status: HIT
cf-ray: 8f0fae85fe43d5a3-AMS
expires: Thu, 12 Dec 2024 18:13:16 GMT
cf-polished: origSize=13963
access-control-allow-origin: *
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
server: cloudflare

GET
H2 200 v2 Show response
integrations.etrusted.com/applications/widget.js/ 4 KB
2 KB 91ms
27ms Script
application/javascript 18.245.31.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://integrations.etrusted.com/applications/widget.js/v2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-25.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0f285340fde233e4bf0042716b33a9aae7ef38bf6768663286012870f5a648cb

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: gzip
x-amz-version-id: y6m_lv3sPnnC8IKMQAxgSJ.CL61RpuYE
etag: W/"d7237287c6c61682525e80a1904e6609"
age: 49568
x-cache: Hit from cloudfront
x-amz-cf-id: tt_TN-qiWz-T17fDVVO9t730Rw-RtcjEY32KHiliuOTpDoXCzIOc1A==
date: Thu, 12 Dec 2024 04:26:09 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 25 Jul 2023 10:18:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age= 63072000; includeSubdomains; preload
cache-control: max-age=86400
referrer-policy: same-origin
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 otCenterRounded.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202403.1.0/assets/ 9 KB
3 KB 44ms
43ms Fetch
application/json 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202403.1.0/assets/otCenterRounded.json

Requested by

Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: oEdP+90xtNxlUUkm9OvnCg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5DFE22B24BA
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 25716
expires: Fri, 13 Dec 2024 18:12:16 GMT
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 21:40:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 8b8af2cd-b01e-006b-0505-0bac48000000
cf-ray: 8f0fae855add66ae-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2626
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcTab.json Show response
cookie-cdn.cookiepro.com/scripttemplates/202403.1.0/assets/v2/ 63 KB
14 KB 41ms
41ms Fetch
application/json 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202403.1.0/assets/v2/otPcTab.json

Requested by

Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: g2ypzSRDfu1jLUtMEi+hcQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5DFE369DF13
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 84785
expires: Fri, 13 Dec 2024 18:12:16 GMT
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 21:40:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 5dc1f169-801e-0070-6751-d8924b000000
cf-ray: 8f0fae855adf66ae-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13599
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cookie-cdn.cookiepro.com/scripttemplates/202403.1.0/assets/ 24 KB
4 KB 43ms
42ms Fetch
text/css 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/202403.1.0/assets/otCommonStyles.css

Requested by

Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

906696b6eda58302976c520c1c37e981beb5e14702bd2445b987083bacb52116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 34313
content-encoding: br
expires: Fri, 13 Dec 2024 18:12:16 GMT
cf-polished: origSize=24823
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 21:40:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 568ffeb1-901e-0031-3405-0bcaaf000000
cf-ray: 8f0fae855ae066ae-AMS
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 1912 0
0 77ms
24ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fshowslot.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG4NWXC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 4672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 16:54:24 GMT
expires: Fri, 12 Dec 2025 16:54:24 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ot_guard_logo.svg Show response
cookie-cdn.cookiepro.com/logos/static/ 497 B
473 B 36ms
35ms Fetch
image/svg+xml 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/logos/static/ot_guard_logo.svg

Requested by

Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 2143
content-encoding: br
expires: Fri, 13 Dec 2024 18:12:16 GMT
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Dec 2024 01:55:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: e39e8b4a-b01e-0036-223a-47a6cc000000
cf-ray: 8f0fae85bb6366ae-AMS
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 MUSICAL-5_Logo_V5_B.png
cookie-cdn.cookiepro.com/logos/9e8e751d-2710-4c95-9dfd-ac13894a9117/bdd7537c-02f7-4993-ba96-fb87b9f9ba67/01d2683d-cdb3-49e9-869a-24c55a2a9e20/ 6 KB
6 KB 35ms
34ms Image
image/png 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/9e8e751d-2710-4c95-9dfd-ac13894a9117/bdd7537c-02f7-4993-ba96-fb87b9f9ba67/01d2683d-cdb3-49e9-869a-24c55a2a9e20/MUSICAL-5_Logo_V5_B.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80ed82954f0be660db9fd12411bb2b241a5db9e9b671b269fc02134aff98824c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: sj6j3+Q8Wx/El7vquyiboA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
etag: 0x8DA3336AE7B8B37
x-ms-version: 2009-09-19
cf-cache-status: HIT
age: 39497
expires: Fri, 13 Dec 2024 18:12:16 GMT
cf-polished: origSize=14081
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/png
last-modified: Wed, 11 May 2022 10:11:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 96f3bcb4-501e-003e-6b96-7abcc3000000
cf-ray: 8f0fae85dbbd1c8a-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6115
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 5 KB
2 KB 36ms
36ms Image
image/svg+xml 2606:4700:4400::ac40:97a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:97a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-md5: uInNdQwuuw8s7lYl3cE7eQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 63994
content-encoding: br
expires: Fri, 13 Dec 2024 18:12:16 GMT
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Dec 2024 01:55:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 587c5809-301e-0007-784f-4747df000000
cf-ray: 8f0fae85dbc01c8a-AMS
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
281 B 67ms
20ms Fetch
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1734027137.990696,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-bru1480057-BRU
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1521506/trc/3/ 3 KB
2 KB 32ms
25ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1521506/trc/3/json?tim=1734027136958&data=%7B%22id%22%3A898%2C%22ii%22%3A%22%2Fmord-im-orientexpress%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1734027136934%2C%22cv%22%3A%2220241208-11-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-adriandupreyshowslotcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0001%2CH5%2CH18%2CH11%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22it%22%3A%22GTM%22%2C%22tim%22%3A1734027136957%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect%22%2C%22tos%22%3A15%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1521506/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c5ef4c0bbb2ac4981449680fbed02f64c323da3a1d40845d8420b1d4b542ed0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-ams2100147-AMS
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 811
x-timer: S1734027137.978584,VS0,VE8
x-vcl-time-ms: 8
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.20224999999999999
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 65ms
22ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HQ4LYZ838W&gtm=45je4cb0v891100847z8830600055za200zb830600055&_p=1734027136409&gcs=G100&gcd=13q3qPq2q5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198177&cid=1547020413.1734027137&ecid=1363815000&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1734027137&sct=1&seg=0&dl=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&dt=MORD%20IM%20ORIENTEXPRESS%20-%20ShowSlot&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1238
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://showslot.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 data Show response
gtm-mczdx83-zjezz.uc.r.appspot.com/ 68 B
594 B 681ms
593ms XHR
application/json 2a00:1450:4001:82a::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm-mczdx83-zjezz.uc.r.appspot.com/data?v=2&event_name=page_view
Requested by: Host: stapecdn.com
URL: https://stapecdn.com/dtag/v8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ec55728edbb207c0fe9785beca4cb09bc96a29ade1546749b4dc8cce6a2e3111

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://showslot.com/

Response headers

access-control-max-age: 600
cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
expires: Thu, 12 Dec 2024 18:12:17 GMT
access-control-allow-origin: https://showslot.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/json
vary: Accept-Encoding
server: Google Frontend
x-cloud-trace-context: 7abd03f0c3880cdde339b9eaefdca98a;o=1
access-control-allow-headers: content-type,set-cookie,x-robots-tag,x-gtm-server-preview,x-stape-preview

GET
H3 200 526218648093298 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 198ms
198ms Script
application/x-javascript 157.240.30.27
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/526218648093298?v=2.9.178&r=stable&domain=showslot.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.30.27 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-prg1.fbcdn.net

Software

Resource Hash

2138a97a8adeefe5138f6cf65e50fd78116ad58df759118db0537fa9b9ad11c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-IXpfbyAl' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-IXpfbyAl' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=77, mss=1232, tbw=71228, tp=67, tpl=0, uplat=164, ullat=0
pragma: public
x-fb-debug: g1AYOp06W64MTqvpBHE+wEcG+QsE1BxW1kq1xpgn9BSlsbVsdLueBzEELYLEerYB6SAnTA5m9Mai70lDJ2ix1w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 134612088.js Show response
bat.bing.com/p/action/ 363 B
422 B 36ms
35ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134612088.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D65C4D92DB9F400588D6F9D319C95AD2 Ref B: AMS231020512017 Ref C: 2024-12-12T18:12:17Z
x-cache: CONFIG_NOCACHE
date: Thu, 12 Dec 2024 18:12:16 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 main.babde0ae.js Show response
s.pinimg.com/ct/lib/ 81 KB
23 KB 34ms
32ms Script
application/javascript 2a02:26f0:3500:895::1931
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:895::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 838c7bdf2d92bc0f36f690776dba53c2718f84f2b1f9b1e403df8e1ad652d7cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=1209600
access-control-expose-headers: X-CDN
content-encoding: br
etag: "8b081f101a84d3f43538d221491c793e"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23434
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.58/ 67 KB
28 KB 39ms
38ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.58/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hysk30a62f?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

x-azure-ref: 20241212T181217Z-r19785d46cbsn46thC1AMSh2xg00000008a0000000000hc7
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD19E020F35B96"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 4988065d-101e-0017-53e6-4b87d0000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 12:34:17 GMT

GET
H2 204 0
bat.bing.com/action/ 0
288 B 35ms
35ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134612088&Ver=2&mid=47e5775f-b989-459a-9543-b667dea66727&bo=1&sid=9eec6a40b8b411ef8620db30ef1d84f2&vid=9eeca220b8b411efaad1d9fd862b813b&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=MORD%20IM%20ORIENTEXPRESS%20-%20ShowSlot&p=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&r=&lt=567&evt=pageLoad&sv=1&cdb=AQET&rn=513160

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 74FAADDCF43545FCB0D82C04C28ABA74 Ref B: AMS231020512017 Ref C: 2024-12-12T18:12:17Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 12 Dec 2024 18:12:16 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
327 B 105ms
36ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613103187059&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1734027137192&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: af5c136987bae278c5db1de5e45b6995
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPVpXTTNZek00TmpRdE1HSmhZUzAwWW1JMkxXRXpOV1F0WldNMlpqZ3paR1ppWkdJMA
pinterest-version: 39c6645327da190a36b69ff50f9877497898e4c8
access-control-allow-origin: https://showslot.com
content-length: 186
x-pinterest-rid: 1425702191858734

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
672 B 103ms
36ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613103187059&cb=1734027137194&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 3e22d117d93c0687a9275fb71005cf38
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPVpEZ3lPRFEwWVRRdE1HRTJPQzAwWWpSaExXSmxNRFF0WXpNelpEazFPRGRoTkdRNA
pinterest-version: 39c6645327da190a36b69ff50f9877497898e4c8
access-control-allow-origin: https://showslot.com
content-length: 186
x-pinterest-rid: 1218881615635400

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
205 B 103ms
37ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2613103187059&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22babde0ae%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1734027137195
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: af010c666cb402e8c8f71b9a09c72d42
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 39c6645327da190a36b69ff50f9877497898e4c8
access-control-allow-origin: https://showslot.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 12 Dec 2024 18:12:17 GMT
x-pinterest-rid: 1448107347523608
content-type: image/gif

GET
H2 200 main.MWZiM2ZlMGNjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 351 KB
97 KB 45ms
45ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEDLQ0BC77UAS1JJRUJG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-166.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2412101334476275B68C0D4AE5A3A8C1-1FD1461F338DFE25-00
content-length: 98695
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202412101334476275B68C0D4AE5A3A8C1
server: nginx
x-akamai-request-id: 1204f490
x-tt-trace-host: 01d9ec9f202761d566cbe6e2f4e74d6c82fb5370ccd2b91b0102df512784afe57216918dc91d2ed9ef2d913dbe824e6ad84bd697de856ebdb1bfaa3b9a5de045e7322bf0853c9e3270c91789c8a7232e535cbc9b9ec877cb294d246033586b7c3b8a72a7deb8b3801444e1e01715f6f5e2

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 18ms
17ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
etag: "6d0ca67bea866259c359c2d1e93bf622"
age: 1839
x-cdn: fastly
alt-svc: h3=":443";ma=600
content-length: 4054
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 0B99 0
0 75ms
39ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.babde0ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://showslot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 18:12:17 GMT
pinterest-version: 39c6645327da190a36b69ff50f9877497898e4c8
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 3715614010226920
x-pinterest-rid-128bit: e4fe3e817252676033908341920a4bee

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
683 B 35ms
34ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613103187059&cb=1734027137310&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22babde0ae%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 36ee683cd0582250a9599437f967e5f4
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 39c6645327da190a36b69ff50f9877497898e4c8
access-control-allow-origin: https://showslot.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 12 Dec 2024 18:12:17 GMT
x-pinterest-rid: 1220294763346551
content-type: image/gif

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 91ms
35ms Image
text/plain 157.240.30.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=526218648093298&ev=PageView&dl=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&rl=&if=false&ts=1734027137340&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1734027137339.253966905145773497&ler=empty&cdl=API_unavailable&it=1734027137123&coo=false&eid=pv-dt1734027563383_173402784963517&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.30.35 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-prg1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4526, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 239ms
184ms Image
image/png 157.240.30.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=526218648093298&ev=PageView&dl=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&rl=&if=false&ts=1734027137340&sw=1600&sh=1200&v=2.9.178&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1734027137339.253966905145773497&ler=empty&cdl=API_unavailable&it=1734027137123&coo=false&eid=pv-dt1734027563383_173402784963517&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.30.35 Prague, Czech Republic, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-prg1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447589845382595626"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: rOTW6y7v7F/4JBpvJ35SKWwAcr9RPsoRnBy6gZmmVPPCLjuuhHVU9tPb5MLiA7iglXUVlozMuFBz90ct+7ZcBA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447589845382595626", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4894, tp=13, tpl=0, uplat=152, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 204 p Show response
in-automate.brevo.com/ 0
99 B 105ms
47ms XHR
text/plain 2606:4700:4400::ac40:96d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in-automate.brevo.com/p?key=hi8rxjjv3pbiv8zpfzmw5x14&cuid=fbd6362b-f900-44d7-8d12-67aa53a84855&ma_url=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&sib_type=page&ma_title=MORD%20IM%20ORIENTEXPRESS%20-%20ShowSlot&sib_name=MORD%20IM%20ORIENTEXPRESS%20-%20ShowSlot&ma_referrer=&ma_path=%2Fmord-im-orientexpress%2F
Requested by: Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=hi8rxjjv3pbiv8zpfzmw5x14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:96d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

cf-ray: 8f0fae88db7666fe-AMS
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
date: Thu, 12 Dec 2024 18:12:17 GMT
server: cloudflare

POST
H/1.1 204
No Content collect Show response
f.clarity.ms/ 0
276 B 301ms
99ms XHR
text/plain 51.8.44.252
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.58/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://showslot.com/

Response headers

Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin: https://showslot.com
Date: Thu, 12 Dec 2024 18:12:17 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 27ms
27ms Script
application/javascript 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-166.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id: 00-241115050233F43D76A3E184AA166B24-35E8287D38D506DD-00
content-length: 39538
date: Thu, 12 Dec 2024 18:12:17 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241115050233F43D76A3E184AA166B24
server: nginx
x-akamai-request-id: 1204f5ad
x-tt-trace-host: 01b2772d08dc2e64270ae20f4a4b8b52972e74fe5ac0a55040d5855cc7438be15e5205275afa736a30cc95a0b251d97cd946cb6633d7ae51caa40c2f854d4db7c6407fed021642971a870d0ed10bf6c807d8abd7686ca19db81318a79f9a46c023

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
881 B 349ms
347ms Ping
text/plain 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://showslot.com/

Response headers

x-cache-remote: TCP_MISS from a23-220-107-197.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 12 Dec 2024 18:12:17 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=296, origin; dur=27, inner; dur=20
x-cache: TCP_MISS from a104-126-37-166.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Thu, 12 Dec 2024 18:12:17 GMT
x-akamai-request-id: 23c4dde0.1204f61f
access-control-allow-headers: Authorization,*
x-tt-trace-host: 013d23642961f76b5c2bfab02bc99eb8cbc66f98e3982799bbabf4de84dc5c591a2ff091285e3a5e6a1d135421dc281d61688d1bc302903f0363e954a22eeaa5b8afe8ab125011d1893b84240dfeceb3405a9574d0ac756f9214a42443ebf17505d8d229ab7ff4f1714b3b6932df93a085
x-origin-response-time: 27,23.220.107.197
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241212181217C2E7AA26380D45D09DCA-3F2F7CF85DBA42D9-00
content-length: 0
x-parent-response-time: 308,104.126.37.166
x-tt-logid: 20241212181217C2E7AA26380D45D09DCA
server: nginx

POST
H/1.1 204
No Content collect Show response
f.clarity.ms/ 0
276 B 321ms
297ms XHR
text/plain 51.8.44.252
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.58/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://showslot.com/

Response headers

Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin: https://showslot.com
Date: Thu, 12 Dec 2024 18:12:17 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
882 B 163ms
160ms Ping
text/plain 104.126.37.185
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a104-126-37-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://showslot.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-249-191.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 12 Dec 2024 18:12:17 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=111, origin; dur=26, inner; dur=23
x-cache: TCP_MISS from a104-126-37-166.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Thu, 12 Dec 2024 18:12:17 GMT
x-akamai-request-id: 25078ef.1204f8b2
access-control-allow-headers: Authorization,*
x-tt-trace-host: 013d23642961f76b5c2bfab02bc99eb8cbc66f98e3982799bbabf4de84dc5c591a77dfbb51310f519dd820cf2527d0140f66803fbb54bb59f8f0add6ce1767db378d2825af428bf8911afb16eb3572b71c486682f67c9445b9778d02a67b6963723a7062a2d3081accad79834bfd005c02
x-origin-response-time: 26,23.48.249.191
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412121812177A7EA30A8475E669793F-46AF89DE9553577C-00
content-length: 0
x-parent-response-time: 122,104.126.37.166
x-tt-logid: 202412121812177A7EA30A8475E669793F
server: nginx

GET
H2 204 unip Show response
trc-events.taboola.com/1521506/log/3/ 0
244 B 46ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1521506/log/3/unip?en=pre_d_eng_tb&tos=1658&scd=0&ssd=1&est=1734027136942&ver=36&isls=true&src=i&invt=1500&msa=5402&rv=1&tim=1734027138600&vi=1734027136934&ri=97b17732e861a2bcf68b0e36b96e3090&ref=null&cv=20241208-11-RELEASE&item-url=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CH5%2CH18%2CH11%2C&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1521506/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://showslot.com/

Response headers

access-control-allow-origin: https://showslot.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Thu, 12 Dec 2024 18:12:18 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1521506/log/3/ Frame 0
0 235ms
15ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1521506/log/3/unip?en=pre_d_eng_tb&tos=1658&scd=0&ssd=1&est=1734027136942&ver=36&isls=true&src=i&invt=1500&msa=5402&rv=1&tim=1734027138600&vi=1734027136934&ri=97b17732e861a2bcf68b0e36b96e3090&ref=null&cv=20241208-11-RELEASE&item-url=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CH5%2CH18%2CH11%2C&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://showslot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://showslot.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Thu, 12 Dec 2024 18:12:18 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H/1.1 204
No Content collect Show response
f.clarity.ms/ 0
276 B 104ms
103ms XHR
text/plain 51.8.44.252
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.58/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.44.252 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://showslot.com/

Response headers

Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin: https://showslot.com
Date: Thu, 12 Dec 2024 18:12:19 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 unip Show response
trc-events.taboola.com/1521506/log/3/ 0
243 B 17ms
17ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1521506/log/3/unip?en=pre_d_eng_tb&tos=4660&scd=0&ssd=1&est=1734027136942&ver=36&isls=true&src=i&invt=3000&msa=5402&rv=1&tim=1734027141603&vi=1734027136934&ri=97b17732e861a2bcf68b0e36b96e3090&ref=null&cv=20241208-11-RELEASE&item-url=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CH5%2CH18%2CH11%2C&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1521506/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://showslot.com/

Response headers

access-control-allow-origin: https://showslot.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Thu, 12 Dec 2024 18:12:21 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1521506/log/3/ Frame 0
0 16ms
15ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1521506/log/3/unip?en=pre_d_eng_tb&tos=4660&scd=0&ssd=1&est=1734027136942&ver=36&isls=true&src=i&invt=3000&msa=5402&rv=1&tim=1734027141603&vi=1734027136934&ri=97b17732e861a2bcf68b0e36b96e3090&ref=null&cv=20241208-11-RELEASE&item-url=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0001%2CH5%2CH18%2CH11%2C&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://showslot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://showslot.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Thu, 12 Dec 2024 18:12:21 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 event Show response
sslwidget.criteo.com/ 3 KB
2 KB 93ms
24ms Script
application/x-javascript 178.250.1.9

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=101893&v=5.29.0&otl=1&p0=e%3Dvpg&adce=1&bundle=6EEPx19LcUtuV2c0MVVtRFdCZ2ZWM2dpYzN5VTBkb0Y3YTIlMkZSY21ZJTJGMFl0VzMlMkY4eEpETEtURDFaVUJ6ZVFsMjZUMnZOYVBjR29tNFRwd2dJSnYyR2JKOEgxTVdYbUw2aFlIMGNNUm1wdVVLd0xFZmhOR1dicUJXUWVuMUlCRUVNRTA0SjVma2Rvd09Db2JlTWlIcmZKNFVpaW5CZyUyQm1wbnkzdDg0WVl1OGpLTkdJOCUzRA&sc=%7B%22fbp%22%3A%22fb.1.1734027137339.253966905145773497%22%2C%22ttp%22%3A%22lVDDz34S3s9qlQ6ZJ4WWByJjPaV.tt.1%22%7D&tld=showslot.com&dy=1&fu=https%253A%252F%252Fshowslot.com%252Fmord-im-orientexpress%252F%253Futm_source%253Dmordimorientexpresslive%2526utm_medium%253Dredirect%2526utm_campaign%253Dredirect&ceid=c79fed4f-3823-4e81-b282-dd498de947ee

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=101893

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

f49c1fc60ac3cda6f8bdcb0b3fc26472d8132d96baed5ed5e67b43f964b03036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://showslot.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6122308
expires: 0
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
date: Thu, 12 Dec 2024 18:12:21 GMT
content-type: application/x-javascript
server: Kestrel

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
showslot.com/	1970-01-21 11:16:27	Name: source Value: mordimorientexpresslive
.criteo.com/	1970-01-21 11:02:03	Name: uid Value: e232fe28-0fee-4717-aa39-6b2feb48bdf5
.criteo.com/	1970-01-21 11:02:03	Name: receive-cookie-deprecation Value: 1
.showslot.com/	1970-01-21 11:09:51	Name: cto_bundle Value: 6EEPx19LcUtuV2c0MVVtRFdCZ2ZWM2dpYzN5VTBkb0Y3YTIlMkZSY21ZJTJGMFl0VzMlMkY4eEpETEtURDFaVUJ6ZVFsMjZUMnZOYVBjR29tNFRwd2dJSnYyR2JKOEgxTVdYbUw2aFlIMGNNUm1wdVVLd0xFZmhOR1dicUJXUWVuMUlCRUVNRTA0SjVma2Rvd09Db2JlTWlIcmZKNFVpaW5CZyUyQm1wbnkzdDg0WVl1OGpLTkdJOCUzRA
.showslot.com/	1970-01-21 10:26:03	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Dec+12+2024+19%3A12%3A16+GMT%2B0100+(Midden-Europese+standaardtijd)&version=202403.1.0&browserGpcFlag=0&isIABGlobal=false&consentId=41c5ac72-71c8-4e2b-84e6-dacd7283a4ab&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fshowslot.com%2Fmord-im-orientexpress%2F%3Futm_source%3Dmordimorientexpresslive%26utm_medium%3Dredirect%26utm_campaign%3Dredirect&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&hosts=H5%3A1%2CH18%3A1%2CH11%3A1%2CH24%3A0%2CH4%3A0%2CH25%3A0%2CH35%3A0%2CH39%3A0%2CH14%3A0%2CH20%3A0%2CH21%3A0%2CH1%3A0%2CH17%3A0%2CH2%3A0%2CH3%3A0%2CH22%3A0%2CH23%3A0%2CH45%3A0%2CH26%3A0%2CH27%3A0%2CH28%3A0%2CH29%3A0%2CH30%3A0%2CH31%3A0%2CH46%3A0%2CH32%3A0%2CH33%3A0%2CH34%3A0%2CH6%3A0%2CH7%3A0%2CH8%3A0%2CH13%3A0%2CH15%3A0%2CH36%3A0%2CH9%3A0%2CH37%3A0%2CH38%3A0%2CH40%3A0%2CH12%3A0%2CH41%3A0%2CH42%3A0&genVendors=
.showslot.com/	1969-12-31 23:59:59	Name: stape Value: %7B%22event_id%22%3A%22pv-dt1734027563383_173402784963517%22%7D
.showslot.com/	1970-01-21 06:01:19	Name: sib_cuid Value: fbd6362b-f900-44d7-8d12-67aa53a84855
.showslot.com/	1970-01-21 01:41:53	Name: _uetsid Value: 9eec6a40b8b411ef8620db30ef1d84f2
.showslot.com/	1970-01-21 11:02:03	Name: _uetvid Value: 9eeca220b8b411efaad1d9fd862b813b
.bing.com/	1970-01-21 11:02:03	Name: MUID Value: 1B2B608D53C76AC7383D75DE52B56B54
.tiktok.com/	1970-01-21 03:50:03	Name: _ttp Value: 2q7wthb54ZGGkTJmws0iQ2I2qqI
.pinterest.com/	1970-01-21 10:26:03	Name: ar_debug Value: 1
.showslot.com/	1970-01-21 10:26:03	Name: _pin_unauth Value: dWlkPVpXTTNZek00TmpRdE1HSmhZUzAwWW1JMkxXRXpOV1F0WldNMlpqZ3paR1ppWkdJMA
.showslot.com/	1970-01-21 03:50:03	Name: _fbp Value: fb.1.1734027137339.253966905145773497
.ct.pinterest.com/	1970-01-21 10:26:03	Name: _pinterest_ct_ua Value: "TWc9PSZBNDJHcURoU3BiTWIzVlBXS1NNMnFmZW82WWd1bGZoNHZoVW4rVFd0SUZXRWh5L3Q5MXpnUXI2aFA4ZUtRSTVGd3hEL1pYZ3Y2c1A2cTAvdlZWVHd0VDhwTG5RNlpIdHBVdEZzWkxnRUFVWT0mZDlDS3RoTkdLcG10TUw4b3VLbG5Uait5eEVVPQ=="
.showslot.com/	1970-01-21 03:50:03	Name: _tt_enable_cookie Value: 1
.showslot.com/	1970-01-21 03:50:03	Name: _ttp Value: lVDDz34S3s9qlQ6ZJ4WWByJjPaV.tt.1
.gtm-mczdx83-zjezz.uc.r.appspot.com/	1970-01-21 11:16:27	Name: _dcid Value: dcid.1.1734027137450.230842291

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.tiktok.com
app.uptain.de
bat.bing.com
cdn-4.convertexperiments.com
cdn.taboola.com
connect.facebook.net
cookie-cdn.cookiepro.com
ct.pinterest.com
d2wy8f7a9ursnm.cloudfront.net
dynamic.criteo.com
f.clarity.ms
gc.showslot.com
geolocation.onetrust.com
gtm-mczdx83-zjezz.uc.r.appspot.com
gum.criteo.com
in-automate.brevo.com
integrations.etrusted.com
mord-im-orient-express.live
pagead2.googlesyndication.com
psb.taboola.com
region1.google-analytics.com
s.pinimg.com
sessions.bugsnag.com
showslot.com
sibautomation.com
sslwidget.criteo.com
stapecdn.com
static.cloudflareinsights.com
trc-events.taboola.com
trc.taboola.com
vjs.zencdn.net
www.clarity.ms
www.facebook.com
www.googletagmanager.com
104.126.37.185
13.32.23.60
141.226.228.48
151.101.0.84
151.101.192.84
151.101.193.44
157.240.30.27
157.240.30.35
172.67.72.56
172.67.73.78
178.250.1.9
18.245.31.25
188.114.96.3
2001:4860:4802:34::36
216.58.212.130
23.213.165.149
2600:1901:0:7a0b::
2606:4700:4400::ac40:9473
2606:4700:4400::ac40:96d8
2606:4700:4400::ac40:97a6
2606:4700:4400::ac40:9b77
2606:4700::6810:4f49
2620:1ec:33:1::10
2620:1ec:bdf::45
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2014
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:287::14a9
2a02:26f0:3500:895::1931
2a04:4e42:200::729
51.8.44.252
99.86.4.3
99.86.4.80
05806459e493d634369da8a07cab16a3ce370af4ee7c3dc24f7de98666a0a276
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0af3e31c0e3c7a6013da6b3c107f7cbf626e041df122df1aeaa8ee4b85bd4e8f
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0e12b6aea62f8d1c2e29e27393e231a8a17472728b303b586e2d4fb3ff5b481f
0f285340fde233e4bf0042716b33a9aae7ef38bf6768663286012870f5a648cb
1569b8b0ae1964db4c09ec05d926e576a4c4349a55679488fe366255e6930386
19d68e5924f991b2d551d9f6dee362d0836ea10dbe8148012a227ad5f941ba52
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
2138a97a8adeefe5138f6cf65e50fd78116ad58df759118db0537fa9b9ad11c5
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2fd8182137ac717e1b8864226b012771a08e2ec3ce387b61a3d25cd9d4e63ae1
341e796999f75315cb6f6842363c57def0196cd31675a6023cd7db7ad0eee8ca
36550dcb5d7bae141b362cb37b80b64f0ba0fa43fd7ade5350b86d482746c9b8
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a520bdb102175e1ce42323eab2dc82037ef7ddd1092eead5744e18a8d842775
47066eaafdd77cffe6c0083f94393ff8f899324d17bd6ff3b76703dc04db0605
47fbb810446552b7b810897dcb760c9f8e11c975ff004f8686f7a8b77c14ccd9
498b9857c51790a045b6b127fe4f95ef72e86dffd41b71f1d14d149a33e11b28
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a
57e2f426506961cdd99d04c33c605c7d420e580f613afa8bfc03de5f87d53ec1
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af
676d8f37c59f35185a911647538c718049f1c9db038241b885b716f3449a458e
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6bc20849d2544dedc610864655aab1d15d57646a05587d7f667e060390f1d9cb
6c5ef4c0bbb2ac4981449680fbed02f64c323da3a1d40845d8420b1d4b542ed0
6d1137d21f3ba78b8a882dbf77f7c88712ad02a3f5efdce5ff996a67c15a6bf6
6e26250e91083ef3b2bf7451aec2e8f4d097b7f8f3e01b74fcb0d927ce487fa8
7bf8a5230cd6f3c0e0ed5fea4a53a5e106d86d4899442cc7dbc038d81c8ac4d1
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
80ed82954f0be660db9fd12411bb2b241a5db9e9b671b269fc02134aff98824c
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
8246efbfde0b1c96b7c2571b6fcc1f88ad07ff65ddff1703ae731cf95f4f5c0d
838c7bdf2d92bc0f36f690776dba53c2718f84f2b1f9b1e403df8e1ad652d7cb
85ab852bfb2016bce3933a1c7107b1bce807179f46364db291ab1f86b89addbb
8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
906696b6eda58302976c520c1c37e981beb5e14702bd2445b987083bacb52116
9206ba27ab33effd43093776bb54588a1df2103964e14da7b93322836617d69b
9680db1d99dff3e6829a1955e2979b882a827c683ff29cf776222b588c78ce85
98da5a7407e069a789ce9cfccdc767b1ca4ec683d947b0ced8f5212c4cbca2ed
991d494be54f4f4777d6941532633b89976ed82be1c46275d910c1407d022725
99f2d8044a24b9817bc31c4e3f6c34c24ff4e05557ca70dcd2631f790785d8a9
9d2bf0ba5f422ad4f4b55e71d0ad6d8c9c3e5901ec4d914d7ea4d9ea97df0d39
a0ba0ebc5486fb8754c964b7412178bb58758c1f1ff036f60fdc6e4a26ad3c85
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a389baab07521e7adf865e75bf98cfb646aaaf40523b2ce9a3e8d304424ed2e6
a849f6f58c8be2195864bebf47181f05dd3fd93645300649696c6ce3a370d1c4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
af56b03668d04f400793e293c01779d2a0d4b0674bcd82c943801704a5792282
b5351504db545fa24fc027b470b4d7d85cb0024de662f237594c6b1cbe61c4af
b5d792796e18acedcf850cb8630a6b664e13a0a3e45deca3917fd807bfb23f9b
b7c36c5ba3b6a07a8994f80c785ba0185036ab9da3696a88cfa9aada8dfcc189
bc77c5873fbd6439d90edfdff08e736dc9085d2fd75ec6e95dc6369e73c3e469
c3ccf48cc0ba27f2fcb5dadddd4b8453a1a7b481420ae12b7eb1bede9189addf
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c9152ead7c21e6070225f6e7015180028381b3f31a6b2e24c2380ec01d82eb17
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf5ade8d8da984919a262bdaca3e3f8f2dc0fa0ea82e86f669ea2d3cc6aa6252
d86730f73982f170cb0943d0d47c3c2520743d6a3d6cf5330cde12667df675ca
d9ef8e5e074c2d9aa87625297b9a2c401d85a20cf34c439d2411216de3fc9115
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7
e5c66d023e5989e915e7919aca4f41f8177984f9fe3c2cfef6711411ae98110a
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
ea595f63bb6ce1595abcfed7d75878b3a97693bec20b3e7991a6502c684ce837
eb4de05b6668ac00b733e7e5f790e79204d1603d3f0baab4ed32ac528fdec788
ec55728edbb207c0fe9785beca4cb09bc96a29ade1546749b4dc8cce6a2e3111
f13aaa338cc3dd92e892cabe5442a3434a4a667a6ebe1c43c48861679d07ef2c
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f3f28c97d6267354a97df3c4b674064f3bddaa70b1a9151697cb21a332a826e1
f49c1fc60ac3cda6f8bdcb0b3fc26472d8132d96baed5ed5e67b43f964b03036
fd21af98a1a413ea339cff00aba2eaf2e6c0dfaacf29a8b9792ebfdff4b632a4
fec6d609f38321b4de509c44f1aa17244c50ff2924d27e3b545bf717f11c38cc

showslot.com Open in urlscan Pro 172.67.73.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

100 %HTTPS

47 %IPv6

28 Domains

35 Subdomains

34 IPs

5 Countries

1741 kBTransfer

5179 kBSize

18 Cookies

13 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

showslot.com Open in urlscan Pro
172.67.73.78 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

100 %
HTTPS

47 %
IPv6

28
Domains

35
Subdomains

34
IPs

5
Countries

1741 kB
Transfer

5179 kB
Size

18
Cookies

101 HTTP transactions
1 data transactions