urlscan.io logo urlscan.io
SecurityTrails logo

bjwai.pagenowscale.com Open in urlscan Pro
79.133.41.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri
Effective URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Submission: On May 06 via api from BE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 79.133.41.53, located in Germany and belongs to DE-FIRSTCOLO firstcolo.net, DE. The main domain is bjwai.pagenowscale.com.
TLS certificate: Issued by R3 on March 26th 2024. Valid for: 3 months.
This is the only time bjwai.pagenowscale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.164.136.157 62240 (CLOUVIDER...)
1 45.139.123.157 8100 (ASN-QUADR...)
1 13 79.133.41.53 44066 (DE-FIRSTC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
4 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
21 7
1    185.164.136.157 (Canary Wharf, United Kingdom)

ASN62240 (CLOUVIDER Clouvider - Global ASN, GB)
PTR: now.fmdsyntax.com
mobile.darryring.com
1    45.139.123.157 (Ashburn, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
fencinghilt.com
13    79.133.41.53 (Germany)

ASN44066 (DE-FIRSTCOLO firstcolo.net, DE)
bjwai.easyfitload.com
bjwai.pagenowscale.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
trk-consulatu.com
event.trk-consulatu.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 pagenowscale.com
bjwai.pagenowscale.com
725 KB
4 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 94786
event.trk-consulatu.com — Cisco Umbrella Rank: 169928
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 380
35 KB
1 gstatic.com
fonts.gstatic.com
21 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
33 KB
1 easyfitload.com
bjwai.easyfitload.com
705 B
1 fencinghilt.com
fencinghilt.com
418 B
1 darryring.com
mobile.darryring.com
343 B
21 8
Domain Requested by
12 bjwai.pagenowscale.com fencinghilt.com
bjwai.pagenowscale.com
3 event.trk-consulatu.com trk-consulatu.com
1 fonts.gstatic.com fonts.googleapis.com
1 trk-consulatu.com bjwai.pagenowscale.com
1 code.jquery.com bjwai.pagenowscale.com
1 ajax.googleapis.com bjwai.pagenowscale.com
1 fonts.googleapis.com bjwai.pagenowscale.com
1 bjwai.easyfitload.com 1 redirects
1 fencinghilt.com
1 mobile.darryring.com 1 redirects
21 10

This site contains no links.

Subject Issuer Validity Valid
fencinghilt.com
R3		 2024-05-05 -
2024-08-03		 3 months crt.sh
pagenowscale.com
R3		 2024-03-26 -
2024-06-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
trk-consulatu.com
GTS CA 1P5		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Frame ID: 0E3F14361B70E4CB48998493FF55CE52
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Congratulations!

Page URL History Show full URLs

  1. http://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri HTTP 307
    https://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri HTTP 302
    https://fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/550... Page URL
  2. https://bjwai.easyfitload.com/?kw=31&s1=351690&s2=1178688699 HTTP 302
    https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • livewire(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

7
IPs

4
Countries

818 kB
Transfer

959 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri HTTP 307
    https://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri HTTP 302
    https://fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/550390134 Page URL
  2. https://bjwai.easyfitload.com/?kw=31&s1=351690&s2=1178688699 HTTP 302
    https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri HTTP 307
  • https://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri HTTP 302
  • https://fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/550390134

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
550390134
fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/
Redirect Chain
  • http://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri
  • https://mobile.darryring.com/2898977bs7356406Xc550390134Xe14100xb1xAr198933Ri
  • https://fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/550390134
123 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/550390134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.139.123.157 Ashburn, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-length
123
content-type
text/html; charset=UTF-8
date
Mon, 06 May 2024 14:10:04 GMT
server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 May 2024 14:10:03 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
location
https://fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/550390134
Primary Request 5694fbb0-0bb2-11ef-a189-153913d909ee
bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/
Redirect Chain
  • https://bjwai.easyfitload.com/?kw=31&s1=351690&s2=1178688699
  • https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Requested by
Host: fencinghilt.com
URL: https://fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/550390134
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
f0f1ed7dc0be3de39aa360132540893e3d9ebbcb3a94d0f569c24ec6271b3602
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://fencinghilt.com/0/0/0/0ea81ea512cc0f8caafa407a4c27da21/23b-2898977-7356406-198933-14100-/550390134
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, private
content-encoding
br
content-length
4862
content-type
text/html; charset=UTF-8
date
Mon, 06 May 2024 14:10:06 GMT
server
swoole-http-server
strict-transport-security
max-age=15768000
x-redir
true

Redirect headers

cache-control
no-cache, private
content-encoding
br
content-length
284
content-type
text/html; charset=UTF-8
date
Mon, 06 May 2024 14:10:05 GMT
location
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
server
swoole-http-server
strict-transport-security
max-age=15768000
x-redir
true
css
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc70b894f68762d4351c7bdadc128ea1b61e1b1609adb10bfdb9121cade81600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 May 2024 14:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 May 2024 14:10:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 May 2024 14:10:06 GMT
style.css
bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/css/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/css/style.css
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
b3abc7d062dd918279e7cc25483bd8a070bde5437eb94be4eeec1009f561160b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:06 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4859
x-varnish
690276 327703
content-type
text/css
accept-ranges
bytes
content-length
25478
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:48:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 07:48:50 GMT
app-4faf4233.css
bjwai.pagenowscale.com/build/assets/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bjwai.pagenowscale.com/build/assets/app-4faf4233.css
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
4faf4233cf733992896569fdadc8b1da921b707ff034475ddc27bdd173c4af5c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:06 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4859
x-varnish
624886 393233
content-type
text/css
accept-ranges
bytes
content-length
38655
overlay.png
bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/overlay.png
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:09 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4857
x-varnish
755438 524299
content-type
image/png
accept-ranges
bytes
content-length
18661
overlay2.png
bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/overlay2.png
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:09 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4857
x-varnish
722483 229400
content-type
image/png
accept-ranges
bytes
content-length
18646
dollar_reel.fs8.png
bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/dollar_reel.fs8.png
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
b9e962e0f9810e278130875315423d3205bbe90b01a19137b738d378ddda7bad
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:10 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4856
x-varnish
722484 65570
content-type
image/png
accept-ranges
bytes
content-length
259089
spin1.png
bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/spin1.png
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:10 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4856
x-varnish
755439 524307
content-type
image/png
accept-ranges
bytes
content-length
85123
spin2.png
bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/spin2.png
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:11 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4855
x-varnish
624887 29
content-type
image/png
accept-ranges
bytes
content-length
88130
loader.gif
bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/loader.gif
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:11 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4854
x-varnish
690277 524315
content-type
image/gif
accept-ranges
bytes
content-length
2892
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 14:10:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
20202407
x-cache
HIT, HIT
content-length
33261
x-served-by
cache-lga21975-LGA, cache-lcy-eglc8600043-LCY
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1715004607.992436,VS0,VE0
etag
W/"28feccc0-176d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
106, 22143
livewire.js
bjwai.pagenowscale.com/livewire/ 		171 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bjwai.pagenowscale.com/livewire/livewire.js?id=90730a3b0e7144480175
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:08 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
last-modified
Fri, 11 Aug 2023 04:02:34 GMT
server
swoole-http-server
age
4858
content-type
application/javascript; charset=utf-8
x-varnish
722485 688134
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
174819
service-worker-allowed
/
expires
Tue, 06 May 2025 12:49:08 GMT
oldw7nlgzn
trk-consulatu.com/scripts/push/script/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-consulatu.com/scripts/push/script/oldw7nlgzn?url=default
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69fab56309998e57de719709a4269b99d679a79893235b187d0aa5d659f0c961
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 14:10:06 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1561
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 May 2024 13:44:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5uzYqcLsDJCW7a1deewAozOnt%2F0ZO19Hxd65ye1XBSpo23xPIt%2FUMoz0KqeOvlgYHXBTkICexuLXjS4ABrg8fNv50RJ%2Fo%2F5g97xRs5G0TihROLxOBmyShyHDR1lC1Xkz3v%2BTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
87f98d4998dd93eb-LHR
expires
0
gratorama-progjackpot-v3.gif
bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/images/gratorama-progjackpot-v3.gif
Requested by
Host: bjwai.pagenowscale.com
URL: https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/templates/templates/spin-casino_MASTER/css/style.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:12 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4853
x-varnish
690278 688149
content-type
image/gif
accept-ranges
bytes
content-length
23095
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%7COpen+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://bjwai.pagenowscale.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 05:33:43 GMT
x-content-type-options
nosniff
age
549384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20824
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 05:33:43 GMT
favicon.ico
bjwai.pagenowscale.com/ 		0
161 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bjwai.pagenowscale.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.41.53 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
Software
swoole-http-server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 12:49:42 GMT
via
1.1 varnish (Varnish/7.4)
strict-transport-security
max-age=15768000
server
swoole-http-server
age
4824
x-varnish
690280 524342
content-type
image/x-icon
accept-ranges
bytes
content-length
0
lmdzxr03ek
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/lmdzxr03ek
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/oldw7nlgzn?url=default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://bjwai.pagenowscale.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 06 May 2024 14:10:07 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLF%2FRuS6zlumui%2BGQ6WkUV67ylwrDhYnt75qndCeJba29YjH3IH5q4ROuoq3fNn8E020A1tgMLT8L4X%2BgyV3yom4V6Oi5gPCn50S41ATKMXxxcHwwpfwYmIYJkM09CfyEGXdy7457mfVjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
87f98d4c9dfa45a0-LHR
x-pushplatformapp-params
lmdzxr03ek
event.trk-consulatu.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/lmdzxr03ek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bjwai.pagenowscale.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87f98d4b9c9845a0-LHR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Mon, 06 May 2024 14:10:07 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FsXcHsyPtA4ATcYOd8LiEF%2BblT4LK1T0fYQsYVK2JcKG6EmiC0N9U6goTx0p5N%2FB%2F2ehmnVUmEUTweZxSBrdE%2BRcCYNaPrz3g13XYZxz%2FlPQelnqC8GdqeXjkJdlhjQ4lCfUoPvDp47kSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
lmdzxr03ek
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/lmdzxr03ek
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/oldw7nlgzn?url=default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://bjwai.pagenowscale.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Mon, 06 May 2024 14:10:08 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uflfh%2BNK4I1%2FI19Xg4QPdvseZgBsVEdXvWDumbizryA%2BzVkw33vhHWmfYgCfIIBH3AUvckk4io9NKXmhrc7K9x48y69buQx3f63trlCrvl%2FRJ9c%2BCd3BErCe8fWBTsmgHu0XiBg8RlijQA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
87f98d5489c845a0-LHR
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| raw_prize_value function| formatPrizeValue function| initLiveJackpot string| currency function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes function| stepOne function| stepTwo function| stepThree function| spinsCount object| Livewire object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine object| $jackpot_display object| e

3 Cookies

Domain/Path Name / Value
fencinghilt.com/ Name: uid31
Value: 1178688699-20240506101004-437e75f32fdd1423f6f8660cbfd1840c-3837
bjwai.easyfitload.com/ Name: yredir_session
Value: eyJpdiI6IklVWk9TRVZlbzFYTjBhcTZwREQ3Qmc9PSIsInZhbHVlIjoiY0RpSXFYT3VvT1VuaEpjZ3dCSlU3TE9laGp4anl1am56YStBOTRGcWszbS9YUjdvczFzdlRHaUgwZVU2RkdxUnA3Q1U1OVJHV0dXQXdjQlN3Vk41ekp0RzRoUTluVmZaSmF0UkNWOFNHcm82Y3VLeW1GQ0lvdDVXdFc4ZG80cjAiLCJtYWMiOiI0ZjhmZDk2NmIzMzgxMGZmZTk3YTk2NTUxZTVkMGMwNGQ0MTE4OTc4MTZkOGYwYTRjNWY0NjA4OGUxZGU4NTc5IiwidGFnIjoiIn0%3D
bjwai.pagenowscale.com/ Name: yredir_session
Value: eyJpdiI6IjVEdWJwZGkwdVlhMW04c00xcjBlUFE9PSIsInZhbHVlIjoiY25QTU4xZnVseENHNE1BVHJyT21tTFNMUXpZOVJnUTdNbUJnWXBGN1VLUFBiYklGZ3N0eERiL0t3RFBicFRmVVpMZFpKNGVDYTRpZk9DMkFHMjIyYXhKVTFnZm4vU05IeXc2eTlXYWlUVUMxTGQ0MGlxYzRsZklrNWk1WEl1WlgiLCJtYWMiOiI1ODU4Yzc4NTY0ZDFlNjNkMjVhYjhkZmI0OTk5ZGU1M2Q3YTY5YTk2MjJhODMwNGNiODMzNzcwYzc1MTVmN2E0IiwidGFnIjoiIn0%3D

1 Console Messages

Source Level URL
Text
other error URL: https://bjwai.pagenowscale.com/t/8f0d93c8664e/568b822e-0bb2-11ef-93b9-27f8912bf787/5694fbb0-0bb2-11ef-a189-153913d909ee
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bjwai.easyfitload.com
bjwai.pagenowscale.com
code.jquery.com
event.trk-consulatu.com
fencinghilt.com
fonts.googleapis.com
fonts.gstatic.com
mobile.darryring.com
trk-consulatu.com
185.164.136.157
188.114.96.3
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
2a04:4e42:600::649
45.139.123.157
79.133.41.53
2a020670608060e8f05776815edaa0696f1dd553545ee49946e24be7741433f5
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
4faf4233cf733992896569fdadc8b1da921b707ff034475ddc27bdd173c4af5c
677aebad5741b57c1a3a51f8a65cd295a7aae1d656958313a882ef199f046418
69fab56309998e57de719709a4269b99d679a79893235b187d0aa5d659f0c961
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
ada8eb4421bf605c058c123aa95bd5e4590b4507c68809f563c921e4db31ea8a
b3abc7d062dd918279e7cc25483bd8a070bde5437eb94be4eeec1009f561160b
b9e962e0f9810e278130875315423d3205bbe90b01a19137b738d378ddda7bad
bc50750cd41cbabc77efc8143fb1b210c983a23e5c954b65b02562958b922e63
bc70b894f68762d4351c7bdadc128ea1b61e1b1609adb10bfdb9121cade81600
bd03836c50a13a9d0c5868a5656f4112f69909cc52c50ca21de772da164e13a2
bdc936e847facab60f4b4a9153dc8145ebccdeca49becc4cd684e007cd0459ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f0f1ed7dc0be3de39aa360132540893e3d9ebbcb3a94d0f569c24ec6271b3602