www.rainbowspins.com Open in urlscan Pro
104.21.32.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.confirm.gettestkeep.email/28193~53492_1_gGwwyZTZ/
Effective URL:
https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Submission: On May 04 via manual (May 4th 2021, 7:41:13 am UTC) from IN

Summary HTTP 77 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 77 HTTP transactions. The main IP is 104.21.32.74, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rainbowspins.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2020. Valid for: a year.

This is the only time www.rainbowspins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	88.208.246.154 88.208.246.154	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1 1	2606:4700:303... 2606:4700:3034::ac43:aa3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	104.21.32.74 104.21.32.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.250.209.97 3.250.209.97	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.21.100 13.32.21.100	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2 6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
77	12

2 88.208.246.154 (United Kingdom) 2 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: server88-208-246-154.live-servers.net

t.confirm.gettestkeep.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trem.confirm.gettestkeep.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:aa3d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

partner.jumpmanaffiliates.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 104.21.32.74 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rainbowspins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.250.209.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: webservices.securetrading.net

webservices.securetrading.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-100.fra56.r.cloudfront.net

cdn.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	rainbowspins.com www.rainbowspins.com	7 MB
6	facebook.com 2 redirects www.facebook.com	805 B
4	facebook.net connect.facebook.net	241 KB
4	typekit.net use.typekit.net p.typekit.net	76 KB
2	atdmt.com cx.atdmt.com	926 B
2	gstatic.com fonts.gstatic.com	29 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
2	gettestkeep.email 2 redirects t.confirm.gettestkeep.email trem.confirm.gettestkeep.email	884 B
1	webpu.sh cdn.webpu.sh	38 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	securetrading.net webservices.securetrading.net	224 KB
1	jumpmanaffiliates.co.uk 1 redirects partner.jumpmanaffiliates.co.uk	727 B
77	12

	Domain	Requested by
56	www.rainbowspins.com	www.rainbowspins.com
6	www.facebook.com	2 redirects www.rainbowspins.com
4	connect.facebook.net	www.rainbowspins.com connect.facebook.net
3	use.typekit.net	www.rainbowspins.com use.typekit.net
2	cx.atdmt.com
2	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	ajax.googleapis.com
1	cdn.webpu.sh	www.rainbowspins.com
1	cdn.jsdelivr.net	www.rainbowspins.com
1	ajax.googleapis.com	www.rainbowspins.com
1	webservices.securetrading.net	www.rainbowspins.com
1	partner.jumpmanaffiliates.co.uk	1 redirects
1	trem.confirm.gettestkeep.email	1 redirects
1	t.confirm.gettestkeep.email	1 redirects
77	15

This site contains links to these domains. Also see Links.

Domain
www.jumpmanaffiliates.co.uk
www.begambleaware.org
www.gamblingcontrol.org
registers.gamblingcommission.gov.uk
www.gamstop.co.uk
www.gamcare.org.uk
www.jumpmangaming.com
www.facebook.com
www.jumpmancares.co.uk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
webservices.securetrading.net GeoTrust RSA CA 2018	`2021-04-23` - `2022-04-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-03-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
cdn.webpu.sh Amazon	`2021-01-19` - `2022-02-17`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-03-26` - `2021-06-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Frame ID: A85134737CF17D4243CF4A1AFCF57CAB
Requests: 77 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://t.confirm.gettestkeep.email/28193~53492_1_gGwwyZTZ/ HTTP 302
http://trem.confirm.gettestkeep.email/?uid=48261975&emailid=216316&out=https%3a%2f%2fpartner.jumpmanaffiliates.co.... HTTP 302
https://partner.jumpmanaffiliates.co.uk/link/27195.tpoxemail HTTP 302
https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

77
Requests

100 %
HTTPS

71 %
IPv6

12
Domains

15
Subdomains

12
IPs

4
Countries

7360 kB
Transfer

9316 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.jumpmanaffiliates.co.uk/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/

Search URL Search Domain Scan URL

URL: https://www.gamblingcontrol.org/

Search URL Search Domain Scan URL

URL: https://registers.gamblingcommission.gov.uk/39175

Search URL Search Domain Scan URL

URL: https://www.gamstop.co.uk/

Search URL Search Domain Scan URL

URL: https://www.gamcare.org.uk/news-and-blog/news/national-gambling-helpline-reaccredited-by-helplines-partnership/

Search URL Search Domain Scan URL

URL: https://www.jumpmangaming.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RainbowSpins

Search URL Search Domain Scan URL

URL: http://www.jumpmancares.co.uk/
Title: www.jumpmancares.co.uk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.confirm.gettestkeep.email/28193~53492_1_gGwwyZTZ/ HTTP 302
http://trem.confirm.gettestkeep.email/?uid=48261975&emailid=216316&out=https%3a%2f%2fpartner.jumpmanaffiliates.co.uk%2flink%2f27195.tpoxemail&li=0 HTTP 302
https://partner.jumpmanaffiliates.co.uk/link/27195.tpoxemail HTTP 302
https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://www.facebook.com/tr/?id=661274090587857&ev=Microdata&dl=https%3A%2F%2Fwww.rainbowspins.com%2F%3Fjtag%3Da_27195b_tpoxemailc_&rl=&if=false&ts=1620114042416&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Rainbow%20Spins%20%7COpen%20the%20Pot%20of%20Gold%20for%20up%20to%20500%20Free%20Spins%22%2C%22meta%3Adescription%22%3A%22Check%20out%20our%20welcome%20offer%20here%20at%2C%20Rainbow%20Spins.%20Where%20will%20the%20Rainbow%20take%20you%3F%20Join%20Now%20and%20deposit%20just%20%C2%A310%2B%20to%20open%20your%20Pot%20of%20Gold%20and%20win%20up%20to%20500%20Free%20Spins!%22%2C%22meta%3Akeywords%22%3A%22%20Pot%20of%20Gold%2C%20Welcome%20Offers%2C%20Free%20Spins%2C%20Rewards%2C%20Online%20Slots%2C%20Rainbow%20Spins%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.rainbowspins.com%2Fthemes%2Fdefault%2Fog-image.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620114041913.2004627348&it=1620114041451&coo=false&es=automatic&tm=3&exp=l0&rqm=GET HTTP 302
https://cx.atdmt.com/?c=7534386220643856372&f=AYwZmU6Cz3UAJsI_Ut4tHoPlghnscKP5pqSq7o1DetVEVWyOY4qYuhwMJpzOZiWJcNYfV5Nsqnj4FFaMHgbF58A9&id=661274090587857&l=3&v=0

Request Chain 74

https://www.facebook.com/tr/?id=2489073448009579&ev=Microdata&dl=https%3A%2F%2Fwww.rainbowspins.com%2F%3Fjtag%3Da_27195b_tpoxemailc_&rl=&if=false&ts=1620114042418&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Rainbow%20Spins%20%7COpen%20the%20Pot%20of%20Gold%20for%20up%20to%20500%20Free%20Spins%22%2C%22meta%3Adescription%22%3A%22Check%20out%20our%20welcome%20offer%20here%20at%2C%20Rainbow%20Spins.%20Where%20will%20the%20Rainbow%20take%20you%3F%20Join%20Now%20and%20deposit%20just%20%C2%A310%2B%20to%20open%20your%20Pot%20of%20Gold%20and%20win%20up%20to%20500%20Free%20Spins!%22%2C%22meta%3Akeywords%22%3A%22%20Pot%20of%20Gold%2C%20Welcome%20Offers%2C%20Free%20Spins%2C%20Rewards%2C%20Online%20Slots%2C%20Rainbow%20Spins%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.rainbowspins.com%2Fthemes%2Fdefault%2Fog-image.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620114041913.2004627348&it=1620114041451&coo=false&es=automatic&tm=3&exp=l0&rqm=GET HTTP 302
https://cx.atdmt.com/?c=7837055600865028651&f=AYzMdmkEBnvGQDg3lGVmnXdRB13CHL3LgvrNgB4xyFcKqGfT6jEAoOZRygLDrMJJehYDAKLQ_-k7jbpKMa6VjzOT&id=2489073448009579&l=3&v=0

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rainbowspins.com/
Redirect Chain

http://t.confirm.gettestkeep.email/28193~53492_1_gGwwyZTZ/
http://trem.confirm.gettestkeep.email/?uid=48261975&emailid=216316&out=https%3a%2f%2fpartner.jumpmanaffiliates.co.uk%2flink%2f27195.tpoxemail&li=0
https://partner.jumpmanaffiliates.co.uk/link/27195.tpoxemail
https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

39 KB
7 KB

381ms
332ms

Document
text/html

104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d88cfdafd6f9b1fca14f30ecf5d18ae3d102d73ba8e5b5cea60564251a7c91

Request headers

:method: GET
:authority: www.rainbowspins.com
:scheme: https
:path: /?jtag=a_27195b_tpoxemailc_
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; expires=Thu, 03-Jun-21 07:40:40 GMT; path=/; domain=.rainbowspins.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; path=/ affiliate=none; expires=Thu, 03-Jun-2021 07:40:40 GMT; Max-Age=2592000; path=/ jtag=a_27195b_tpoxemailc_; expires=Thu, 03-Jun-2021 07:40:40 GMT; Max-Age=2592000; path=/ xpush=1; expires=Wed, 05-May-2021 07:40:40 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 09d7eb7fd60000fa643fbe1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TS3aHb7c8tJPjtNKkHJFGt60nFSXITOcovzZs%2BTY0YSTcB5WwbRv9f7Bi9ZpJlJ2Pq4SeoELlLVK%2BMuz2FZ%2BLd7Wuoj%2BAeJ2dHwKn0oRsYu7WBzveQ%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a01512fd94fa64-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 04 May 2021 07:40:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc863bef018bf6c3010324f8e221342011620114040; expires=Thu, 03-Jun-21 07:40:40 GMT; path=/; domain=.jumpmanaffiliates.co.uk; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.0.27
location: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
cf-cache-status: DYNAMIC
cf-request-id: 09d7eb7dca00002b1210a2c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QRB985kCZLe6MZ7h30kG22%2F%2FPvBNRfGJqXzJfnWCosbdIiBB3n15F3H3lTk03E%2Fq56mcDDxbkjbeGxIO%2F8yqPVCdJingqLeDmrDHUns1YN0ytpADR1Aw2GhF3qSrorznYbzZOkl9h9WTcQX4"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64a0150faedf2b12-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK st.js Show response
webservices.securetrading.net/js/v3/ 784 KB
224 KB 108ms
41ms Script
application/javascript 3.250.209.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://webservices.securetrading.net/js/v3/st.js

Requested by

Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.250.209.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

webservices.securetrading.net

Software

Apache /

Resource Hash

c04f11bbad412b4ffa30ff8920344c9b23a625fb99c69851ca4afd75393bda69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 07:40:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 30 Mar 2021 13:21:33 GMT
Server: Apache
ETag: "c3f6b-5bec0e0889f6e-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript
Cache-control: max-age=300
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200

GET
H3-29 200 styles.css
www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/ 306 KB
45 KB 58ms
36ms Stylesheet
text/css 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ce0e380aa9b53740064d03d0d6f9ffe67041dad5ecaa4391fe9d4cc2b90f5e

Request headers

:path: /styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 489563
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d7eb81450000fa200bb30000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RAzeULXuyP8K7sbQuObnma9lmCX6H4ubB3KaOpzQj3J54lUjcN193voMR%2FhO%2B4EaF1noCwxXx9HLkyqGa377Lin9aNIe%2B%2BEXGqTL0jeYrqJbEmvODA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css;charset=UTF-8
cache-control: max-age=2678400
cf-ray: 64a015153be6fa20-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 scripts.js Show response
www.rainbowspins.com/scripts/20200626/ 147 KB
41 KB 136ms
115ms Script
application/javascript 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rainbowspins.com/scripts/20200626/scripts.js?20210225
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9013a78091b4037416f90427337c1055e658441cd96f38d854edd1a55f57d84a

Request headers

:path: /scripts/20200626/scripts.js?20210225
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 30 Apr 2021 08:34:47 GMT
server: cloudflare
etag: W/"24c9c-5c12c7c13e0d7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N%2FpIoUbMD0lno1uFIapm5Nk8gFjpRPUhaufvfQnvbHN4d742ZjeuXJD%2Fe%2BFVkMjo03%2FFUVIWhoYZE3w%2FJ2DrGdCWLGufn%2Bnitg2bd3%2FI7iCdjOoLCg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 64a015153be2fa20-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d7eb81440000fa20fca83000000001

GET
H3-29 200 global_scripts.js Show response
www.rainbowspins.com/images/external/theme/ 33 KB
8 KB 212ms
191ms Script
text/javascript 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rainbowspins.com/images/external/theme/global_scripts.js?6086cd9422cb6
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1469a1154702681c57929c83661b63d3e689f75b65c514cb1bc9b44a02f1c6

Request headers

:path: /images/external/theme/global_scripts.js?6086cd9422cb6
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: AMS54-C1
cf-ray: 64a015153bdefa20-AMS
x-cache: RefreshHit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d7eb81440000fa20d62d8000000001
last-modified: Wed, 28 Apr 2021 14:42:03 GMT
server: cloudflare
etag: W/"6cf5e708042bd7b38c197d193fd3df52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lwc0zt%2Bex%2FDhfgFObZyNiEbj0Bj%2FkWXFSVkTfA9cQPdt%2FHC7xwh%2FymuV2YRy7TCPo%2B6hb6cI7KHU%2BUVXevu9eKeVrymlVjJVFQ1Hmm6C2FTi5p5UHg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: ggt27Otm_vN.vcWIo9wAHox37h5bcBY1
cache-control: max-age=2678400
content-type: text/javascript
x-amz-cf-id: C7rCkMCQ-TV2tIoROi6_ZtvPm9GfwOTdsMvDze3aiagamHRJt8uBcw==

GET
H3-29 200 be-gamble-aware.png
www.rainbowspins.com/images/external/theme/ 2 KB
3 KB 107ms
102ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/theme/be-gamble-aware.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf74fced7954067b99fce98825c17b1b48369ce2c04203eb2825d0516ea4b29

Request headers

:path: /images/external/theme/be-gamble-aware.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 3fcabc15a7f22952dcacfedd3d2b6a15.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2060
cf-request-id: 09d7eb820b0000fa209baac000000001
last-modified: Thu, 15 Apr 2021 15:57:05 GMT
server: cloudflare
etag: "f4099b90b754efd24db5777fd4d56d41"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QiDjETktZWd01kh%2F8JEE9wZ3q%2Bij7C%2FjiBFReOGhAAwy96RLw0pP7Oz4kdloSstOeewxsjJ%2BhuweqG3xjhSXPGutR%2BpGUL6wQeztY6wicfMZDDXKGw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: KMZC1wfsXinv96yk8dww2qi7Um9P.Pxv
accept-ranges: bytes
cf-ray: 64a015167ddefa20-AMS
x-amz-cf-id: qE9Rq2BZDohIBgYnpCBswTsB76I-7ylFVy5nEWlbtqquM-51TDoGcQ==

GET
H3-29 200 index-background5.png
www.rainbowspins.com/themes/default/ 170 KB
171 KB 480ms
475ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/index-background5.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5726764f4276da72e521d8239a29c78497a71c66ea06e392dc8369b34acd1d59

Request headers

:path: /themes/default/index-background5.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 20e9cd7a84a4b4e0dce285f587c43f9b.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174258
cf-request-id: 09d7eb820f0000fa20deb38000000001
last-modified: Wed, 21 Apr 2021 15:35:32 GMT
server: cloudflare
etag: "06261ebfa528ccee66b529ee3ec7dbf4"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QeMA2qoKTlU058cR45g9ZkKCYbpEvl7tCXcCLLj6YBIJ1PAYLfnyKMrGlYCTdIRwBuRFOd9DRgMM4EARFh3TkKPwEY6vBR1sqSU5lj7tpQMX2icmfQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: a1MrfPvvzMMb1ncOswGoFqJpOQFrI5m_
accept-ranges: bytes
cf-ray: 64a015167de0fa20-AMS
x-amz-cf-id: xUtsZEfrp8TXmEU9BG36XhzhThXxvZ2l8y_O_b3GUSVGsbO_K2Ej4Q==

GET
H3-29 200 index-background4.png
www.rainbowspins.com/themes/default/ 112 KB
113 KB 580ms
574ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/index-background4.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9bedb0c757215458e32afa5de69576e7411858da9f68099644bbecf7a7727c

Request headers

:path: /themes/default/index-background4.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 3c1b8c037c66c46a8ac162f1eef5d682.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114497
cf-request-id: 09d7eb820c0000fa20dfb24000000001
last-modified: Wed, 21 Apr 2021 15:35:32 GMT
server: cloudflare
etag: "0b3489c39c15ef623be52110a4ad6cd6"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yk1p2sVFQJM0aRDu145Ac6ueDUFGiNsnkxuSt9oEy7zbbX6LoELqOHF94ZDE4wy0S9GV1ApRTcmbr2PJ13ve9YYNjO2JBnKafB3uhtwP1%2B10YwtTdg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: kbCcWCrCxTdDO7XLoGmtktk8oQG6sl3b
accept-ranges: bytes
cf-ray: 64a015167de1fa20-AMS
x-amz-cf-id: G-SRx2T9HeECYZrvT3wMyMSHpR_36b5Zm_2Lbx7eULA88trR3Bi2FA==

GET
H3-29 200 index-background3.png
www.rainbowspins.com/themes/default/ 297 KB
298 KB 522ms
516ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/index-background3.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b20e38ba10d5741d9931c8423a35bd5612ca250d03ed33bd71906d839c87ca2b

Request headers

:path: /themes/default/index-background3.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 ead12ea8a5dacf72daa302814186069d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 303920
cf-request-id: 09d7eb820c0000fa200e134000000001
last-modified: Wed, 21 Apr 2021 15:35:32 GMT
server: cloudflare
etag: "226120a26828159e0a448b992faa4314"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D2OhPeCfut6xhv7puZbqC5GTZwCIJAJUWEiI%2FZCL7X1b6F3imC4S84dM3DrrgWCIbakGH%2B5qwdqPNpx8qL5LztcEi587SsmmnuJ6HIDg5F%2BVy1t%2BUQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: 1SMgK5cKVgdpdfuC2PupK99ImY5ojB_a
accept-ranges: bytes
cf-ray: 64a015167de2fa20-AMS
x-amz-cf-id: YMBnb7axKKUoGvAsuDV1vG1tvtu5F-sQgen1iyMtPcRGsp5PCdRigg==

GET
H3-29 200 index-background2.png
www.rainbowspins.com/themes/default/ 710 KB
711 KB 566ms
560ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/index-background2.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce2ded1122b88baf87acdfb93d3c3817bf8ef3df161f629d48f50e4482e611f

Request headers

:path: /themes/default/index-background2.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 bd29d18ddcad5397b0dff22184078bfc.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 726945
cf-request-id: 09d7eb820c0000fa2090b60000000001
last-modified: Wed, 21 Apr 2021 15:35:32 GMT
server: cloudflare
etag: "efa93055bae248fc652d980b3e357f9f"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9bmQ%2BFd2ODA275rckz%2Fu0Pk5sEmXydoOGmeFTus0pYQgq%2B4UcWwQHgMsAJFL6mU%2Fm2zdBslAAJfgyXRj5%2FXWeqxkxhyJZC04iKcytkfQHNwWJacUxg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: 0c2sgwZ.r0oxbq84GW3YJ_BBGkhYKO3S
accept-ranges: bytes
cf-ray: 64a015167de3fa20-AMS
x-amz-cf-id: -O66QCE13HebTbu-WkiYnzQBfg3QNkjqrxKG3YfSZSKKcnzJPtu2fg==

GET
H3-29 200 banner_desktop.png
www.rainbowspins.com/themes/default/ 1 MB
1 MB 215ms
209ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/banner_desktop.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4af944ea33211281027ac7089fe27e8fb204a0ece6d2927d59f785084b21ee4

Request headers

:path: /themes/default/banner_desktop.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 ead12ea8a5dacf72daa302814186069d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1089282
cf-request-id: 09d7eb820d0000fa20de2e7000000001
last-modified: Wed, 21 Apr 2021 15:35:32 GMT
server: cloudflare
etag: "677af43cd342934b238acf47a26879c2"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zVnaAduvPQmFY40xWEE85hQgIzvk7OvwL%2BvzK3GsH%2BchQPTDRa9nu%2BMb6GsFb7X0JMr0Mh0f909SkCRDKKpt6S%2BIH5JPQ6sVuaprJpntjx8Cpu2rDg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: 4rE505Z3etA820qUKqTusnEiieMk2xHt
accept-ranges: bytes
cf-ray: 64a015167de5fa20-AMS
x-amz-cf-id: tKYi0_KxwQrfQBbg67h9XUPUtx_ARpdL5NsK38xWmhik6kkz4CE25Q==

GET
H3-29 200 pot.png
www.rainbowspins.com/themes/default/ 53 KB
54 KB 649ms
644ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/pot.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 902eb34f5f59461187a9c94da62493a83261d7fc959687ca03500d1e74e2b008

Request headers

:path: /themes/default/pot.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 45e951df17063864957163fe2b8687d3.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54446
cf-request-id: 09d7eb82180000fa20f3902000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "bf6f69829d2c5225b6fbfe6d9f3d7270"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O1XrqPUqw0vaqu7Vv53xsF%2F5yitVM8%2FygUPJ1rop5PTtE44AbuZa3wfobNxxg5T8pgvkZm2ywNkWlwcjXkdcNJf0aCQE6Vl%2BDYyLuyyqzqbsl%2Bo%2BUg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: _6zqZj31nHRhSmyNlTdaJs2iDXm_.MAO
accept-ranges: bytes
cf-ray: 64a015167de6fa20-AMS
x-amz-cf-id: FIhSeA_wgMETD38qN9WQRsOKPkh6k-RKgaLUcSwrc6zH2nz6o8bo5w==

GET
H3-29 200 banner_mobile.png
www.rainbowspins.com/themes/default/ 555 KB
556 KB 419ms
414ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/banner_mobile.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27282ef6c45c6eeb6aced43d13943d4aae17d9e5cad11ea5d4c4f76e55c75aac

Request headers

:path: /themes/default/banner_mobile.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 d04998a67c7a3fb6819bd5fdd0bbe125.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: BRU50-C1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 568803
cf-request-id: 09d7eb820d0000fa20912e2000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "7366deca99c9f1aecb58bc83ef3ef9ea"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aGYzct%2FuCFfARHc1orT5PioHDV5cuV13Ax7mL65FKzoJStkxjkDw80slLkbqKku3pJJtFPdioIkLbAxqJklDyXopHcknJpVzJ9h21kd%2F660rru7q%2FQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: 2e0Kwc5qulJx1jFNDzieJxr36GS27KUP
accept-ranges: bytes
cf-ray: 64a015167de8fa20-AMS
x-amz-cf-id: eUaun71ZITMLHyHGbYCZLOn-VnNyYP4Ok2PtRDYwQxEmYAyjJitWsw==

GET
H3-29 200 index-background1.png
www.rainbowspins.com/themes/default/ 858 KB
859 KB 108ms
102ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/index-background1.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75528eb153c6bd280dd0587fd58ee4b7240590087c8a0e9da596a27c662c1d36

Request headers

:path: /themes/default/index-background1.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 26cdacf328fe4eb4e28173938ab3e92c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: AMS54-C1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 878501
cf-request-id: 09d7eb820e0000fa200f361000000001
last-modified: Wed, 21 Apr 2021 15:35:32 GMT
server: cloudflare
etag: "b0ae1dbddf04ab5a7f4fb12cf54a2518"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PUtAYZpQAAm9OMa2xSx0t4xvUkulHZsr3EwOfVGAXuIoGvSqSSk%2FhGb%2FgDwoyJHLsdztpElRBuQAFWEjbKWCzyPaBEWEOmgAuSw5x6tIHI%2B%2BueN8Xw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: QYWQ4CxB.2aswCEMPg_enXs7g8UnE86Z
accept-ranges: bytes
cf-ray: 64a015167deafa20-AMS
x-amz-cf-id: D_HP9tbqnlsGyqU8UzGNa1DMGmESfJXRL3j9XoY1xDatEcWiawQWug==

GET
H3-29 200 egyptiantombs.jpg
www.rainbowspins.com/images/external/slots/ 50 KB
50 KB 718ms
712ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/egyptiantombs.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498d4675c80a2b203efacceb6009e9b30a3b85ce2491720c6ee3e7eb47cb2f19

Request headers

:path: /images/external/slots/egyptiantombs.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 482990f98aff65458b264a5f9af710a2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: FCO50-C2
cf-ray: 64a015167decfa20-AMS
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50870
cf-request-id: 09d7eb82120000fa20cd172000000001
last-modified: Thu, 29 Apr 2021 09:45:24 GMT
server: cloudflare
etag: "b615d6d4cead3aca560930f476158ddd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FfaoLYq%2FiDSVNkcA7r2t4BbNv%2BHB6%2ByJBiCRds17NyeHaehWrSpiDbqQx2YyY6yOoibpsnhqXj23LvUxwy8rCeilloz3QxaYeffqQYyvCvBy8xCXmQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: 7Gseh8SVL3jp4hbtDS6b.Ubr2PLD10SY
cache-control: max-age=2678400
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: W8kMZ3al01pWGxtNawtHJLquD8ENmb99PvEBrrwxiQ8M79TMazRPuA==

GET
H3-29 200 slingocenturion.jpg
www.rainbowspins.com/images/external/slots/ 13 KB
14 KB 140ms
135ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/slingocenturion.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd02bb019ba06f3ba4a37241260630afb61d57ee5f3f0fbbf1909378d25329f2

Request headers

:path: /images/external/slots/slingocenturion.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: AMS54-C1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13215
cf-request-id: 09d7eb820e0000fa20f0983000000001
last-modified: Tue, 27 Apr 2021 12:05:45 GMT
server: cloudflare
etag: "b676f6d48c5d8ea3500df05519d00a95"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ouq8Qo7T3oXCvqdn%2Fk96X20sgmpAgqeI3OHs2xtHY3gEckQVPYG3qYCF%2FmCE3wwNkpdWaA8r%2BeuXATWHanejsbh9RU6PZKWfN5ZtjpeDa1hnfRsSXg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: ED6hPlPDGaKnfAShEBBE7zQl_7Hu20sl
accept-ranges: bytes
cf-ray: 64a015167deefa20-AMS
x-amz-cf-id: 0CDyJXVtUBhYGDKC6jMok4NUcuFqx1lGpYyWiEHliZJdnwReePfjog==

GET
H3-29 200 sloticon_fluffyfaves1.jpg
www.rainbowspins.com/images/external/slots/ 6 KB
7 KB 728ms
722ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/sloticon_fluffyfaves1.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc8f91f129ec947d6e9aa6ddf790bef3c00e9a17e5837c6ef093ec16dfa8e7fb

Request headers

:path: /images/external/slots/sloticon_fluffyfaves1.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 3c1b8c037c66c46a8ac162f1eef5d682.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6191
cf-request-id: 09d7eb820f0000fa20ea817000000001
last-modified: Tue, 27 Apr 2021 12:05:48 GMT
server: cloudflare
etag: "8900d244950b42959df1347f12cb2ea4"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yw%2FgvMW3%2F%2BvB3Y0BOKrXb4Jr3fRBzPn9T3yJWNxbVCbijRjUVVdLhO1huhYbbMTG%2FG5w5frwsHBb0m1mFybN599nQX%2FOxHAkD5dtv%2F4ltKjlMl2i9A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: njNXPCYfmz0Ut.wOhHzms1HnAcziwT9G
accept-ranges: bytes
cf-ray: 64a015167df0fa20-AMS
x-amz-cf-id: chRfy49sBtvzPMTM1d8DDJAEx8rGROHoFrZc5EKAQA8bbsGB_sy9Zw==

GET
H3-29 200 9blazingdiamonds.jpg
www.rainbowspins.com/images/external/slots/ 14 KB
15 KB 168ms
162ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/9blazingdiamonds.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8865786c814b3ec838755b01704709eaffbcf343a0aa924681ba10e22dc7a64c

Request headers

:path: /images/external/slots/9blazingdiamonds.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 eaf02c7c2410dbc30b47d1b4091ab004.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14720
cf-request-id: 09d7eb820f0000fa20c2925000000001
last-modified: Tue, 27 Apr 2021 12:04:52 GMT
server: cloudflare
etag: "7fe8da8d55bb2aad10f0ed5f841826ae"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QTGfj5reqbqXDI2N5Ongu6CV2Nd4nV7ciacTkUpmzI5eReGR1hkcuP749vYIlL8eoc9Eka0Blz7NgvQyssp8pO1vny9WMzfY40ogayYauC6xWNdNLQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: nRIAjR2TK8hCJkpFdGPFFjYlMTfJsq65
accept-ranges: bytes
cf-ray: 64a015167df5fa20-AMS
x-amz-cf-id: enK_7fX4_Z5fb6GuctesKGG4C2Gn-yIrUF1zG3BMAegxON3lmjIW8g==

GET
H3-29 200 9potsofgold.jpg
www.rainbowspins.com/images/external/slots/ 5 KB
6 KB 728ms
723ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/9potsofgold.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3b9e94a0d795c7e52311e0260100ec0d30adbb28031ca56a192b20380b760a

Request headers

:path: /images/external/slots/9potsofgold.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd1.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5172
cf-request-id: 09d7eb820f0000fa20b6959000000001
last-modified: Tue, 27 Apr 2021 12:04:52 GMT
server: cloudflare
etag: "39d523a5de10dead958b53a0beeee72d"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uTkEKU0nQZzMvd5RlEITdHfSDAYmQi7bnURkE%2FXed5Igjf%2FJ5eVvtWqOfewHZ%2Bomulq8enhlD3jdX2qSAnBRDMRq3SKaKCLAWMOPqc5KQmH2JzQBvw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: MPjUY5sWHenKv5Sgltu7i2ALb1CzR_ek
accept-ranges: bytes
cf-ray: 64a015167df7fa20-AMS
x-amz-cf-id: FeYwuKkUVzRuDWHAVw0zbZeJIvg6HS225H4s7aS0VeRQ0upiSB_a2Q==

GET
H3-29 200 9masksoffire.jpg
www.rainbowspins.com/images/external/slots/ 8 KB
8 KB 730ms
725ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/9masksoffire.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5731653387bb4fb4d50b61999cc07d347c39015dfcb96f557ca2b3589f2c08

Request headers

:path: /images/external/slots/9masksoffire.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 a875698e08bcdc7b13c04786dfe3a1ad.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7783
cf-request-id: 09d7eb82100000fa20a980e000000001
last-modified: Tue, 27 Apr 2021 12:04:52 GMT
server: cloudflare
etag: "4aa219d0ba122d3b3ecedcb70d02a13d"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9HCdVkwF5rIXx%2BIe1c1L5CjCvh%2Bc%2FjopdvteLiFxOWtnGRHEdiGPlzi5qkRHq8LuJi5eo8b6QvAA%2FfCwywqT50edGc4R8CO7rb2Qy%2Fjix0e2okhMfA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: epvD8PJM1FMfuXFC6E1keuqRRh4p8nIo
accept-ranges: bytes
cf-ray: 64a015167df9fa20-AMS
x-amz-cf-id: d3ERsBmLjWgVBV15YozUqRS_L3KpL6TsG1FpUeVmRx1ePD1oEQVPaA==

GET
H3-29 200 starburst2.jpg
www.rainbowspins.com/images/external/slots/ 4 KB
5 KB 730ms
725ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/starburst2.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a7db976e63edb09e5a09b2758df915d6a76fcfa757e9bfb407c0629144cfca

Request headers

:path: /images/external/slots/starburst2.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 547726f52324ef3a0c4ac01a3354e36a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4464
cf-request-id: 09d7eb82100000fa209e143000000001
last-modified: Tue, 27 Apr 2021 12:05:54 GMT
server: cloudflare
etag: "da7de6c6ab18db9c9c73404e99947d49"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NuHCjApKRztO1BPowV4zuyaoeVy3GuQRuKDPVHEe2KNpXEd90vl8ucW5qGP3hwbfqMI4YLK%2FpMPefoUZzBDT0QRGIa52Rt%2Bvo7WTHpEY9NikV%2FbxRg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: 6WPHV0CTT96gD.Qu1yrUlnQNRDP1zzoF
accept-ranges: bytes
cf-ray: 64a015167dfafa20-AMS
x-amz-cf-id: H_TI7yT_BjIPpCeWLVIPvpQqcsuEz4ge6v9ccvJDvO8QckhOFsM_7g==

GET
H3-29 200 jokersjewels.jpg
www.rainbowspins.com/images/external/slots/ 15 KB
16 KB 95ms
89ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/jokersjewels.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe1ab133ee2141b40df5c665b6238aed03fed370d27c8601458630146169b4a7

Request headers

:path: /images/external/slots/jokersjewels.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: AMS54-C1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15254
cf-request-id: 09d7eb82110000fa20ff2b5000000001
last-modified: Tue, 27 Apr 2021 12:05:31 GMT
server: cloudflare
etag: "14baf83033950666a6a989c001eb1c7d"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i2GQr56DRcrVzaUDFCgALsNF%2BpFU1ZpYMbSwDEmHJ9%2B0gVS4HY8WueoQ6UWZ64l%2B5TwsgOFMTb6HbIdYXyR0jrrGHG4OOOKhojE4ie3EiZdPEP9Iyw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: wlxVW.5ZexSLUml0PPi6QSp7hC29iigp
accept-ranges: bytes
cf-ray: 64a015167dfdfa20-AMS
x-amz-cf-id: o5kbrwR7Ulb3NkivCSBl9ki92q39S3zmKR0EcpJTacFmyBSUyo-yJw==

GET
H3-29 200 bigbassbonanza.jpg
www.rainbowspins.com/images/external/slots/ 45 KB
46 KB 169ms
164ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/bigbassbonanza.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2706510b45bca97526750b20d95b04054cec3d4b36d8b43439bd5b242ad5dd4c

Request headers

:path: /images/external/slots/bigbassbonanza.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 209eb3c6f1b9e1174696d24afc301619.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46385
cf-request-id: 09d7eb82110000fa20a105e000000001
last-modified: Tue, 27 Apr 2021 12:05:05 GMT
server: cloudflare
etag: "ea33a9374c58e340f5e95ba2b81b1559"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=icApWgmsCaZ7jJ5UBpGHRjg4z%2BLoYQOU3Pa48zCQ7M%2F6QDXzYhjsx2fMRpu7s2NQO19PwHLqnrhacPc3%2BSwluK3csmpS8P1tuXvE4YYhO9Dc%2FN%2FErg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: HjgSsalZLL68XMPGBION3jTUxqe8YeZr
accept-ranges: bytes
cf-ray: 64a015167e00fa20-AMS
x-amz-cf-id: -0oN4JM0k1csP-bdMfI0jWjvCFTOF4Ab6mwTbde6EruBnHgx-auE8Q==

GET
H3-29 200 fishinfrenzy1.jpg
www.rainbowspins.com/images/external/slots/ 6 KB
7 KB 230ms
224ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/fishinfrenzy1.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270b61edc864471f226e9482734b2f2ce9f89e9588374b464094c8a7619e5612

Request headers

:path: /images/external/slots/fishinfrenzy1.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 a875698e08bcdc7b13c04786dfe3a1ad.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6473
cf-request-id: 09d7eb82110000fa20d62e4000000001
last-modified: Tue, 27 Apr 2021 12:05:25 GMT
server: cloudflare
etag: "02b9499d20a1e2c34359252b0d3bd2bb"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rDO%2Bi4GczALWkZxcDoRRnbI9G%2BzmHCVIv08xd0dLrcSs7fOQJIlTgEHrBrO9gynmLlXWCiE%2B%2B5B%2BmnWUSgcf1CBgJku9pw1v288%2F5v9z0FhrSSmrcA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: TvfI0KGFaAFukULGPtfb1rXxCYoSQKQQ
accept-ranges: bytes
cf-ray: 64a015167e03fa20-AMS
x-amz-cf-id: Bs01YSMFn08-aLSrIuviV727G3RL3xADITQMiQCh6pJ9OlX_pF-iTw==

GET
H3-29 200 sloticon_mustang2.jpg
www.rainbowspins.com/images/external/slots/ 11 KB
11 KB 730ms
725ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/sloticon_mustang2.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830616713214951400028d3d495b84ade97a0029793a3ff0db873710c178a433

Request headers

:path: /images/external/slots/sloticon_mustang2.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 4b3bed207ec72204ebc89ae818e573ef.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: AMS54-C1
cf-ray: 64a015167e04fa20-AMS
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10844
cf-request-id: 09d7eb82120000fa20c9806000000001
last-modified: Thu, 29 Apr 2021 14:40:14 GMT
server: cloudflare
etag: "4a6b974dd3e53eb475323d68cdf40120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hLKv%2BEzq1B3GCnocL7zFSy8H0XPZx2fu4j4ZMLd9kOOC5g3iHMASZ2PRY1lV2uQ7I0DrYxG%2Bg9TUXxt7EBFQ9o9JkGtGC9flPDaPyLfq%2BKVTwpU9rQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: 9j9VN_2a8iNqfdv4qvbhIEX6hS9KVuau
cache-control: max-age=2678400
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: huz1V206VK4GEY8-jwgTvFwzYyMhWPldDUzMgZJ1HLKMWlKj1XOgZw==

GET
H3-29 200 LiveRoulette.jpg
www.rainbowspins.com/images/external/slots/ 5 KB
6 KB 230ms
225ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/LiveRoulette.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e64167f89877af0ee1ecfaea1cc93824818616df22a3bdd0ce0c44d26df1c98

Request headers

:path: /images/external/slots/LiveRoulette.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 3ba9c8c432edc6e444a1eb80907e1603.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5274
cf-request-id: 09d7eb82120000fa2098186000000001
last-modified: Tue, 27 Apr 2021 12:04:58 GMT
server: cloudflare
etag: "57936a86c3c3b843d7d90afcf6c45df9"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M6CfpZ4yG7yh07nUGdADBO5hq%2BZu6l8DtrCLSTOf0b97d0ULBaRyn%2FAFoTjbvkQlSEy3ZxBwzIVFppTxVNVcTzOjXmQfcbmee6X9l2%2BfEMNQkROw8Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: 1rGXGOLlXTOBO97cFAnkTHFgLMebQinM
accept-ranges: bytes
cf-ray: 64a015167e06fa20-AMS
x-amz-cf-id: qJzjToGajCnRj2pv4f2o6LQK3UntNIphvyWUcubvdvM1UF6rYYZtWw==

GET
H3-29 200 chilliheat.jpg
www.rainbowspins.com/images/external/slots/ 5 KB
5 KB 730ms
725ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/chilliheat.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fc333e02319f31657e541b35eb7933e5875e64509ed6016c6a680b4491be298

Request headers

:path: /images/external/slots/chilliheat.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 0e53369843ffff152c4f962eb3b91d2a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4765
cf-request-id: 09d7eb82170000fa20e3b72000000001
last-modified: Tue, 27 Apr 2021 12:05:09 GMT
server: cloudflare
etag: "5115b7419a292a52ac970c26abb15e0f"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jH1d67JDgiiS1rO%2FtFaC0IDUbUfJX9RAfb8i%2B6j20Qs3Bk4YYa%2FMhMlptxfKlAxtojfiJ7cisP8AU4oAS97WM6x30ozsLp1Ry9SDl27erXg3sTGneA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: jn9VnNxBepGLY5N9P92_uq5gWLeS8eGN
accept-ranges: bytes
cf-ray: 64a015167e09fa20-AMS
x-amz-cf-id: Njj3WaB-U-PyLC6nvScMxjufJx9U5P9YRreeeVvQtSRihTde1WhSnw==

GET
H3-29 200 picknmix1.jpg
www.rainbowspins.com/images/external/slots/ 8 KB
9 KB 230ms
225ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/picknmix1.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d97791fa7b964dcda1d0fd660d1f37651fd0738907f855fea3ab0f9d929c8502

Request headers

:path: /images/external/slots/picknmix1.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 6c183700546a331def0de99cb43d1575.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8212
cf-request-id: 09d7eb82130000fa20dfb25000000001
last-modified: Tue, 27 Apr 2021 12:05:38 GMT
server: cloudflare
etag: "0c3710e83fa4d0bf1225421dbcef87a4"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KjfUHReiSxfkvvyoC4kD8INp4ndp1aOFK4INxP76Hm3reh8hSAOjTkLdYMs0bcQEQ3pE1OqKKell%2BlgKwdF51%2BGaWfLy6Oy2O8MVbOTeWsRI3psW9w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: .4u3BpVjkyzYGBz4sig6Ci51CkYdStkO
accept-ranges: bytes
cf-ray: 64a015167e0afa20-AMS
x-amz-cf-id: JZl4iJbyIVEhFOx58w3uLLOd870WynTSGdC030Af8glc0CKVbhR2FA==

GET
H3-29 200 wildwildriches1.jpg
www.rainbowspins.com/images/external/slots/ 45 KB
46 KB 190ms
185ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/wildwildriches1.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174d572d272f6cd6fef7712775b3a1784bc1d802c5cfd4e95778dfdbf7689261

Request headers

:path: /images/external/slots/wildwildriches1.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 c418ea866520d52fb3d0a50002762664.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46131
cf-request-id: 09d7eb82130000fa20fda87000000001
last-modified: Tue, 27 Apr 2021 12:06:02 GMT
server: cloudflare
etag: "465e43e11805357629309d52984ba6b6"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ioEfqs2riOfsiltjgptu7x0utDq40YTAoK9vkX1I7mr%2Fg7Hqr5LMX3kmOtVboMy6R7%2FwLm60atRvSePI6g1gr1WWhIt4ganATVMXlM64E2zIuwr59Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: hPXQONqwCUP.REVZ3eLDNAOIsnWVaoMM
accept-ranges: bytes
cf-ray: 64a015167e0cfa20-AMS
x-amz-cf-id: OdJ8EeHR2dgouH8GWuThfXAj58cAFJfds6wixEr-O1lDi0UNMCS_NQ==

GET
H3-29 200 tile_atlantisrisingexclusive1.jpg
www.rainbowspins.com/images/external/slots/ 43 KB
44 KB 730ms
725ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/tile_atlantisrisingexclusive1.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22271efeec902b731fa3953bc473cf51f95d0b1124dee1402916cdbff8991315

Request headers

:path: /images/external/slots/tile_atlantisrisingexclusive1.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 46995dbb32c21ed78ce62750e1ea963a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: FCO50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43851
cf-request-id: 09d7eb82130000fa20ab2c8000000001
last-modified: Tue, 27 Apr 2021 12:05:57 GMT
server: cloudflare
etag: "145cdb1713086c970b1681c5fe8be9bc"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5HlGCdntL5xS8JtKpgB2sP%2BQBvUTvnQzQlCyCsVoNDmJHsOrf4L7aJhwYSwLo6seB7RH65VeIlODZV7hggGWaffFA3sL5nRaIynr2dY3OVCle2jesw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: EWFjHpE3FEgqxxkyLcq8Z6g0UMR_w00i
accept-ranges: bytes
cf-ray: 64a015167e0efa20-AMS
x-amz-cf-id: OK6ozUJv4b9qiYCxvqxWqnuMcTMYorCEAUScKRYCUycLtCjCnE3aiw==

GET
H3-29 200 gcfs.jpg
www.rainbowspins.com/images/external/slots/ 13 KB
14 KB 733ms
728ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/gcfs.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e39cc0e93dbfe522220fe5e3aed1860c75ff2db6c1c2bf2222547db05d37a7

Request headers

:path: /images/external/slots/gcfs.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13681
cf-request-id: 09d7eb82140000fa2090b61000000001
last-modified: Tue, 27 Apr 2021 12:05:27 GMT
server: cloudflare
etag: "674bcd3d5b0b82ad2884b182681cbd6d"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=14nTiX3behFU2RYjt8nPA0AiEsqE5Xs49yPiRk42NBcz3jvxfdmVJXDQgPR64r4k9nieeibVYMy%2FI5pA9IFw5HfPR95ng0Xybm6o5KQmJX7FBCW7Ag%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: gkxhjukorW778quUp.aOlRU342asgx5k
accept-ranges: bytes
cf-ray: 64a015167e0ffa20-AMS
x-amz-cf-id: o-_DV-QdPicnXBXwYRje5JrNRXyvU2r_B5sNsnkFDvk3AuNOG6pnxw==

GET
H3-29 200 sloticon_rainbowriches_friendly.jpg
www.rainbowspins.com/images/external/slots/ 8 KB
9 KB 737ms
732ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/sloticon_rainbowriches_friendly.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 104418a26fd68c56740f87b590e2e4200bce996a15b177b32127d8e8f0a696fb

Request headers

:path: /images/external/slots/sloticon_rainbowriches_friendly.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 dde62003552e800310ee1980113eedb4.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8388
cf-request-id: 09d7eb82140000fa2094331000000001
last-modified: Tue, 27 Apr 2021 12:05:50 GMT
server: cloudflare
etag: "bd33f029b9d685b6bea03d498c8a7367"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FxBlFxKnj7xmK66qCLsor65SgRLeoDVR98Qj%2FE4bcRtaSIsbgy2ZRyMLZ0OAoH99kj1%2FxCMjo6YuQwJq3rCpqXSdTWfq8rJeCV65MEB34GwPhXHmMg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: ryeZRoE3_8YVzI4cF.OjjBTpcSOXlHNo
accept-ranges: bytes
cf-ray: 64a015167e11fa20-AMS
x-amz-cf-id: hUh-ONWL_Yvp81K9abvs-T4CohVeW63Su21k5oAMucJeOuzwL0OeQw==

GET
H3-29 200 fishinfrenzy.jpg
www.rainbowspins.com/images/external/slots/ 7 KB
8 KB 230ms
225ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/fishinfrenzy.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2f86c0d9b6f4a3750172c1821bf4235a85daddce9c44f9a5f54348a4938df4

Request headers

:path: /images/external/slots/fishinfrenzy.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 add50c826a69b24be8ba05da744b9204.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7518
cf-request-id: 09d7eb82140000fa20d3959000000001
last-modified: Tue, 27 Apr 2021 12:05:25 GMT
server: cloudflare
etag: "53c01f3b3b63fb7a0b6eb28aa19c57a1"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aoNjHguGkQoGQN4PnygYNi3bkB50uZSIT%2BF5kB9%2F8HzrHWE67fJlsGdU%2Bg8lWZYzDmo9NwXf5jdiadTHatVQR0BB1liYx%2BnapSUFQbqI5fhP2XMf6A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: llCuj4M.w4wkVZSkNjCJ9mOe07zcn9.u
accept-ranges: bytes
cf-ray: 64a015167e12fa20-AMS
x-amz-cf-id: h26dw4zilEOllNNuO83ebX7HQt1FwkAHzdccY6kRAKmr-WA7hQ0oTw==

GET
H3-29 200 SaharaRiches.jpg
www.rainbowspins.com/images/external/slots/ 39 KB
40 KB 738ms
734ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/SaharaRiches.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1308006c9c8a4276db4dcbcb91bce638a1ebdb9732bd2e783e766c84aeedb11a

Request headers

:path: /images/external/slots/SaharaRiches.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 3ba9c8c432edc6e444a1eb80907e1603.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40040
cf-request-id: 09d7eb82150000fa20f8032000000001
last-modified: Tue, 27 Apr 2021 12:05:00 GMT
server: cloudflare
etag: "8045361850706e6201b4ba38f0d622a4"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Bu%2BDZD7adeifHaRjL41zIM5NLmDgflTwaMC%2FVsbXC9uyx5gtMpX3atiBtEEGDsoekMacFl%2BJ4a7Wzxf9wNEBeteIR%2Fjgao02btxMXtgdH02PpU75A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: PrB.lZyI_qsJpa6pJE2fd4fdpQuAwZhg
accept-ranges: bytes
cf-ray: 64a015167e13fa20-AMS
x-amz-cf-id: KCsUk1fzbctTmDXwz9r14uUILHCkOQNnrQM5LSuSkDdSST-mj1BUfA==

GET
H3-29 200 mega1.jpg
www.rainbowspins.com/images/external/slots/ 14 KB
14 KB 739ms
734ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/mega1.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7637661e1e8d313263f94f70e3643fe7ab22e9df1a070bd5a2e1c583535351a

Request headers

:path: /images/external/slots/mega1.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 f44b0401aa25ee4759a1c3f13a10909b.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13866
cf-request-id: 09d7eb82150000fa200f362000000001
last-modified: Tue, 27 Apr 2021 12:05:34 GMT
server: cloudflare
etag: "7e94879f9315bb86813a092a49a32452"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q9LjH%2F0%2B02xnx1JAyVAe3nkyzIHwPlE8SEKhoRFmNw5i5l1pma0XwD2edK1vu%2BdoLHI%2BecqEtnEssxcPpD%2FI9TSl7dYgZ7qiY293VxyKl7B8l5wF9g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: xtyhHWxYtk56pafeiefu9_Te3hAlyST7
accept-ranges: bytes
cf-ray: 64a015167e15fa20-AMS
x-amz-cf-id: 6IllhboUKsb_d9PFrGStJs7M_0Ldp5t1iGxtzBJEP1PXijLzJkDOPQ==

GET
H3-29 200 irishpotluck1.jpg
www.rainbowspins.com/images/external/slots/ 38 KB
38 KB 743ms
739ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/irishpotluck1.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236c9143b04c3463b8e248d127c344bddd3079c9cfe3c11242aa2f42f7cedc3a

Request headers

:path: /images/external/slots/irishpotluck1.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 06ede6e80e9cd4fa59b8d9b8a98391a8.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38462
cf-request-id: 09d7eb82160000fa20ab96c000000001
last-modified: Tue, 27 Apr 2021 12:05:29 GMT
server: cloudflare
etag: "cc07db8e9bf01a13a72aa3b3c1da50ea"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZAdHW61poTTuOxmGrFOnMFBHF6JWzYckXPNyVbdOoS7hWS0kO1aDdtkw%2FRDM7l%2Be6nyIHqULrUHHlWOtGZMGbwHWhJMMbugN%2FA4cZ%2Fze0eaZLRSh4A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: luxZRjTd4Mo._SI8P7A79Q4FwH_L0Ygl
accept-ranges: bytes
cf-ray: 64a015167e16fa20-AMS
x-amz-cf-id: IkHjJaZIo1lazsmn36AWPDqbRYZS2YCzKJFHA-WRQSfBupFDvTshmA==

GET
H3-29 200 sloticon_fluffytoo_neutral1.jpg
www.rainbowspins.com/images/external/slots/ 5 KB
5 KB 231ms
226ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/sloticon_fluffytoo_neutral1.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4615c5662d351b384a5f8b6d2624c1aa07a5843035bb33bd0f418c3f724edec

Request headers

:path: /images/external/slots/sloticon_fluffytoo_neutral1.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: AMS54-C1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4666
cf-request-id: 09d7eb82160000fa20de2e8000000001
last-modified: Tue, 27 Apr 2021 12:05:48 GMT
server: cloudflare
etag: "81a677d7420a2727e28afc821d91d67f"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zorMDwLsejKtSv0eDoIGYvMVXyKvqs5i%2F3YxlrHoMkffJcsdlW4aRDmH%2FBJDYTT%2B6naQ8VuzDK5gkKyPdXnwnLUFQNSp6ChWeWB2paKTM2L0gfbiNA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: 7krPSduck6OnsU0ZwyDgU0LrwoWGssPr
accept-ranges: bytes
cf-ray: 64a015167e19fa20-AMS
x-amz-cf-id: ZbBjAHrTkeP--8v8diha6hGB9lzuzMuT11gAIQIrdxMwbAynGySdJA==

GET
H3-29 200 Actionbank.jpg
www.rainbowspins.com/images/external/slots/ 5 KB
6 KB 744ms
740ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/slots/Actionbank.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb084d808d7af85f57540658702f3681c33f2582570e6460ad4e787439d03a3c

Request headers

:path: /images/external/slots/Actionbank.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 5ffe5df2b6c8f15be82e79251546b54a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5363
cf-request-id: 09d7eb82160000fa20d895d000000001
last-modified: Tue, 27 Apr 2021 12:04:52 GMT
server: cloudflare
etag: "67cd46e5e826ecb856c80d62f15192bb"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jcs15w%2FMDFhLKUbVsp1eXresAQY4Cwq02pCXsbipVp6Wselv6yqAUyXEVjPSY856XHn3ESkdCeidcqzGh3wSHHBGe4WumE5U17TUkJZi8K2tYlk4vA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: s17MTbPdzUn_mNKzKbhrny2PuBR5S25U
accept-ranges: bytes
cf-ray: 64a015167e1cfa20-AMS
x-amz-cf-id: l2JtQYW0MQzYf6pqr7wOWTkzAQMEMNC5INA0hCe1-5yM76xdzU4RGw==

GET
H3-29 200 xpush.js Show response
www.rainbowspins.com/shared_files/ 353 KB
102 KB 147ms
146ms Script
application/javascript 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rainbowspins.com/shared_files/xpush.js?20180323
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81581f8e0dbbe4eb44007ac511b199d0a8256c655a46c5268ca8b6e8db7f4bf4

Request headers

:path: /shared_files/xpush.js?20180323
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 30 Apr 2021 08:34:47 GMT
server: cloudflare
etag: W/"5853d-5c12c7c144e39-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dpeQF8%2FV216oXlXsuMIMmHVygxlnWAqw7DH8kUwLAWUn1Q%2BrWshSoR34FquwKmgJTHQDw20SQX6vK%2BCrB7rXr01GZJ3gdyzUWi7nR8oE4XskguhTsw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2678400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 64a015166dc7fa20-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d7eb82050000fa20d3957000000001

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 13:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150820
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 13:47:01 GMT

GET
H2 200 qrb3efc.css
use.typekit.net/ 2 KB
866 B 139ms
120ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/qrb3efc.css

Requested by

Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

41b0a1fa1d0fa40d1619137985461adf83085141b96b00d001cc0b6fee16f7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 04 May 2021 07:40:41 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 634

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ 2 KB
1 KB 25ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31233
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1062
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
x-served-by: cache-fra19138-FRA
date: Tue, 04 May 2021 07:40:41 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 12ms
4ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: eKRJ6xrwZiWrSfoy1SdZY4jA4kvd7qOHJtf8qcB/3KYRf8QzvLGZkhLpehTaBMehJniBtlRu54CVgvOdAV35Zw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 04 May 2021 07:40:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 background.png
www.rainbowspins.com/themes/default/ 1 MB
1 MB 741ms
736ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/background.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c668ff7217037365ff165d820dca50e2a392f0659696a6928ee6ba7bf1683d6

Request headers

:path: /themes/default/background.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 8e2fc74f111e14140c534c3cd41f10e1.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1433401
cf-request-id: 09d7eb82180000fa20ba398000000001
last-modified: Wed, 21 Apr 2021 15:35:32 GMT
server: cloudflare
etag: "a6367a4c599d7f3c5bff850af7ad2525"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4jKgN816oOiUi5qYRN0s18Mt184ooL7wVqEZ7VD1vFzLTqA8BuEZDjo3K1shp0lY5FFZ3ngvMw4q5qBobfApLPV342W0p0jd3M4%2BvuH%2FNQ1LwB%2F3fA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: 2nEniB0Ig1MzPX23sXCr34l1G1ik16DG
accept-ranges: bytes
cf-ray: 64a015167e1dfa20-AMS
x-amz-cf-id: DVxAr_QGiPPrBhSQi5wkOGng1Dx4g5_Cv0gvXN1j5WKxcl3zR7jT9Q==

GET
H3-29 200 background-repeat.jpg
www.rainbowspins.com/themes/default/ 37 KB
38 KB 871ms
867ms Image
image/jpeg 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/background-repeat.jpg
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db11aedd77cd0ed75374086a3e9ba5bc374326425377e6811c0d19358e35c860

Request headers

:path: /themes/default/background-repeat.jpg
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 07c325e1e193f25e3673c49cf7dde57c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38272
cf-request-id: 09d7eb82190000fa20ea818000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "1026992f07c2449100a35969ff4bcf33"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I2zmTL0jJReoBAc7%2FB9kPoa8EdxfW%2FjRmyY92PZjUjQhr07YjKJEJGPS0emdwwpr%2FWdcp24Pgx5tuwodAsUg%2BhqwuSWdvwp%2BDJEwOW0lQ0gTbJo0Cg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2678400
x-amz-version-id: Jks9wFbvTwOeKXFoWcjCg2uCSxs29oL3
accept-ranges: bytes
cf-ray: 64a015167e21fa20-AMS
x-amz-cf-id: J6jm_W-uCT-pUrtvaOPQYKqQe2fmtfoHGyjmlxS0mrKFQvhERxOQ3Q==

GET
H3-29 200 clouds.png
www.rainbowspins.com/themes/default/ 12 KB
13 KB 874ms
870ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/clouds.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c44def957d4f97753deadf0ec154442704b620600efebef00ef9641253658b72

Request headers

:path: /themes/default/clouds.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 9267231a1fec2f141a931c8dc694fe1d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12438
cf-request-id: 09d7eb82190000fa20deb3a000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "d602239fada5606cf13562d646625436"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zunISu2sx9kWDnLTCqyMEvZm4MQGlKUtM9yuhrsHD7V4Qi95oOu5NrpPk4izFe6Ei5ishdnS%2F2XKxLu%2BAcoSoFsj2rqCHZNZZer3peraQ7eD8piFTw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: wm0L3lVGOkZefyVQrw2_HRYf2ZGjpMNW
accept-ranges: bytes
cf-ray: 64a015167e22fa20-AMS
x-amz-cf-id: As6efY58rWEXAotAGJ3RSTpYUWN3rLUDQqhfpgOhSn-YDWUqjnSqZg==

GET
H3-29 200 logo.png
www.rainbowspins.com/themes/default/ 18 KB
19 KB 875ms
871ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/logo.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548ba998aca1bdbcc26e28e4c64ca694af19a4cc497d760a2fab724aa6cfb38b

Request headers

:path: /themes/default/logo.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 c418ea866520d52fb3d0a50002762664.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18919
cf-request-id: 09d7eb82190000fa20c2926000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "1de759dee3cca9f8ea9efd0de9ca89b0"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T6TlLkxjhQOn2pkqXymRXoWrR%2Bstm%2BywA9m0ywv89jUpOj94%2BlfquxSy5zOjV8UToQyhLfrDhTHRe%2Bei4gUUL8azm%2B2PPkDvB3U2VwnXwGeB8cCTLA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: fLl.kPLOfOe04nc.QZx_cPRf3pRfzkxv
accept-ranges: bytes
cf-ray: 64a015167e24fa20-AMS
x-amz-cf-id: xyzTwrfLyGHDpPBZ29FEIT2NsybRBUEsSX3Iwo2Y4u7AjBUjHOcAHQ==

GET
H3-29 200 button_gold.png
www.rainbowspins.com/themes/default/ 11 KB
11 KB 875ms
871ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/button_gold.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c9e6e0b72a466d75ac88e4408bbb8cbf97196c6adeba9a3431d56a68a3694b3

Request headers

:path: /themes/default/button_gold.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 f9d8d85c1cdd8d752a5fcdb241623dfa.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10801
cf-request-id: 09d7eb821a0000fa20cf0c2000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "7cff158da82e5a31533f76a3587b1f98"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fGQ18sO1kyTyCp%2Bd9NjJDzCIgoqcSI6DZM92UHPTOiLpZaN8JYR%2FW1vM2fjG6muDCYGot%2BvTFnR2drPTCxtp6bd%2FZ0tgbx5Q0ObrSKGi6L2yc%2Bw62w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: 3MRKd88_G7qbLKJummno3MMmRt3Zi0Vo
accept-ranges: bytes
cf-ray: 64a015167e26fa20-AMS
x-amz-cf-id: f4qhjI3YdQY7ZIXcryaRDTfbr5zrVEDW89Efm0q2v8XmSL-7PIqmNg==

GET
H3-29 200 button_gold-left.png
www.rainbowspins.com/themes/default/ 8 KB
8 KB 186ms
182ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/button_gold-left.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e229ba2b7bfb9bc399a55c4ac7cd1f343d78f8f15ddb1749ad9a0f1d67396c5

Request headers

:path: /themes/default/button_gold-left.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 79b38e01cf5e16de2ad2a0ec2187e7f5.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7833
cf-request-id: 09d7eb821a0000fa20a105f000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "f365b20a2f2e07809d9068d42af1723f"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BciuH0JX92ZQR7Bb8KWrvsxcXHSTrl2aqHdFzUFpFGXcnc%2F0CyBlKLVBFUArgBLzscdkJllXIe7voDYB5gU3g58ruxsh%2Bu7zHhXnnnsWUFpquPe8pw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: 4IZ9f5OAJZqnPbLzyOh.tLkN4wqt91aT
accept-ranges: bytes
cf-ray: 64a015167e27fa20-AMS
x-amz-cf-id: UAku2Y39rtIZHHYbd_G9UD7YA_-4z5jbnUdXNRZi9sDj2cwn9DLDdg==

GET
H3-29 200 button_gold-right.png
www.rainbowspins.com/themes/default/ 8 KB
9 KB 882ms
879ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/button_gold-right.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd28a8ece5dd5e74f25ab442c9bfa7090a4069d99b8e0baae243c78f11ce601

Request headers

:path: /themes/default/button_gold-right.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 16a997ff6fbe7c67cad69373ff69353d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8159
cf-request-id: 09d7eb821c0000fa20128de000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "8d7ec27c16c304500b0b8cd3f9e26952"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bw%2BrTg%2FIsb5wGyiqCpAP4kcryXlxe9%2BfobxlyTg5q%2FqcYJZ5wHkm0uaeuNRicCR6MU65wbamd%2Bfi6ITfeHyU%2FL1tzHESYBnFYNafyhDG%2FGYu67%2Bndw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: H40OtmUi6EVhaRvtclTw4.dEJLhfOBaB
accept-ranges: bytes
cf-ray: 64a015167e29fa20-AMS
x-amz-cf-id: AOuMtGhh9XvtY17Rg5HTDnhgzWVgjX2K5Bh46TnAkcoj8jHoiOOUSQ==

GET
H3-29 200 paper.png
www.rainbowspins.com/themes/default/ 58 KB
58 KB 883ms
879ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/paper.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec64180281d5aff4a669717a9ad18f4d1a5b4bc82be11c728fa9585d35c6b0a

Request headers

:path: /themes/default/paper.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 1be9b204bafba40c329df0fd4961700e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58902
cf-request-id: 09d7eb821b0000fa200bb3a000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "70060e2e7d0631c67abbe5055c62e228"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D%2FyHQm7EYw960RFUj3beO9KCw53v04kscJgx70UwO1h3a1RCfbt%2FjHbyNCVgQe4TnV3NmqxwvNWoPBD2xGDxw%2Fh1yNzJrOWl%2F%2FaMwZoC9iJhSKd4Lw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: PWceKtYBS0Iqh6zN_KZA4Syj1vi7LXIh
accept-ranges: bytes
cf-ray: 64a015167e2afa20-AMS
x-amz-cf-id: JX-Y3HZ68SxU96lL8lW4_3TYRY3MZtNNuV_NKRD7fLkyu-ZX5WvTtQ==

GET
H3-29 200 reg_checkbox-bg.png
www.rainbowspins.com/images/external/theme/ 2 KB
3 KB 884ms
881ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/theme/reg_checkbox-bg.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5221f824d890c9e6dd15965da551501815177d3c390ea539b4ebb1d0ca1d328b

Request headers

:path: /images/external/theme/reg_checkbox-bg.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 8250617d32eb5ab8f209b802320fccbb.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2275
cf-request-id: 09d7eb821b0000fa20cd173000000001
last-modified: Thu, 15 Apr 2021 15:57:06 GMT
server: cloudflare
etag: "68033228e7f5b189167ec79c9eec5887"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gPPLsyJxaQcPfH8%2BH64QZoceBdSbGXOJ027xMxcPddvwMOpS0d63ZKQugtOyknRIp4I3krwq%2Fd0aMQt6U4v%2B0hc7swq1bZLT5ac2qVSzg%2F2xsX62pw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: zLyEdtiRTemxjGY8Z3ABPxJRhXemrzma
accept-ranges: bytes
cf-ray: 64a015167e2bfa20-AMS
x-amz-cf-id: XZ2xWb-wxPhxqLPF476QOtRUncOdiMzgYS4kp09YY1Vm3Gd-sfld7A==

GET
H3-29 200 parchment.png
www.rainbowspins.com/themes/default/ 449 KB
450 KB 194ms
191ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/parchment.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b44bfe3541777e88bb0a70bbd79d1e2471528343e4f4267264d5e4c33bb6b45

Request headers

:path: /themes/default/parchment.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 70ad464a78307ca3be49f99be11c879e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 459762
cf-request-id: 09d7eb821b0000fa20b086d000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "236e8d2ce2a479004be1e66005a306e3"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=naj36hmtN9%2Bi5YVZfkKN2reIR6BHsqrlT81neE%2BArh8fmofE85UiKJLDKdb5JJBDu70zxykvYcvetH2cwl%2FZCBeEKIFGCVQJHI6ZXXyWgNcJ5Sk9UQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: RW5wdqant.cQXU4Zkn55vm6KzSnGV86i
accept-ranges: bytes
cf-ray: 64a015167e2cfa20-AMS
x-amz-cf-id: YaizkEEQYTZPmOwgTEUs9twfu67Br__Po0eRwALalOPof74rDQ8zLg==

GET
H3-29 200 parchment-top.png
www.rainbowspins.com/themes/default/ 142 KB
143 KB 920ms
917ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/parchment-top.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19eac091a2914b0da038d3689580117c9afff0e50f42f36dacb466cd39b825bc

Request headers

:path: /themes/default/parchment-top.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 033ed92c09627372dcaf2c27f57f2f77.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 145661
cf-request-id: 09d7eb821c0000fa20c5985000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "77c793daefdd32fd353b6833fae15d6e"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ScizTMeMkk6YSWefpwh0sTbyG4iL6YmoDGfmwSgiFgbrgFYodwKmMM3taxmlEhbNlj9re778gRSvMAF0hyr6%2B%2FEJfqPqpjMBxvoitkhFFi%2FHBP2xXQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: tgru.SwmeYFujuf_i9DWHAhusMTUwT12
accept-ranges: bytes
cf-ray: 64a015167e2dfa20-AMS
x-amz-cf-id: HzEj6B_QpwGPjNJQedQ_BdSOn1-ecTiFQioG_Hw32jmjMGOfaPBArg==

GET
H3-29 200 topslots-gold-frame.png
www.rainbowspins.com/images/external/theme/ 52 KB
53 KB 928ms
926ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/theme/topslots-gold-frame.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54cbb7799b1d8b894cbe423b92c9523b6de5d33b0a32004ecbfea6641d1481ca

Request headers

:path: /images/external/theme/topslots-gold-frame.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 ead12ea8a5dacf72daa302814186069d.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53644
cf-request-id: 09d7eb82220000fa20fda89000000001
last-modified: Thu, 15 Apr 2021 15:57:10 GMT
server: cloudflare
etag: "d9e7cd72bc2f3642e2417537f32837c7"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LolTwT%2BIbbz1D8iX92azjc8Ds%2BAl%2Ba3oRe2fisEJjU7hwEAYs1td0RW9686CQihxoUtqYq2GqXnSFOkkAprDqflCzazi0GB4NsQ8thQwLg0Z%2BqgK%2FA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: VGdbZR0arlDjMcVpIPD3qdB_HlgkoVOz
accept-ranges: bytes
cf-ray: 64a015167e2ffa20-AMS
x-amz-cf-id: m7DhwEKgB9Tdy9bph77J-THpOhYjt4fOSQs3Ahq9cb0k5S8ofu4hag==

GET
H3-29 200 topslots-silver-frame.png
www.rainbowspins.com/images/external/theme/ 45 KB
46 KB 934ms
932ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/theme/topslots-silver-frame.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 884f2401d9cf2cd4589f70d68fd9f29a80e36ef8188d323ea8d4321ae9c47bcd

Request headers

:path: /images/external/theme/topslots-silver-frame.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 bd29d18ddcad5397b0dff22184078bfc.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46203
cf-request-id: 09d7eb821c0000fa20e409c000000001
last-modified: Thu, 15 Apr 2021 15:57:07 GMT
server: cloudflare
etag: "2ea23c8cd5cdcf713e8e9ce02d92d202"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1ssd7QLkmojSwnsXUkkZJ1eE60xz4QKqdcEYH2tjbyI091jPSp%2FFOHB7xhOZ38l2rTz5fPVqUp4jMyRcjcS00A8hTO2JyZ35QPsKD7rpRNRqPzfdnw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: IIbdBQwaKp_41teKYFmwuOb2QT0jISVp
accept-ranges: bytes
cf-ray: 64a015167e30fa20-AMS
x-amz-cf-id: L01Up6kj9SnXCWhfuOkO-4wbs0g7-erDXJSNZLlJDR7DoM5NQ5K3Ew==

GET
H3-29 200 popup-border.png
www.rainbowspins.com/themes/default/ 820 B
2 KB 935ms
933ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/popup-border.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16934707cad438a5d7667a20acc2e6d3d859db9fd2666a087ee4fd6096397263

Request headers

:path: /themes/default/popup-border.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 88944815e9efa1cfbf5b6acdd146175a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 820
cf-request-id: 09d7eb821d0000fa209baae000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "1dfc7ed87c5b601f607bb7979862f2c0"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4ex%2BG6bEH4PAdW%2B6KdGof6zdCvyurO8ZUJl8%2FYIdP%2F%2FbM0GAZu3ORPkx25BuIAXGel8cqvyCTg9uA6LetTEszlpRvrTdVljFXbyCB5izBgFXo3wGiA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: kdAFngTz1K8xkN2RyrF.Xft3kSA6Pe.w
accept-ranges: bytes
cf-ray: 64a015167e31fa20-AMS
x-amz-cf-id: 1AoLhTNU7tDaH3228vxaT5ngVMfbozUyp5_M-HKn-xdWj1pcVjdNdA==

GET
H3-29 200 2489073448009579 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 192ms
192ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2489073448009579?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c68a973757d882d9f2d10f2f4f7ee966c7689748a2834e8e9d9041edddd86d85

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: xYW1hhzfYdEkBMc9HLu5ayu9HXchlGDX4htJKhpJpjCZOIYWkI5pI8sKC2gskHxWnXj2jbo7xYf4BHywXmmYyA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 04 May 2021 07:40:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
cdn.webpu.sh/25E8udzUifxNVKmm5J2YRLxP3LqBSISP/ 178 KB
38 KB 36ms
9ms Script
text/javascript 13.32.21.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webpu.sh/25E8udzUifxNVKmm5J2YRLxP3LqBSISP/sdk.js
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/shared_files/xpush.js?20180323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae613fa6fed9f02426dc9f871524a36a00a880f931a9047e57b9c0fa5962f02b

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 03:16:32 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 08:38:18 GMT
server: AmazonS3
age: 18824
etag: W/"85845ec2652b92c2e20e67acea5af03e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
cache-control: max-age=21600
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: JPzbYr36_nqy6pKmfTyioCPdUrNPzl0_RErhjl02yEP8RNOnqYr4sw==

GET
H3-29 200 footer-border.png
www.rainbowspins.com/themes/default/ 1 KB
2 KB 757ms
755ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/footer-border.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101f6eb43e238589f0dbeb55ea3ce42017561bbb1c6103fc4f082a450bdcb578

Request headers

:path: /themes/default/footer-border.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 6e28f02adabde7d09aba9f5efcd44d1b.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1209
cf-request-id: 09d7eb82c90000fa20d3964000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "761a1b955ce754dba71141ebec467835"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gs86Mem9yMgPa5KnMdvidBVkcGZPZPDbOW7tjOem71pEAQ9Knccg3zZjOgAxD6N3IiGnORvhzA8AAVY6aSlor%2BqLA9fQL0s%2BsIwmsPAXcCET7nqV7A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: 0H9CLAbENOqgBdRNzrXVbn3e7wfN2mLj
accept-ranges: bytes
cf-ray: 64a01517afdefa20-AMS
x-amz-cf-id: ZYU-_M4Lil2l38oY0k0ACw0Xw_4u1BLdxODM-f1Ajg2Y0LCw5qjvjQ==

GET
H3-29 200 clover.png
www.rainbowspins.com/themes/default/ 677 B
1 KB 774ms
772ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/themes/default/clover.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592f3540ae9b4c191891109c5ddf86f3dbd610c46cfb5dd0e373dc3b5ca8d6c9

Request headers

:path: /themes/default/clover.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 b917bd54ec6565658d9d65cbf075f677.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 677
cf-request-id: 09d7eb82ca0000fa20a49e0000000001
last-modified: Wed, 21 Apr 2021 15:35:31 GMT
server: cloudflare
etag: "bc4a182ce3130995717635bdbffffa0a"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=egYuMlS9MV36wH3gZvL%2B1SRj2jISUGhdwJ1%2BptkNBsDFDYnZ9wF2Oo0jTVfyngu41%2FVlAo94WECjx64dkJkpsBV6hmkRvFVAfslxO%2Fw6wW2TGhBoDg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: MGCtxYPhoTGF.Hmi5c7J8u2qjFJtlK3h
accept-ranges: bytes
cf-ray: 64a01517afe1fa20-AMS
x-amz-cf-id: Ykpu3LKDr_HMEgbgiDk1Ihg5r2RIJ6rJ9C6QAPUDtwq1_h2g2SiqIg==

GET
H3-29 200 jms_footer-cards.png
www.rainbowspins.com/images/external/theme/ 17 KB
18 KB 774ms
773ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/theme/jms_footer-cards.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a0f7147e69200a4af0ca6e2965435d508e517a496f5a21859bab1ad5731ef43

Request headers

:path: /images/external/theme/jms_footer-cards.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 add50c826a69b24be8ba05da744b9204.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17081
cf-request-id: 09d7eb82cd0000fa20de2f6000000001
last-modified: Thu, 15 Apr 2021 15:57:08 GMT
server: cloudflare
etag: "0b16cbb72e66adf30e1c4a06943072ae"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eGfvtezE6F3nR80UBx9mDYK774%2B7izK1V2Glnjt77KZCmCbI0fHlnYMEo%2BEA5CQ6f07GBiS7e6Ht66zKwjZi8QRO1hltv0P0abtzk%2F73s%2BLihI%2BW%2FQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: eDHCmQYAl5oZ8A_bLTqe1eZ8WIDKLkVW
accept-ranges: bytes
cf-ray: 64a01517afe7fa20-AMS
x-amz-cf-id: tE1rnt6g32FNn_-ES5vZ3XWC2okiDZe-4z8CkZ1-sS4IMIeYpl1RYg==

GET
H3-29 200 jms_footer-gambleaware.png
www.rainbowspins.com/images/external/theme/ 3 KB
4 KB 774ms
773ms Image
image/png 104.21.32.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rainbowspins.com/images/external/theme/jms_footer-gambleaware.png
Requested by: Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.21.32.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ea648de6baf474dae908ac35b2c77ba881706716b5818cd8fef3bd1d448bb7a

Request headers

:path: /images/external/theme/jms_footer-gambleaware.png
pragma: no-cache
cookie: __cfduid=d0507ca43a07032551b3e8834b271001c1620114040; PHPSESSID=86hf8ubf68l3bgpqhsfgfu6pon; affiliate=none; jtag=a_27195b_tpoxemailc_; xpush=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rainbowspins.com
referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rainbowspins.com/styles/Rainbow%20Spins/default/alt/6086cd9422cb6/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
via: 1.1 033ed92c09627372dcaf2c27f57f2f77.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-meta-user-agent-id: roberta@s-869bf12dcc744e728
x-amz-cf-pop: HEL50-C2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: RefreshHit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3022
cf-request-id: 09d7eb82ce0000fa20ad8d4000000001
last-modified: Thu, 15 Apr 2021 15:57:04 GMT
server: cloudflare
etag: "50488f0c0bbeed5576eb1cd6ed2d8636"
x-amz-meta-user-agent: AWSTransfer
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nzj5KGgRHG68SZyNvoDzFDQeN8chc5G2G1txH%2FaqCcooPWD2BdA6WSsRScvnnLq2ZO%2BKjsmCkTT642FDV5rdTv2U9cjw12gmW7GPGZ4jfAxRmBF2Sw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=2678400
x-amz-version-id: yAv1XANAzsvUShEMUiyH_onH0JxZ_MIO
accept-ranges: bytes
cf-ray: 64a01517afecfa20-AMS
x-amz-cf-id: hJm5agkpucU_1JWoyZeedk7Q3od4J6QznnepmsBS7uI2SxgyqM2rYw==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
727 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 06:14:48 GMT
server: ESF
date: Tue, 04 May 2021 07:40:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 07:40:41 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 18ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=qrb3efc&ht=tk&f=35871.35872&a=10159875&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qrb3efc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rainbowspins.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 21004
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 04 May 2022 01:50:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rainbowspins.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 558003
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 27 Apr 2022 20:40:38 GMT

GET
H2 200 l
use.typekit.net/af/5093c2/00000000000000003b9b09b3/27/ 37 KB
37 KB 32ms
21ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5093c2/00000000000000003b9b09b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qrb3efc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 317524c1f08ecbedab5381b6667b181e5a3aed9a3333426cc296fe4771847621

Request headers

Origin: https://www.rainbowspins.com
Referer: https://use.typekit.net/qrb3efc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
server: nginx
etag: "9fb2d0f5d5bd9c9fa61e2b7dad29d80b92549d2d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37420

GET
H2 200 l
use.typekit.net/af/3fb4bd/00000000000000003b9b09b2/27/ 38 KB
38 KB 98ms
90ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3fb4bd/00000000000000003b9b09b2/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/qrb3efc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 833f54bde661ed2fc2cccb52debeda8ca8d01efa64649683cf4775c284c450d3

Request headers

Origin: https://www.rainbowspins.com
Referer: https://use.typekit.net/qrb3efc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
server: nginx
etag: "51f6932e59212daa74c2403df7f1e5e1f7f93201"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38736

GET
H3-29 200 665175660830911 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/665175660830911?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

127e0f7a279be26c0ec6e6b4ac51dea3f9052c647b3cf7f228a846e2e14699c6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: wLK3W3J833RAhm1ZsPCaqAHmhCdbV4eIkWt5D/ptmIdEmHUpSgbClZOmUVCXef+Zyfxnl8t6zLnh+bB1l5Gj4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 04 May 2021 07:40:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 661274090587857 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 73ms
73ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661274090587857?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0bced27828f3cdf0dbd74a2f4f2bfecb641af527195f6e852ecbb430b9e2d2a1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: r7Fz+vbSudMv1Q2YtGzBfCht0gyL6sOABDz2aCZnQJG3ExKaRtSvhS5QznumwcQT8qB4k7MSxcDwK3iK0tlQWg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 04 May 2021 07:40:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661274090587857&ev=PageView&dl=https%3A%2F%2Fwww.rainbowspins.com%2F%3Fjtag%3Da_27195b_tpoxemailc_&rl=&if=false&ts=1620114041914&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620114041913.2004627348&it=1620114041451&coo=false&eid=712c7af2-3184-4188-8f72-a1f548f98465&tm=1&exp=l0&rqm=GET

Requested by

Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 04 May 2021 07:40:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2489073448009579&ev=PageView&dl=https%3A%2F%2Fwww.rainbowspins.com%2F%3Fjtag%3Da_27195b_tpoxemailc_&rl=&if=false&ts=1620114041916&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620114041913.2004627348&it=1620114041451&coo=false&eid=d1c1039d-b67d-4e7a-b124-82a561ede59e&tm=1&exp=l0&rqm=GET

Requested by

Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 04 May 2021 07:40:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=665175660830911&ev=PageView&dl=https%3A%2F%2Fwww.rainbowspins.com%2F%3Fjtag%3Da_27195b_tpoxemailc_&rl=&if=false&ts=1620114041917&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620114041913.2004627348&it=1620114041451&coo=false&eid=e227f913-1e1a-4ff6-9e93-49b6a6cb2ba1&tm=1&exp=l0&rqm=GET

Requested by

Host: www.rainbowspins.com
URL: https://www.rainbowspins.com/?jtag=a_27195b_tpoxemailc_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 04 May 2021 07:40:41 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=661274090587857&ev=Microdata&dl=https%3A%2F%2Fwww.rainbowspins.com%2F%3Fjtag%3Da_27195b_tpoxemailc_&rl=&if=false&ts=1620114042416&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%2...
https://cx.atdmt.com/?c=7534386220643856372&f=AYwZmU6Cz3UAJsI_Ut4tHoPlghnscKP5pqSq7o1DetVEVWyOY4qYuhwMJpzOZiWJcNYfV5Nsqnj4FFaMHgbF58A9&id=661274090587857&l=3&v=0

43 B
636 B

51ms
36ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=7534386220643856372&f=AYwZmU6Cz3UAJsI_Ut4tHoPlghnscKP5pqSq7o1DetVEVWyOY4qYuhwMJpzOZiWJcNYfV5Nsqnj4FFaMHgbF58A9&id=661274090587857&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: gKrMQK0u87+n9PvJzssTMMYl6lI9LBq7Mkcux9YcwMmesXiZ9nHJhOp6U55sb/JjTiGdvAQkm8Mx5IJAxltkcA==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 04 May 2021 00:40:42 PDT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
expires: Tue, 04 May 2021 00:40:42 PDT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 07:40:42 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=7534386220643856372&f=AYwZmU6Cz3UAJsI_Ut4tHoPlghnscKP5pqSq7o1DetVEVWyOY4qYuhwMJpzOZiWJcNYfV5Nsqnj4FFaMHgbF58A9&id=661274090587857&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: 0

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=2489073448009579&ev=Microdata&dl=https%3A%2F%2Fwww.rainbowspins.com%2F%3Fjtag%3Da_27195b_tpoxemailc_&rl=&if=false&ts=1620114042418&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%...
https://cx.atdmt.com/?c=7837055600865028651&f=AYzMdmkEBnvGQDg3lGVmnXdRB13CHL3LgvrNgB4xyFcKqGfT6jEAoOZRygLDrMJJehYDAKLQ_-k7jbpKMa6VjzOT&id=2489073448009579&l=3&v=0

43 B
290 B

50ms
36ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=7837055600865028651&f=AYzMdmkEBnvGQDg3lGVmnXdRB13CHL3LgvrNgB4xyFcKqGfT6jEAoOZRygLDrMJJehYDAKLQ_-k7jbpKMa6VjzOT&id=2489073448009579&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: +PjIPDWxwl4ubOEzOesPvaZXy2jlluMknAIYzbvL28vb3/VscRhw/aFpEM72EpYrYy7KS4cyVd44u+FkAdA5RA==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 04 May 2021 00:40:42 PDT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
expires: Tue, 04 May 2021 00:40:42 PDT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 07:40:42 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=7837055600865028651&f=AYzMdmkEBnvGQDg3lGVmnXdRB13CHL3LgvrNgB4xyFcKqGfT6jEAoOZRygLDrMJJehYDAKLQ_-k7jbpKMa6VjzOT&id=2489073448009579&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=665175660830911&ev=Microdata&dl=https%3A%2F%2Fwww.rainbowspins.com%2F%3Fjtag%3Da_27195b_tpoxemailc_&rl=&if=false&ts=1620114042420&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Rainbow%20Spins%20%7COpen%20the%20Pot%20of%20Gold%20for%20up%20to%20500%20Free%20Spins%22%2C%22meta%3Adescription%22%3A%22Check%20out%20our%20welcome%20offer%20here%20at%2C%20Rainbow%20Spins.%20Where%20will%20the%20Rainbow%20take%20you%3F%20Join%20Now%20and%20deposit%20just%20%C2%A310%2B%20to%20open%20your%20Pot%20of%20Gold%20and%20win%20up%20to%20500%20Free%20Spins!%22%2C%22meta%3Akeywords%22%3A%22%20Pot%20of%20Gold%2C%20Welcome%20Offers%2C%20Free%20Spins%2C%20Rewards%2C%20Online%20Slots%2C%20Rainbow%20Spins%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.rainbowspins.com%2Fthemes%2Fdefault%2Fog-image.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620114041913.2004627348&it=1620114041451&coo=false&es=automatic&tm=3&exp=l0&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rainbowspins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:40:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 04 May 2021 07:40:42 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rainbowspins.com/	1970-01-19 18:03:20	Name: xpush Value: 1
www.rainbowspins.com/	1970-01-19 18:45:06	Name: jtag Value: a_27195b_tpoxemailc_
www.rainbowspins.com/	1970-01-19 18:45:06	Name: affiliate Value: none
.rainbowspins.com/	1970-01-19 20:11:30	Name: _fbp Value: fb.1.1620114041913.2004627348
www.rainbowspins.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 86hf8ubf68l3bgpqhsfgfu6pon
.rainbowspins.com/	1970-01-19 18:45:06	Name: __cfduid Value: d0507ca43a07032551b3e8834b271001c1620114040

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdn.webpu.sh
connect.facebook.net
cx.atdmt.com
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
partner.jumpmanaffiliates.co.uk
t.confirm.gettestkeep.email
trem.confirm.gettestkeep.email
use.typekit.net
webservices.securetrading.net
www.facebook.com
www.rainbowspins.com
104.21.32.74
13.32.21.100
2606:4700:3034::ac43:aa3d
2a00:1450:4001:80e::200a
2a00:1450:4001:813::200a
2a00:1450:4001:830::2003
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
3.250.209.97
88.208.246.154
016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac
0bced27828f3cdf0dbd74a2f4f2bfecb641af527195f6e852ecbb430b9e2d2a1
101f6eb43e238589f0dbeb55ea3ce42017561bbb1c6103fc4f082a450bdcb578
104418a26fd68c56740f87b590e2e4200bce996a15b177b32127d8e8f0a696fb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127e0f7a279be26c0ec6e6b4ac51dea3f9052c647b3cf7f228a846e2e14699c6
1308006c9c8a4276db4dcbcb91bce638a1ebdb9732bd2e783e766c84aeedb11a
13e39cc0e93dbfe522220fe5e3aed1860c75ff2db6c1c2bf2222547db05d37a7
16934707cad438a5d7667a20acc2e6d3d859db9fd2666a087ee4fd6096397263
174d572d272f6cd6fef7712775b3a1784bc1d802c5cfd4e95778dfdbf7689261
19eac091a2914b0da038d3689580117c9afff0e50f42f36dacb466cd39b825bc
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
22271efeec902b731fa3953bc473cf51f95d0b1124dee1402916cdbff8991315
236c9143b04c3463b8e248d127c344bddd3079c9cfe3c11242aa2f42f7cedc3a
2706510b45bca97526750b20d95b04054cec3d4b36d8b43439bd5b242ad5dd4c
270b61edc864471f226e9482734b2f2ce9f89e9588374b464094c8a7619e5612
27282ef6c45c6eeb6aced43d13943d4aae17d9e5cad11ea5d4c4f76e55c75aac
28d88cfdafd6f9b1fca14f30ecf5d18ae3d102d73ba8e5b5cea60564251a7c91
317524c1f08ecbedab5381b6667b181e5a3aed9a3333426cc296fe4771847621
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3c9e6e0b72a466d75ac88e4408bbb8cbf97196c6adeba9a3431d56a68a3694b3
41b0a1fa1d0fa40d1619137985461adf83085141b96b00d001cc0b6fee16f7a8
498d4675c80a2b203efacceb6009e9b30a3b85ce2491720c6ee3e7eb47cb2f19
5221f824d890c9e6dd15965da551501815177d3c390ea539b4ebb1d0ca1d328b
548ba998aca1bdbcc26e28e4c64ca694af19a4cc497d760a2fab724aa6cfb38b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cbb7799b1d8b894cbe423b92c9523b6de5d33b0a32004ecbfea6641d1481ca
5726764f4276da72e521d8239a29c78497a71c66ea06e392dc8369b34acd1d59
592f3540ae9b4c191891109c5ddf86f3dbd610c46cfb5dd0e373dc3b5ca8d6c9
5b44bfe3541777e88bb0a70bbd79d1e2471528343e4f4267264d5e4c33bb6b45
6e64167f89877af0ee1ecfaea1cc93824818616df22a3bdd0ce0c44d26df1c98
6ea648de6baf474dae908ac35b2c77ba881706716b5818cd8fef3bd1d448bb7a
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
75528eb153c6bd280dd0587fd58ee4b7240590087c8a0e9da596a27c662c1d36
7e229ba2b7bfb9bc399a55c4ac7cd1f343d78f8f15ddb1749ad9a0f1d67396c5
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81581f8e0dbbe4eb44007ac511b199d0a8256c655a46c5268ca8b6e8db7f4bf4
830616713214951400028d3d495b84ade97a0029793a3ff0db873710c178a433
833f54bde661ed2fc2cccb52debeda8ca8d01efa64649683cf4775c284c450d3
86a7db976e63edb09e5a09b2758df915d6a76fcfa757e9bfb407c0629144cfca
884f2401d9cf2cd4589f70d68fd9f29a80e36ef8188d323ea8d4321ae9c47bcd
8865786c814b3ec838755b01704709eaffbcf343a0aa924681ba10e22dc7a64c
8a0f7147e69200a4af0ca6e2965435d508e517a496f5a21859bab1ad5731ef43
8b9bedb0c757215458e32afa5de69576e7411858da9f68099644bbecf7a7727c
8bf74fced7954067b99fce98825c17b1b48369ce2c04203eb2825d0516ea4b29
8c1469a1154702681c57929c83661b63d3e689f75b65c514cb1bc9b44a02f1c6
8c668ff7217037365ff165d820dca50e2a392f0659696a6928ee6ba7bf1683d6
8ec64180281d5aff4a669717a9ad18f4d1a5b4bc82be11c728fa9585d35c6b0a
8fc333e02319f31657e541b35eb7933e5875e64509ed6016c6a680b4491be298
9013a78091b4037416f90427337c1055e658441cd96f38d854edd1a55f57d84a
902eb34f5f59461187a9c94da62493a83261d7fc959687ca03500d1e74e2b008
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a7637661e1e8d313263f94f70e3643fe7ab22e9df1a070bd5a2e1c583535351a
ab2f86c0d9b6f4a3750172c1821bf4235a85daddce9c44f9a5f54348a4938df4
ae613fa6fed9f02426dc9f871524a36a00a880f931a9047e57b9c0fa5962f02b
b20e38ba10d5741d9931c8423a35bd5612ca250d03ed33bd71906d839c87ca2b
b4af944ea33211281027ac7089fe27e8fb204a0ece6d2927d59f785084b21ee4
bb084d808d7af85f57540658702f3681c33f2582570e6460ad4e787439d03a3c
bd02bb019ba06f3ba4a37241260630afb61d57ee5f3f0fbbf1909378d25329f2
c04f11bbad412b4ffa30ff8920344c9b23a625fb99c69851ca4afd75393bda69
c44def957d4f97753deadf0ec154442704b620600efebef00ef9641253658b72
c68a973757d882d9f2d10f2f4f7ee966c7689748a2834e8e9d9041edddd86d85
d4615c5662d351b384a5f8b6d2624c1aa07a5843035bb33bd0f418c3f724edec
d6ce0e380aa9b53740064d03d0d6f9ffe67041dad5ecaa4391fe9d4cc2b90f5e
d97791fa7b964dcda1d0fd660d1f37651fd0738907f855fea3ab0f9d929c8502
db11aedd77cd0ed75374086a3e9ba5bc374326425377e6811c0d19358e35c860
dd5731653387bb4fb4d50b61999cc07d347c39015dfcb96f557ca2b3589f2c08
ddd28a8ece5dd5e74f25ab442c9bfa7090a4069d99b8e0baae243c78f11ce601
fc8f91f129ec947d6e9aa6ddf790bef3c00e9a17e5837c6ef093ec16dfa8e7fb
fce2ded1122b88baf87acdfb93d3c3817bf8ef3df161f629d48f50e4482e611f
fe1ab133ee2141b40df5c665b6238aed03fed370d27c8601458630146169b4a7
fe3b9e94a0d795c7e52311e0260100ec0d30adbb28031ca56a192b20380b760a

www.rainbowspins.com Open in urlscan Pro 104.21.32.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

71 %IPv6

12 Domains

15 Subdomains

12 IPs

4 Countries

7360 kBTransfer

9316 kBSize

6 Cookies

9 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rainbowspins.com Open in urlscan Pro
104.21.32.74 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

71 %
IPv6

12
Domains

15
Subdomains

12
IPs

4
Countries

7360 kB
Transfer

9316 kB
Size

6
Cookies

77 HTTP transactions
0 data transactions