Submitted URL: http://sembrafduckpatsi.gq/?search=first
Effective URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Submission: On December 31 via manual from US

Summary

This website contacted 34 IPs in 10 countries across 45 domains to perform 99 HTTP transactions. The main IP is 2606:4700:30::6812:366c, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is twoupcasinonew.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 14th 2019. Valid for: a year.
This is the only time twoupcasinonew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:30:... 13335 (CLOUDFLAR...)
1 213.208.154.14 1764 (NEXTLAYER-AS)
1 54.197.224.147 14618 (AMAZON-AES)
1 13.35.253.38 16509 (AMAZON-02)
1 2 216.25.32.226 13768 (COGECO-PEER1)
1 2620:12a:8001::1 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 95.100.69.96 16625 (AKAMAI-AS)
1 54.171.26.152 16509 (AMAZON-02)
2 14.142.152.238 4755 (TATACOMM-...)
1 2a04:4e42:3::367 54113 (FASTLY)
1 2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2620:11a:e002... 22300 (WIKIA)
1 151.101.114.133 54113 (FASTLY)
1 151.101.12.124 54113 (FASTLY)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 192.124.249.18 30148 (SUCURI-SEC)
1 209.94.203.72 5639 (Telecommu...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.72.24.212 16509 (AMAZON-02)
1 95.100.69.142 16625 (AKAMAI-AS)
1 159.180.84.2 33047 (INSTART)
2 2606:2800:233... 15133 (EDGECAST)
1 149.126.77.252 19551 (INCAPSULA)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 1 212.47.233.95 12876 (Online SAS)
1 1 212.32.250.9 60781 (LEASEWEB-...)
1 1 35.234.82.254 15169 (GOOGLE)
37 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:1b:... 54113 (FASTLY)
99 34
Apex Domain
Subdomains
Transfer
37 twoupcasinonew.com
twoupcasinonew.com
1 MB
8 tawk.to
embed.tawk.to
va.tawk.to
vs94.tawk.to
static-v.tawk.to
122 KB
5 googleapis.com
fonts.googleapis.com
3 KB
4 gstatic.com
fonts.gstatic.com
51 KB
4 sembrafduckpatsi.gq
sembrafduckpatsi.gq
34 KB
3 jsdelivr.net
cdn.jsdelivr.net
54 KB
3 google-analytics.com
www.google-analytics.com
18 KB
2 googletagmanager.com
www.googletagmanager.com
48 KB
2 churchofjesuschrist.org
newsroom.churchofjesuschrist.org
66 KB
2 idfcfirstbank.com
www.idfcfirstbank.com
67 KB
2 ytimg.com
i.ytimg.com
282 KB
2 firstsolar.com
www.firstsolar.com
4 KB
1 google.de
www.google.de
109 B
1 google.com
www.google.com
181 B
1 doubleclick.net
stats.g.doubleclick.net
160 B
1 affalliance.com
go.affalliance.com
605 B
1 bxtmbz.pw
go.bxtmbz.pw
372 B
1 best24bet.ru
best24bet.ru
834 B
1 jquery.com
code.jquery.com
24 KB
1 fitnessfirst.co.th
www.fitnessfirst.co.th
706 KB
1 firsttechfed.com
www.firsttechfed.com
52 KB
1 fitnessfirst.com.my
www.fitnessfirst.com.my
1 MB
1 zamimg.com
wow.zamimg.com
135 KB
1 firstrepublic.com
www.firstrepublic.com
11 KB
1 cambridge.org
dictionary.cambridge.org
10 KB
1 hdfcbank.com
www.hdfcbank.com
1 firstcitizenstt.com
www.firstcitizenstt.com
1 bankfirstwi.bank
bankfirstwi.bank
1 MB
1 wikimedia.org
upload.wikimedia.org
107 KB
1 vox-cdn.com
cdn.vox-cdn.com
29 KB
1 dictionary.com
www.dictionary.com
8 KB
1 nocookie.net
vignette.wikia.nocookie.net
227 KB
1 guim.co.uk
i.guim.co.uk
90 KB
1 firstgroup.com
www.firstgroup.com
46 KB
1 bankatfirst.com
www.bankatfirst.com
310 KB
1 first-online.bank
www.first-online.bank
93 KB
1 merriam-webster.com
merriam-webster.com
16 KB
1 firstinspires.org
www.firstinspires.org
45 KB
1 first.org
www.first.org
14 KB
0 firstsavingscc.com Failed
firstsavingscc.com Failed
0 americafirst.com Failed
www.americafirst.com Failed
0 firstsupply.com Failed
www.firstsupply.com Failed
0 firstcitizens.com Failed
www.firstcitizens.com Failed
0 firstdirect.com Failed
www1.firstdirect.com Failed
0 firsttexasbank.bank Failed
www.firsttexasbank.bank Failed
99 45
Domain Requested by
37 twoupcasinonew.com sembrafduckpatsi.gq
twoupcasinonew.com
5 fonts.googleapis.com twoupcasinonew.com
embed.tawk.to
4 fonts.gstatic.com twoupcasinonew.com
embed.tawk.to
4 sembrafduckpatsi.gq sembrafduckpatsi.gq
3 vs94.tawk.to embed.tawk.to
3 cdn.jsdelivr.net embed.tawk.to
3 www.google-analytics.com 1 redirects www.googletagmanager.com
twoupcasinonew.com
2 static-v.tawk.to embed.tawk.to
2 va.tawk.to embed.tawk.to
2 www.googletagmanager.com twoupcasinonew.com
2 newsroom.churchofjesuschrist.org 1 redirects
2 www.idfcfirstbank.com sembrafduckpatsi.gq
2 i.ytimg.com sembrafduckpatsi.gq
2 www.firstsolar.com 1 redirects
1 www.google.de twoupcasinonew.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 embed.tawk.to twoupcasinonew.com
1 go.affalliance.com 1 redirects
1 go.bxtmbz.pw 1 redirects
1 best24bet.ru 1 redirects
1 code.jquery.com sembrafduckpatsi.gq
1 www.fitnessfirst.co.th sembrafduckpatsi.gq
1 www.firsttechfed.com sembrafduckpatsi.gq
1 www.fitnessfirst.com.my sembrafduckpatsi.gq
1 wow.zamimg.com sembrafduckpatsi.gq
1 www.firstrepublic.com sembrafduckpatsi.gq
1 dictionary.cambridge.org sembrafduckpatsi.gq
1 www.hdfcbank.com sembrafduckpatsi.gq
1 www.firstcitizenstt.com sembrafduckpatsi.gq
1 bankfirstwi.bank sembrafduckpatsi.gq
1 upload.wikimedia.org sembrafduckpatsi.gq
1 cdn.vox-cdn.com sembrafduckpatsi.gq
1 www.dictionary.com sembrafduckpatsi.gq
1 vignette.wikia.nocookie.net sembrafduckpatsi.gq
1 i.guim.co.uk sembrafduckpatsi.gq
1 www.firstgroup.com sembrafduckpatsi.gq
1 www.bankatfirst.com sembrafduckpatsi.gq
1 www.first-online.bank sembrafduckpatsi.gq
1 merriam-webster.com sembrafduckpatsi.gq
1 www.firstinspires.org sembrafduckpatsi.gq
1 www.first.org sembrafduckpatsi.gq
0 firstsavingscc.com Failed sembrafduckpatsi.gq
0 www.americafirst.com Failed sembrafduckpatsi.gq
0 www.firstsupply.com Failed sembrafduckpatsi.gq
0 www.firstcitizens.com Failed sembrafduckpatsi.gq
0 www1.firstdirect.com Failed sembrafduckpatsi.gq
0 www.firsttexasbank.bank Failed sembrafduckpatsi.gq
99 48

This site contains links to these domains. Also see Links.

Domain
www.affalliance.com
www.realtimegaming.com
www.centraldisputesystem.com
Subject Issuer Validity Valid
first.org
Let's Encrypt Authority X3
2019-12-30 -
2020-03-29
3 months crt.sh
www.firstinspires.org
Go Daddy Secure Certificate Authority - G2
2017-03-09 -
2020-03-09
3 years crt.sh
*.merriam-webster.com
Amazon
2019-08-01 -
2020-09-01
a year crt.sh
www.first-online.bank
DigiCert SHA2 Extended Validation Server CA
2019-10-04 -
2020-10-08
a year crt.sh
edgestatic.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
bankatfirst.com
DigiCert SHA2 Extended Validation Server CA
2019-06-19 -
2021-01-28
2 years crt.sh
*.firstgroup.com
COMODO RSA Domain Validation Secure Server CA
2018-09-07 -
2020-10-06
2 years crt.sh
idfcfirstbank.com
GeoTrust RSA CA 2018
2019-02-18 -
2021-02-17
2 years crt.sh
guardian.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-24 -
2020-05-24
a year crt.sh
mormonnewsroom.org
DigiCert SHA2 Secure Server CA
2019-11-04 -
2020-11-24
a year crt.sh
*.wikia.nocookie.net
DigiCert SHA2 Secure Server CA
2019-03-07 -
2020-04-21
a year crt.sh
*.dictionary.com
GeoTrust TLS RSA CA G1
2018-05-08 -
2020-05-07
2 years crt.sh
*.voxmedia.com
GlobalSign CloudSSL CA - SHA256 - G3
2018-11-16 -
2021-02-18
2 years crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-10-06
a year crt.sh
bankfirstwi.bank
COMODO RSA Extended Validation Secure Server CA
2018-11-15 -
2020-11-14
2 years crt.sh
www.firstcitizenstt.com
DigiCert SHA2 Secure Server CA
2019-05-08 -
2020-10-31
a year crt.sh
www.hdfcbank.com
DigiCert SHA2 Extended Validation Server CA
2018-04-04 -
2020-05-11
2 years crt.sh
*.cambridge.org
DigiCert SHA2 Secure Server CA
2019-07-29 -
2020-07-28
a year crt.sh
www.firstrepublic.com
DigiCert ECC Extended Validation Server CA
2018-05-11 -
2020-05-10
2 years crt.sh
wowhead.com
DigiCert SHA2 Secure Server CA
2019-08-06 -
2020-09-23
a year crt.sh
snid1a0gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2018-10-09 -
2020-10-13
2 years crt.sh
www.firsttechfed.com
DigiCert SHA2 Extended Validation Server CA
2018-02-28 -
2020-02-29
2 years crt.sh
snid328gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2018-10-17 -
2020-10-20
2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-08-14 -
2020-08-13
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
ssl902639.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-15 -
2020-05-23
6 months crt.sh
www.google.de
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year crt.sh

This page contains 5 frames:

Primary Page: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Frame ID: B1EB1B14BF485E3E8912D82E45BFDE23
Requests: 87 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 4C252D02FEA3F0F1B5DC9241AA0E6F6B
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: A91AA3C4517A83AC74F48092E04EDCB3
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 7F1BCE35F2A500396C136FD891BBBFF6
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 6025E34247C403B3ADC56BDDECE4CE41
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://sembrafduckpatsi.gq/?search=first Page URL
  2. http://best24bet.ru/tHbLrv HTTP 302
    http://go.bxtmbz.pw/click?pid=1461&offer_id=180 HTTP 302
    http://go.affalliance.com/visit/?bta=36448&brand=twoup&campaign=58982&afp=5e0b7fff67287c00016ec6b6&utm... HTTP 302
    https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i


Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
  • script /owl\.carousel.*\.js/i

Page Statistics

99
Requests

89 %
HTTPS

53 %
IPv6

45
Domains

48
Subdomains

34
IPs

10
Countries

6405 kB
Transfer

7687 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sembrafduckpatsi.gq/?search=first Page URL
  2. http://best24bet.ru/tHbLrv HTTP 302
    http://go.bxtmbz.pw/click?pid=1461&offer_id=180 HTTP 302
    http://go.affalliance.com/visit/?bta=36448&brand=twoup&campaign=58982&afp=5e0b7fff67287c00016ec6b6&utm_campaign=1461 HTTP 302
    https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.firstsolar.com/-/media/First-Solar/Logo/logo.ashx HTTP 302
  • http://www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/logo.ashx
Request Chain 15
  • http://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg HTTP 301
  • https://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
Request Chain 78
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=158735413&t=pageview&_s=1&dl=https%3A%2F%2Ftwoupcasinonew.com%2F%3Fgaid%3D58982%26trackingID%3D36448_435690_5e0b7fff67287c00016ec6b6&dr=http%3A%2F%2Fsembrafduckpatsi.gq%2F%3Fsearch%3Dfirst&ul=en-us&de=UTF-8&dt=Two-up%20casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUAB~&jid=1976643175&gjid=714886268&cid=989573317.1577811969&tid=UA-122406701-1&_gid=703520392.1577811969&_r=1&gtm=2wgc61PP4B2MV&z=847118527 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-122406701-1&cid=989573317.1577811969&jid=1976643175&_gid=703520392.1577811969&gjid=714886268&_v=j79&z=847118527 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=989573317.1577811969&jid=1976643175&_v=j79&z=847118527 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=989573317.1577811969&jid=1976643175&_v=j79&z=847118527&slf_rd=1&random=4209554063

99 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set /
sembrafduckpatsi.gq/
25 KB
8 KB
Document
General
Full URL
http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6a47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f528632f704123cf190db2a617167112a2a14f121bd4bfdb21db2683ad0382

Request headers

Host
sembrafduckpatsi.gq
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dbdaaa9bc5fe8df657788a70775c26c8d1577811966; expires=Thu, 30-Jan-20 17:06:06 GMT; path=/; domain=.sembrafduckpatsi.gq; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54ddd7993e3adfeb-FRA
Content-Encoding
gzip
bootstrap.min.css
sembrafduckpatsi.gq/css/
152 KB
23 KB
Stylesheet
General
Full URL
http://sembrafduckpatsi.gq/css/bootstrap.min.css
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6a47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 01 Dec 2019 10:35:44 GMT
Server
cloudflare
Age
6889
ETag
"2606e-598a2067ea831-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
54ddd79aaa9adfeb-FRA
Content-Length
23238
sembrafduckpatsi.gq.png
sembrafduckpatsi.gq/img/
1 KB
2 KB
Image
General
Full URL
http://sembrafduckpatsi.gq/img/sembrafduckpatsi.gq.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6a47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Dec 2019 20:42:06 GMT
Server
cloudflare
Age
6889
ETag
"5a7-598be9ce3ca4b"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
54ddd79abfa0d715-FRA
Content-Length
1447
email-decode.min.js
sembrafduckpatsi.gq/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
http://sembrafduckpatsi.gq/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Server
2606:4700:30::6818:6a47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 10:56:12 GMT
Server
cloudflare
X-Frame-Options
SAMEORIGIN
ETag
W/"5dfa05cc-4d7"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=172800, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ddd79abc2fbeec-FRA
Expires
Thu, 02 Jan 2020 17:06:07 GMT
1st-icon-512.png
www.first.org/
14 KB
14 KB
Image
General
Full URL
https://www.first.org/1st-icon-512.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.208.154.14 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
first-cms1.vm.nextlayer.at
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Referrer-Policy
same-origin
Last-Modified
Tue, 08 Aug 2017 19:42:41 GMT
Server
nginx
ETag
"598a1431-378c"
X-Frame-Options
DENY
Content-Type
image/png
X-Content-Type-Options
nosniff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14220
X-XSS-Protection
1; mode=block
open-graph-first-logo.png
www.firstinspires.org/sites/default/files/
44 KB
45 KB
Image
General
Full URL
https://www.firstinspires.org/sites/default/files/open-graph-first-logo.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.224.147 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-197-224-147.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
via
varnish
x-content-type-options
nosniff
age
798989
x-cache
HIT
status
200
x-ah-environment
prod
content-length
45456
x-request-id
v-8b51d082-24ab-11ea-818d-0fa9045db98a
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
content-type
image/png
expires
Sun, 05 Jan 2020 11:09:38 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
9425
mw-logo-245x245@1x.png
merriam-webster.com/assets/mw/static/social-media-share/
15 KB
16 KB
Image
General
Full URL
https://merriam-webster.com/assets/mw/static/social-media-share/mw-logo-245x245@1x.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.38 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-38.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:19 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Oct 2019 18:21:22 GMT
server
AmazonS3
age
6889
etag
"c356e0115092335ca71183f08fcc7f4c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31556926
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
15851
x-amz-cf-id
9HZfe16-2KjjQh2VDFUhIIaONOL_PY9QD1BAfZa5_7n1YARmgZ54tg==
logo.ashx
www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/
Redirect Chain
  • http://www.firstsolar.com/-/media/First-Solar/Logo/logo.ashx
  • http://www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/logo.ashx
4 KB
4 KB
Image
General
Full URL
http://www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/logo.ashx
Protocol
HTTP/1.1
Server
216.25.32.226 Atlanta, United States, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
Last-Modified
Tue, 15 Nov 2016 21:26:39 GMT
Server
Microsoft-IIS/8.5
Content-Type
image/png
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="logo.png"
Accept-Ranges
bytes
Content-Length
3700
Expires
Tue, 07 Jan 2020 17:06:07 GMT

Redirect headers

Location
http://www.firstsolar.com/en-EMEA/-/media/First-Solar/Logo/logo.ashx
Date
Tue, 31 Dec 2019 17:06:07 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
Content-Length
185
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
CapandPlan.png
www.first-online.bank/wp-content/uploads/2019/04/
93 KB
93 KB
Image
General
Full URL
https://www.first-online.bank/wp-content/uploads/2019/04/CapandPlan.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8001::1 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31622400; includeSubDomains; preload

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31622400; includeSubDomains; preload
via
1.1 varnish
age
1936984
x-cache
HIT, HIT
status
200
date
Tue, 31 Dec 2019 17:06:07 GMT
x-cache-hits
1, 1
content-length
95229
x-served-by
cache-mdw17361-MDW, cache-fra19136-FRA
last-modified
Thu, 31 Oct 2019 19:40:15 GMT
server
nginx
x-timer
S1577811967.183403,VS0,VE2
etag
"5dbb389f-173fd"
content-type
image/png
x-styx-req-id
f1672034-1a51-11ea-933f-16f5e7313d79
expires
Wed, 09 Dec 2020 07:03:03 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe1-a-789d66bff9-2zv6t
maxresdefault.jpg
i.ytimg.com/vi/tUl9QJRDBWI/
138 KB
138 KB
Image
General
Full URL
https://i.ytimg.com/vi/tUl9QJRDBWI/maxresdefault.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:18 GMT
x-content-type-options
nosniff
server
sffe
age
6889
etag
"1573149818"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
141579
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:11:18 GMT
hero-homepage-home-equity-line-of-credit.jpg
www.bankatfirst.com/content/dam/first-financial-bank/
309 KB
310 KB
Image
General
Full URL
https://www.bankatfirst.com/content/dam/first-financial-bank/hero-homepage-home-equity-line-of-credit.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.69.96 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Last-Modified
Fri, 01 Nov 2019 13:59:33 GMT
Server
Apache
ETag
"4d50d-596496025f916"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Date
Tue, 31 Dec 2019 17:06:07 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
316685
maxresdefault.jpg
i.ytimg.com/vi/VE7U_bLmAx8/
143 KB
143 KB
Image
General
Full URL
https://i.ytimg.com/vi/VE7U_bLmAx8/maxresdefault.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:03:34 GMT
x-content-type-options
nosniff
server
sffe
age
153
etag
"1577721599"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
146386
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:08:34 GMT
gadotHomepage.jpg
www.firstgroup.com/uploads/home-banners/
45 KB
46 KB
Image
General
Full URL
https://www.firstgroup.com/uploads/home-banners/gadotHomepage.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.26.152 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-171-26-152.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:23:08 GMT
server
Apache
vary
X-Forwarded-Proto
content-type
image/jpeg
status
200
cache-control
max-age=1209600
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
46479
expires
Tue, 14 Jan 2020 17:06:07 GMT
proknow-img1.jpg
www.idfcfirstbank.com/content/dam/IDFCFirstBank/
66 KB
0
Image
General
Full URL
https://www.idfcfirstbank.com/content/dam/IDFCFirstBank/proknow-img1.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.142.152.238 Mumbai, India, ASN4755 (TATACOMM-AS TATA Communications formerly VSNL is Leading ISP, IN),
Reverse DNS
14.142.152.238.static-Mumbai.vsnl.net.in
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from SAMEORIGIN https://www.youtube.com/
X-Xss-Protection 1

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 29 Oct 2019 11:47:59 GMT
X-FRAME-Options
allow-from SAMEORIGIN https://www.youtube.com/
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=7
Content-Length
181136
X-XSS-Protection
1
Expires
Thu, 30 Jan 2020 17:06:07 GMT
1871.jpg
i.guim.co.uk/img/media/6dc4cce8657b5f66f212b98820d113909531c425/0_284_1871_1123/master/
89 KB
90 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/6dc4cce8657b5f66f212b98820d113909531c425/0_284_1871_1123/master/1871.jpg?width=1200&height=630&quality=85&auto=format&fit=crop&overlay-align=bottom%2Cleft&overlay-width=100p&overlay-base64=L2ltZy9zdGF0aWMvb3ZlcmxheXMvdG8tZGVmYXVsdC5wbmc&enable=upscale&s=f71f6a051c5f84e34feb7a0d6178e008
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::367 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
via
1.1 varnish, 1.1 varnish
age
336312
x-cache
HIT, HIT
fastly-io-info
ifsz=797505 idim=1871x1123 ifmt=jpeg ofsz=91294 odim=1200x630 ofmt=webp
status
200
fastly-stats
io=1
content-length
91294
x-served-by
cache-lcy19246-LCY, cache-fra19134-FRA
server
AmazonS3
x-timer
S1577811967.203605,VS0,VE0
etag
"2pC1AclE63I7hrk8muBZSuzOCM2DLD5gr/jnEykEC7M"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 2
Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
newsroom.churchofjesuschrist.org/media/1200x675/
Redirect Chain
  • http://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
  • https://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
66 KB
66 KB
Image
General
Full URL
https://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18c::1e1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
Cache-Control
max-age=172800
Connection
keep-alive
Content-Type
image/jpeg
Content-Length
67166
Expires
Thu, 02 Jan 2020 17:06:07 GMT

Redirect headers

Location
https://newsroom.churchofjesuschrist.org/media/1200x675/Screen-Shot-2019-12-17-at-11.37.05-AM.jpeg
Date
Tue, 31 Dec 2019 17:06:07 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
fastagmobile-banner.jpg
www.idfcfirstbank.com/content/dam/IDFCFirstBank/new-products/
66 KB
67 KB
Image
General
Full URL
https://www.idfcfirstbank.com/content/dam/IDFCFirstBank/new-products/fastagmobile-banner.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.142.152.238 Mumbai, India, ASN4755 (TATACOMM-AS TATA Communications formerly VSNL is Leading ISP, IN),
Reverse DNS
14.142.152.238.static-Mumbai.vsnl.net.in
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allow-from SAMEORIGIN https://www.youtube.com/
X-Xss-Protection 1

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Nov 2019 12:08:50 GMT
X-FRAME-Options
allow-from SAMEORIGIN https://www.youtube.com/
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=26
Content-Length
67405
X-XSS-Protection
1
Expires
Thu, 30 Jan 2020 17:06:07 GMT
latest
vignette.wikia.nocookie.net/starwars/images/3/33/EmperorAmused-Orientation.png/revision/
226 KB
227 KB
Image
General
Full URL
https://vignette.wikia.nocookie.net/starwars/images/3/33/EmperorAmused-Orientation.png/revision/latest?cb=20190425003939
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:11a:e002:fa00::194 , United States, ASN22300 (WIKIA - Wikia, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 15:11:13 GMT
x-cacheable
YES - FORCED
age
0
x-cache
ORIGIN, HIT, MISS
status
200
content-disposition
inline; filename="EmperorAmused-Orientation.webp"; filename*=UTF-8''EmperorAmused-Orientation.webp
content-length
231428
x-served-by
thumblr-68fc4ccf5-mbtfh, wk-cdn-f4, wk-cdn-f2
surrogate-key
4d560eb35181f7c2bf6d521881a8569a7200ce17 wiki-starwars thumblr original
x-thumbnailer
Thumblr
etag
CP3d7sWPmeYCEAE=
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
ORIGIN, 18, 0
dictionary-social-logo-a60fa43a7f4c5e78893e1b228bdc74b3.png
www.dictionary.com/assets/
7 KB
8 KB
Image
General
Full URL
https://www.dictionary.com/assets/dictionary-social-logo-a60fa43a7f4c5e78893e1b228bdc74b3.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
via
1.1 varnish
content-type
image/png
age
11199012
x-variation
v0
adler-geo
ROWHI
x-cache
HIT
status
200
is-eu
true
content-length
7578
x-amz-id-2
n32nxWgTb8GXGR9dJlwFwIyejrjkINAKZPs236veeA/6JBw8BA4a43VUT8t3jQqeJLulUky4BnQ=
x-served-by
cache-hhn4079-HHN
last-modified
Sat, 24 Aug 2019 01:47:39 GMT
server
AmazonS3
x-timer
S1577811967.292390,VS0,VE1
etag
"a60fa43a7f4c5e78893e1b228bdc74b3"
vary
is-eu, platform, adler-geo, x-variation, X-OPTIONS
x-amz-request-id
AEA5C76D5B60F81C
cache-control
max-age=31536000,public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
platform
Desktop
x-cache-hits
1
1066317384.jpg.jpg
cdn.vox-cdn.com/thumbor/_EX8YrfAHtzxJYPeJMGi1Og89Mg=/0x113:4079x2249/fit-in/1200x630/cdn.vox-cdn.com/uploads/chorus_asset/file/19561975/
28 KB
29 KB
Image
General
Full URL
https://cdn.vox-cdn.com/thumbor/_EX8YrfAHtzxJYPeJMGi1Og89Mg=/0x113:4079x2249/fit-in/1200x630/cdn.vox-cdn.com/uploads/chorus_asset/file/19561975/1066317384.jpg.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.124 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
via
1.1 varnish, 1.1 varnish
age
104523
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000
content-length
29080
x-served-by
cache-iad2146-IAD, cache-fra19142-FRA
server
nginx/1.11.5
x-timer
S1577811967.329740,VS0,VE1
etag
"52f281d54ddd7cb4bdc2f9163a838fd359b2d813"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 30 Dec 2029 00:04:04 GMT
cache-control
max-age=315576000,public
accept-ranges
bytes
x-cache-hits
1, 1
1200px-FIRST_Logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/a/a2/FIRST_Logo.svg/
106 KB
107 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/a/a2/FIRST_Logo.svg/1200px-FIRST_Logo.svg.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US),
Reverse DNS
Software
ATS/8.0.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-analytics
https=1;nocookies=1
date
Tue, 31 Dec 2019 14:40:25 GMT
content-type
image/png
x-trans-id
tx4e643d5e15d5494db11f1-005e0b5dd9
age
8742
x-cache-status
hit-front
x-cache
cp3051 hit, cp3059 hit/17
status
200
content-disposition
inline;filename*=UTF-8''FIRST_Logo.svg.png
server-timing
cache;desc="hit-front"
content-length
108944
x-client-ip
2a01:4f8:192:5414::2
x-object-meta-sha1base36
2sywtpax9dzk6vtz866hxtpyt0oeesn
last-modified
Mon, 29 Feb 2016 22:05:35 GMT
server
ATS/8.0.5
etag
e0d2bf8eef145131ee91c4e01c23f87b
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-varnish
660458233 610442625
access-control-allow-origin
*
x-timestamp
1456783534.35804
x-ats-timestamp
1577805073
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache, X-Varnish
digital-wallet.jpg
bankfirstwi.bank/sft1125/
1 MB
1 MB
Image
General
Full URL
https://bankfirstwi.bank/sft1125/digital-wallet.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.18 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10018.sucuri.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
HIT
strict-transport-security
max-age=31536000
content-length
1239495
x-xss-protection
1; mode=block
last-modified
Thu, 14 Mar 2019 14:24:56 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
19018
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
AustinAve1Square.jpg
www.firsttexasbank.bank/wp-content/uploads/sites/189/
0
0

mortgage-website-banner-755x259.jpg
www.firstcitizenstt.com/personal-banking/slideshowParagraphs/0/slideSrc4/
8 KB
0
Image
General
Full URL
https://www.firstcitizenstt.com/personal-banking/slideshowParagraphs/0/slideSrc4/mortgage-website-banner-755x259.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
209.94.203.72 Glencoe, Trinidad And Tobago, ASN5639 (Telecommunication Services of Trinidad and Tobago, TT),
Reverse DNS
Software
Apache/2.2.15 (Red Hat) /
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
Date
Tue, 31 Dec 2019 17:06:08 GMT
X-Magnolia-Registration
Registered
Last-Modified
Tue, 31 Dec 2019 15:11:14 GMT
Server
Apache/2.2.15 (Red Hat)
Content-Type
image/jpeg;charset=UTF-8
Cache-Control
max-age=600, public
Connection
close
Content-Length
45514
Expires
Tue, 31 Dec 2019 17:16:08 GMT
failure.png
www.hdfcbank.com/static/widgets/%5BBBHOST%5D/widget-hdfc-common-overlays/media/
0
0
Image
General
Full URL
https://www.hdfcbank.com/static/widgets/%5BBBHOST%5D/widget-hdfc-common-overlays/media/failure.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6c19 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

frogthroat.jpg
dictionary.cambridge.org/rss/images/
9 KB
10 KB
Image
General
Full URL
https://dictionary.cambridge.org/rss/images/frogthroat.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.24.212 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-24-212.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
HIT
Content-Range
bytes 0-9420/9421
Connection
keep-alive
Content-Length
9421
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 18 Dec 2019 13:49:19 GMT
Server
nginx
ETag
"050aabb72423ebacb0b95e90f1b830232"
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Expires
Thu, 30 Jan 2020 17:06:07 GMT
FRB_Logo_280_150.png
www.firstrepublic.com/dist/frb/images/misc/
10 KB
11 KB
Image
General
Full URL
https://www.firstrepublic.com/dist/frb/images/misc/FRB_Logo_280_150.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.69.142 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-69-142.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 Dec 2019 22:38:19 GMT
Server
Microsoft-IIS/10.0
ETag
"c0bbb7ace1b9d51:0"
Content-Type
image/png
Date
Tue, 31 Dec 2019 17:06:07 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10565
Request-Context
appId=cid-v1:63127771-9bab-4712-8e07-a17632e405de
8013.jpg
wow.zamimg.com/uploads/guide/seo/
134 KB
135 KB
Image
General
Full URL
https://wow.zamimg.com/uploads/guide/seo/8013.jpg?1554937127
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.180.84.2 , United States, ASN33047 (INSTART - Instart Logic, Inc, US),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
last-modified
Wed, 10 Apr 2019 22:58:47 GMT
server
openresty/1.15.8.2
etag
"5cae7527-218cb"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
status
200
cache-control
max-age=3600
x-instart-request-id
8814388312005430683:NZF01-CPVNPPRY17:1577811967:0
x-instart-cache-id
0:520164394514054504::1569138910
accept-ranges
bytes
content-length
137419
expires
Tue, 31 Dec 2019 18:06:07 GMT
42_features.svg
www1.firstdirect.com/content/dam/fsdt/en/media/images/icons/products/bank-accounts/
0
0

t12-challenge-03.png
www.fitnessfirst.com.my/-/media/project/evolution-wellness/fitness-first/south-east-asia/malaysia/highlights/t12-challenge/
1 MB
1 MB
Image
General
Full URL
https://www.fitnessfirst.com.my/-/media/project/evolution-wellness/fitness-first/south-east-asia/malaysia/highlights/t12-challenge/t12-challenge-03.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F11) /
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
last-modified
Wed, 20 Mar 2019 07:40:07 GMT
server
ECAcc (frc/8F11)
access-control-allow-origin
https://storage.googleapis.com
etag
10e88f5e0c6443cc8ef2998df78104da
x-cache
HIT
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1371740
expires
Thu, 02 Jan 2020 02:13:40 GMT
content_personal_carousel_cds.jpg
www.firstcitizens.com/content/images/
0
0

routing-check-header.png
www.firsttechfed.com/Areas/FirstTech.Web/Assets/images/
52 KB
52 KB
Image
General
Full URL
https://www.firsttechfed.com/Areas/FirstTech.Web/Assets/images/routing-check-header.png
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.252 Frankfurt am Main, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.252.ip.incapdns.net
Software
/
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
last-modified
Fri, 08 Nov 2019 22:58:49 GMT
x-cdn
Incapsula
etag
"d3f819158896d51:0"
content-type
image/png
status
200
x-iinfo
1-42424130-0 0CNN RT(1577811967226 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=185630, public
content-length
53295
expires
Thu, 02 Jan 2020 20:39:57 GMT
hp-water-heaters.jpg
www.firstsupply.com/UserFiles/homepage/
0
0

home_tt1_banner_oct2019_992x552.jpg
www.fitnessfirst.co.th/-/media/project/evolution-wellness/fitness-first/south-east-asia/thailand/clubs/platinum-t-one-building/
705 KB
706 KB
Image
General
Full URL
https://www.fitnessfirst.co.th/-/media/project/evolution-wellness/fitness-first/south-east-asia/thailand/clubs/platinum-t-one-building/home_tt1_banner_oct2019_992x552.jpg
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F4B) /
Resource Hash

Request headers

Referer
http://sembrafduckpatsi.gq/?search=first
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:07 GMT
last-modified
Tue, 01 Oct 2019 07:42:45 GMT
server
ECAcc (frc/8F4B)
access-control-allow-origin
https://storage.googleapis.com
etag
d34b020d49a34f35ba765df95dab0c1d
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
721843
expires
Tue, 07 Jan 2020 17:06:08 GMT
visa-card-signature-mega.jpg
www.americafirst.com/content/dam/visa/
0
0

banner-image_sm.jpg
firstsavingscc.com/assets/img/
0
0

jquery-3.2.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://sembrafduckpatsi.gq/?search=first
Origin
http://sembrafduckpatsi.gq

Response headers

Date
Tue, 31 Dec 2019 17:06:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 19:01:15 GMT
Server
nginx
ETag
W/"58d026fb-10fdd"
Vary
Accept-Encoding
X-HW
1577811967.dop166.fr8.shc,1577811967.dop166.fr8.t,1577811967.cds007.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23856
Primary Request /
twoupcasinonew.com/
Redirect Chain
  • http://best24bet.ru/tHbLrv
  • http://go.bxtmbz.pw/click?pid=1461&offer_id=180
  • http://go.affalliance.com/visit/?bta=36448&brand=twoup&campaign=58982&afp=5e0b7fff67287c00016ec6b6&utm_campaign=1461
  • https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
15 KB
3 KB
Document
General
Full URL
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Requested by
Host: sembrafduckpatsi.gq
URL: http://sembrafduckpatsi.gq/?search=first
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8415247ae85b0b395c736b4175ab5d25727c4ad386c6884f65ccdeab3aa2175f

Request headers

:method
GET
:authority
twoupcasinonew.com
:scheme
https
:path
/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://sembrafduckpatsi.gq/?search=first
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://sembrafduckpatsi.gq/?search=first

Response headers

status
200
date
Tue, 31 Dec 2019 17:06:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7129585c65d0f49999c0a31d6e1283511577811967; expires=Thu, 30-Jan-20 17:06:07 GMT; path=/; domain=.twoupcasinonew.com; HttpOnly; SameSite=Lax; Secure trackingID=36448_435690_5e0b7fff67287c00016ec6b6; expires=Thu, 30-Jan-2020 17:06:08 GMT; Max-Age=2592000; path=/; domain=.twoupcasinonew.com gaid=58982; expires=Thu, 30-Jan-2020 17:06:08 GMT; Max-Age=2592000; path=/; domain=.twoupcasinonew.com
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
54ddd79fce78972a-FRA
content-encoding
br

Redirect headers

Server
rhino-core-shield
Date
Tue, 31 Dec 2019 17:06:07 GMT
Content-Type
text/html; Charset=UTF-8
Content-Length
212
Connection
keep-alive
Cache-Control
private,no-cache
Pragma
no-cache
Expires
Mon, 30 Dec 2019 17:06:08 GMT
Location
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Set-Cookie
twoup=afp=5e0b7fff67287c00016ec6b6&bta=36448&Visitors=q&cid=435690; expires=Fri, 31-Jan-2020 17:06:08 GMT; path=/
X-Cache-Status
MISS
Access-Control-Allow-Origin
*
normalize.css
twoupcasinonew.com/assets/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://twoupcasinonew.com/assets/css/normalize.css?v=0.2.6
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
etag
W/"1e27-56592710f1e00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54ddd7a18895972a-FRA
bootstrap.min.css
twoupcasinonew.com/assets/css/
118 KB
18 KB
Stylesheet
General
Full URL
https://twoupcasinonew.com/assets/css/bootstrap.min.css?v=0.2.6
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3d04065b97f90b944ef57c99fcc2614e96002413fcd9cfea6e0470d1308ea3

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 20 Feb 2018 12:56:04 GMT
server
cloudflare
etag
W/"1d97e-565a455518100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54ddd7a1889d972a-FRA
style.css
twoupcasinonew.com/assets/css/
40 KB
6 KB
Stylesheet
General
Full URL
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ae3492db2b4d7424528b0ac825d6dfa36c80dbe11029e7f49f493bee649c01

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 21 Jun 2019 12:31:03 GMT
server
cloudflare
etag
W/"a014-58bd4a2c5ad09-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54ddd7a1889f972a-FRA
fonts.css
twoupcasinonew.com/assets/css/
505 B
224 B
Stylesheet
General
Full URL
https://twoupcasinonew.com/assets/css/fonts.css?v=0.2.6
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1597a3c548a65dfa332710085757805466b858fb5aae713cd966c23afd3d62ad

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
etag
W/"1f9-56592710f1e00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
54ddd7a188a0972a-FRA
jquery.min.js
twoupcasinonew.com/assets/js/
84 KB
29 KB
Script
General
Full URL
https://twoupcasinonew.com/assets/js/jquery.min.js?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
etag
W/"14e98-56592710f1e00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54ddd7a188a1972a-FRA
bxslider.min.js
twoupcasinonew.com/assets/js/
19 KB
5 KB
Script
General
Full URL
https://twoupcasinonew.com/assets/js/bxslider.min.js?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 21 Feb 2018 17:28:01 GMT
server
cloudflare
etag
W/"4b9f-565bc3fba8a40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54ddd7a188a2972a-FRA
nanoscroller.js
twoupcasinonew.com/assets/js/
10 KB
3 KB
Script
General
Full URL
https://twoupcasinonew.com/assets/js/nanoscroller.js?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b63ee79f8b149f32e87d97620128e452d66ae2e606668aa1e6a9c027e176c7

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 20 Feb 2018 12:56:04 GMT
server
cloudflare
etag
W/"2864-565a455518100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54ddd7a188a4972a-FRA
custom.js
twoupcasinonew.com/assets/js/
3 KB
708 B
Script
General
Full URL
https://twoupcasinonew.com/assets/js/custom.js?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a4c66822ed0342d1517427b3e82eaa52e6b1879f1362550f54248a85c2a7a2

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 21 Feb 2018 18:05:37 GMT
server
cloudflare
etag
W/"d31-565bcc6325e40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54ddd7a188a5972a-FRA
js
www.googletagmanager.com/gtag/
73 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-122036262-9
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
512a45664f03c48d60e74daef6d12ecc93e20c2a862832f452859fc9fcd584ba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
last-modified
Tue, 31 Dec 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27812
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:06:08 GMT
left-girl.png
twoupcasinonew.com/assets/images/
205 KB
205 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/left-girl.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7194e1b9d2210631ea62f67903d0154b90c104faec97eeb3b5253823001b79ef

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
etag
"3323b-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a198a7972a-FRA
content-length
209467
logo.png
twoupcasinonew.com/assets/images/
19 KB
20 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/logo.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ff2c6f5e5ca06857d5bc0e2a53d4a8529cf24143dab1d557fa1df8a8e42ef

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
8132
etag
"4de9-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a2fa94972a-FRA
content-length
19945
bonus300.png
twoupcasinonew.com/assets/images/
41 KB
41 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/bonus300.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afaa888d7be10d7c54cc70453132a5a76a5c8c4273dded6a41f4d6c0b92772b6

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Thu, 22 Feb 2018 13:17:51 GMT
server
cloudflare
age
8132
etag
"a357-565ccdee77dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a30aba972a-FRA
content-length
41815
au.png
twoupcasinonew.com/assets/images/
8 KB
8 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/au.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97cca2573faf7124c67abf413b59bb619f9d6fd607f2d760f15a68b9a7c9a2b8

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
8132
etag
"1e72-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a32aeb972a-FRA
content-length
7794
border.png
twoupcasinonew.com/assets/images/
1 KB
1 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/border.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e427ada183fc24310bcd4a74ee51e33566280a2f3ee3880c95a89718c7671893

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Thu, 22 Feb 2018 13:17:51 GMT
server
cloudflare
age
8131
etag
"535-565ccdee77dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a32af0972a-FRA
content-length
1333
right-girl.png
twoupcasinonew.com/assets/images/
240 KB
241 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/right-girl.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b417e769d75e4f4ee612f04d3ec8fc0c6d36f4a418bc1dc20ae74658867030e6

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
8131
etag
"3c14a-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a33b1f972a-FRA
content-length
246090
games_1.png
twoupcasinonew.com/assets/images/
189 KB
190 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games_1.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2af1fd1787092a00812da0409580bf45dde3e844946a099551663b06023cf20

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Wed, 22 May 2019 09:06:01 GMT
server
cloudflare
age
8130
etag
"2f59f-58976463b7040"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a33b20972a-FRA
content-length
193951
game_41.png
twoupcasinonew.com/assets/images/games/
18 KB
18 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_41.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d1b23c5773e87c622897bafa6639aff3b37968b7b36d5ad7823974d05b2e4b

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
8158
etag
"4866-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a36b53972a-FRA
content-length
18534
game_16.png
twoupcasinonew.com/assets/images/games/
19 KB
19 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_16.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df0f88a3f404fde4f254ef1ca85f312dba3f139bac64eff2a600e5e54d0dacd3

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
8157
etag
"4a43-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a37b5f972a-FRA
content-length
19011
game_51.png
twoupcasinonew.com/assets/images/games/
18 KB
19 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_51.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0471ff0421825e83e30e973987560e6ca6357d7c49c26ba8efce75f1fa556caa

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
8157
etag
"49a5-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a37b67972a-FRA
content-length
18853
game_404.png
twoupcasinonew.com/assets/images/games/
6 KB
6 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_404.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee5ff6353e8a465ca0a8a56c93da368aa59b7b7c360e9d4c47677a4e99a0a0d

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
8155
etag
"1923-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a38b76972a-FRA
content-length
6435
game_63.png
twoupcasinonew.com/assets/images/games/
21 KB
21 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/games/game_63.png?v=0.0.5
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3d40005ac52ef0a5efc3e0f35325ed8d3ce12ae3bd4a4770109b320617712c

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
UPDATING
last-modified
Tue, 20 Feb 2018 15:56:38 GMT
server
cloudflare
age
8155
etag
"550a-565a6db133980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a39b8c972a-FRA
content-length
21770
coin1.png
twoupcasinonew.com/assets/images/
27 KB
27 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/coin1.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7338c0f26b5fcdfc798c0ae28320abe90af63c5c8c09ac541bd3534524e46c

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
0
etag
"6c79-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3aba4972a-FRA
content-length
27769
coin2.png
twoupcasinonew.com/assets/images/
13 KB
13 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/coin2.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52c8c5064cea2ede1ef9578eeecb1cf3197fbaf8be9516ed3517430ce52fd76

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
0
etag
"3303-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3aba7972a-FRA
content-length
13059
coin3.png
twoupcasinonew.com/assets/images/
32 KB
32 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/coin3.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
194fb0c5eef5c3672d25f806e39b1e2b3e2e580212c22f705f99faf98bd9d932

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
0
etag
"7fbe-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3aba8972a-FRA
content-length
32702
coin4.png
twoupcasinonew.com/assets/images/
47 KB
47 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/coin4.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfa77b0c9082ec2d8322ce258a222f5fc87c733e70cd15feff2a450fc29ae2c

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
0
etag
"ba21-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3aba9972a-FRA
content-length
47649
footer.png
twoupcasinonew.com/assets/images/
4 KB
4 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/footer.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3840ad156c97fe165063b7171665de4282e0fb9b2b53406070eaf947f5585630

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
0
etag
"1020-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3abaa972a-FRA
content-length
4128
rtg.png
twoupcasinonew.com/assets/images/
3 KB
3 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/rtg.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c30b22cd08318582ecc2c64bd4af914bf31fbe0f1a5ab4e95887eddf0d158c6

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Fri, 21 Jun 2019 12:31:03 GMT
server
cloudflare
age
0
etag
"c57-58bd4a2c5ad09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3abab972a-FRA
content-length
3159
cds.png
twoupcasinonew.com/assets/images/
3 KB
3 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/cds.png?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a946fc7dc52d0bdfb0e7325020f9e081a34f1a3bf668ef5bc779c21a3fc7f6da

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Fri, 21 Jun 2019 12:31:03 GMT
server
cloudflare
age
0
etag
"b7f-58bd4a2c5ad09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3abac972a-FRA
content-length
2943
TwoUpChat.js
twoupcasinonew.com/chat/
355 B
300 B
Script
General
Full URL
https://twoupcasinonew.com/chat/TwoUpChat.js
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
521353b7e50c1833dcbdd0f0a3e6db8dac6431e5df77b1cda22fc20b388263fb

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 05 Nov 2019 07:14:25 GMT
server
cloudflare
etag
W/"163-596942e9e994d-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
54ddd7a1d905972a-FRA
gtm.js
www.googletagmanager.com/
53 KB
20 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PP4B2MV
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
426a76c2eacb363c23eec234ce75661be9172adeb5c8eca62ebf4c15bb6c5b79
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
last-modified
Tue, 31 Dec 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
20424
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:06:08 GMT
css
fonts.googleapis.com/
7 KB
734 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
97e7c845a47eaf84d9fe99509dc719f497e3714d0469d8d15a1c48e67b91c919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 17:06:08 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 17:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:06:08 GMT
bg.jpg
twoupcasinonew.com/assets/images/
45 KB
45 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/bg.jpg
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
443ddf43048a9db984e41a5fd7d6cfab89ee7916458dfba18385f1e4e88c95b9

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
0
etag
"b265-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3abb2972a-FRA
content-length
45669
star2.png
twoupcasinonew.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/star2.png
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da730f2700016b1f1e319bbd34beb7fe1c4ed6e24648b4c22a45eccba70d314e

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
0
etag
"6c7-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3abb5972a-FRA
content-length
1735
november-monthly-special.jpg
twoupcasinonew.com/assets/images/
22 KB
22 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/november-monthly-special.jpg?v=0.1.1
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
617250c57fb74cc9df04a55e2447eb9f5f903a40dfade67ea2c737d4e9c43b29

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Nov 2018 09:34:22 GMT
server
cloudflare
age
0
etag
"582a-57a380e67e380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3abb7972a-FRA
content-length
22570
footer-bg.png
twoupcasinonew.com/assets/images/
23 KB
24 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/footer-bg.png
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08cee18f5684c80963c20480a451c88f5288b41831a0220bcc90c432449c6b2f

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
0
etag
"5da2-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7a3abb8972a-FRA
content-length
23970
erasdemi.woff
twoupcasinonew.com/assets/fonts/
51 KB
51 KB
Font
General
Full URL
https://twoupcasinonew.com/assets/fonts/erasdemi.woff
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe452bd17368f421240db8a1e498fdcee69d6fdcac1ef58c0d44498b35f5c16

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/assets/css/fonts.css?v=0.2.6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
6894
etag
W/"cb54-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=14400
cf-ray
54ddd7a3abb9972a-FRA
erasbold.woff
twoupcasinonew.com/assets/fonts/
50 KB
50 KB
Font
General
Full URL
https://twoupcasinonew.com/assets/fonts/erasbold.woff
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b0cda82676a48d25cd11507e7ef6b78a419c5384ad233f26de7b07c7ec1464

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/assets/css/fonts.css?v=0.2.6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
age
6894
etag
W/"c638-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=14400
cf-ray
54ddd7a3abbc972a-FRA
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin
https://twoupcasinonew.com

Response headers

date
Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
3455561
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:13:27 GMT
default
embed.tawk.to/5a7d7f254b401e45400ccfc7/
535 KB
115 KB
Script
General
Full URL
https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/chat/TwoUpChat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2414ec7cec6cba8494ef43e35d8059a5bc3fc4c91bff91c9db1cc3414749b9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
UPDATING
server
cloudflare
age
15898
etag
W/"fulls68020"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
54ddd7a3deeb97ea-FRA
access-control-allow-origin
*
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122036262-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1951
date
Tue, 31 Dec 2019 16:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 31 Dec 2019 18:33:37 GMT
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=158735413&t=pageview&_s=1&dl=https%3A%2F%2Ftwoupcasinonew.com%2F%3Fgaid%3D58982%26trackingID%3D36448_435690_5e0b7fff67287c00016ec6b6&dr=http%3A%2F%2Fsembrafduckpatsi.gq%2F%3Fsearch%3Dfirst&ul=en-us&de=UTF-8&dt=Two-up%20casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=546912536&gjid=1631781009&cid=989573317.1577811969&tid=UA-122036262-9&_gid=703520392.1577811969&_r=1&gtm=2ouc61&z=1486525304
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Dec 2019 17:06:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=158735413&t=pageview&_s=1&dl=https%3A%2F%2Ftwoupcasinonew.com%2F%3Fgaid%3D58982%26trackingID%3D36448_435690_5e0b7fff67287c00016ec6b6&dr=http%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-122406701-1&cid=989573317.1577811969&jid=1976643175&_gid=703520392.1577811969&gjid=714886268&_v=j79&z=847118527
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=989573317.1577811969&jid=1976643175&_v=j79&z=847118527
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=989573317.1577811969&jid=1976643175&_v=j79&z=847118527&slf_rd=1&random=4209554063
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=989573317.1577811969&jid=1976643175&_v=j79&z=847118527&slf_rd=1&random=4209554063
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Dec 2019 17:06:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Dec 2019 17:06:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-122406701-1&cid=989573317.1577811969&jid=1976643175&_v=j79&z=847118527&slf_rd=1&random=4209554063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 4C25
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 17:06:08 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 17:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:06:08 GMT
css
fonts.googleapis.com/ Frame A91A
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 17:06:08 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 17:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:06:08 GMT
css
fonts.googleapis.com/ Frame 7F1B
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 17:06:08 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 17:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:06:08 GMT
css
fonts.googleapis.com/ Frame 6025
8 KB
664 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Dec 2019 17:06:08 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 31 Dec 2019 17:06:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 31 Dec 2019 17:06:08 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 6025
192 B
472 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 31 Dec 2019 17:06:08 GMT
content-length
152
x-served-by
cache-ams21034-AMS, cache-hhn4058-HHN
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 6025
295 KB
53 KB
Script
General
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 31 Dec 2019 17:06:08 GMT
content-length
53890
x-served-by
cache-ams21034-AMS, cache-hhn4058-HHN
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
1577811968699
va.tawk.to/register/
692 B
1 KB
XHR
General
Full URL
https://va.tawk.to/register/1577811968699
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e716c6361399f785a04734c9c99e04efbfbf05f4429eabff62f438070ca6c4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Origin
https://twoupcasinonew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 31 Dec 2019 17:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-27qb
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://twoupcasinonew.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
54ddd7a478b56479-FRA
access-control-allow-headers
origin, content-type
/
vs94.tawk.to/s/
101 B
201 B
XHR
General
Full URL
https://vs94.tawk.to/s/?k=5e0b8000b4d77badf10bc983&u=%2B6z9pxRkop4EdaVK5THiIxvEuuGz%2Fpjuz3sv7Y67zjZrXq1b1flMhyYi5u9IlyN4&uv=2&a=5a7d7f254b401e45400ccfc7&cver=0&pop=false&w=rskzfd&jv=680&asver=123106&ust=false&p=Two-up%20casino&r=http%3A%2F%2Fsembrafduckpatsi.gq%2F%3Fsearch%3Dfirst&EIO=3&transport=polling&__t=MzSx0EP
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac44ac9f6bb55637aace27295413da88ef44c9d8e07ff7e78b10fb71ed7ec558
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 17:06:09 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://twoupcasinonew.com
access-control-allow-credentials
true
cf-ray
54ddd7a5d9e36479-FRA
content-length
101
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 6025
413 B
537 B
Image
General
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
image/png
status
200
access-control-expose-headers
*
cache-control
public, max-age=31536000
date
Tue, 31 Dec 2019 17:06:08 GMT
accept-ranges
bytes
timing-allow-origin
*
content-length
413
x-served-by
cache-ams21032-AMS, cache-hhn4058-HHN
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame 7F1B
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
https://twoupcasinonew.com

Response headers

date
Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
3462477
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:18:11 GMT
/
vs94.tawk.to/s/
553 B
716 B
XHR
General
Full URL
https://vs94.tawk.to/s/?k=5e0b8000b4d77badf10bc983&u=%2B6z9pxRkop4EdaVK5THiIxvEuuGz%2Fpjuz3sv7Y67zjZrXq1b1flMhyYi5u9IlyN4&uv=2&a=5a7d7f254b401e45400ccfc7&cver=0&pop=false&w=rskzfd&jv=680&asver=123106&ust=false&p=Two-up%20casino&r=http%3A%2F%2Fsembrafduckpatsi.gq%2F%3Fsearch%3Dfirst&EIO=3&transport=polling&__t=MzSx0GX&sid=CCaGKtCinZnHZX64yI6e
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9076fbec00ec214eb8f0bc6927cfef4694d56976719b1ed40a67a2abdc0d0197
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 17:06:09 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://twoupcasinonew.com
access-control-allow-credentials
true
cf-ray
54ddd7a69aa66479-FRA
content-length
553
v3
va.tawk.to/log-performance/
5 B
117 B
XHR
General
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Origin
https://twoupcasinonew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 31 Dec 2019 17:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
x-served-by
visitor-application-preemptive-15dx
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://twoupcasinonew.com
access-control-allow-credentials
true
cf-ray
54ddd7a77b766479-FRA
access-control-allow-headers
origin, content-type
/
vs94.tawk.to/s/
4 B
64 B
XHR
General
Full URL
https://vs94.tawk.to/s/?k=5e0b8000b4d77badf10bc983&u=%2B6z9pxRkop4EdaVK5THiIxvEuuGz%2Fpjuz3sv7Y67zjZrXq1b1flMhyYi5u9IlyN4&uv=2&a=5a7d7f254b401e45400ccfc7&cver=0&pop=false&w=rskzfd&jv=680&asver=123106&ust=false&p=Two-up%20casino&r=http%3A%2F%2Fsembrafduckpatsi.gq%2F%3Fsearch%3Dfirst&EIO=3&transport=polling&__t=MzSx0IZ&sid=CCaGKtCinZnHZX64yI6e
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 17:06:09 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://twoupcasinonew.com
access-control-allow-credentials
true
cf-ray
54ddd7a77b7b6479-FRA
content-length
4
light.png
twoupcasinonew.com/assets/images/
6 KB
6 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/light.png
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/assets/js/jquery.min.js?v=0.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e921228f040382347017421d6c39b579b8aa02970af3122a42505f64e2ee5b

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:11 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
etag
"174d-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7b68ae9972a-FRA
content-length
5965
shine1.png
twoupcasinonew.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://twoupcasinonew.com/assets/images/shine1.png
Requested by
Host: twoupcasinonew.com
URL: https://twoupcasinonew.com/assets/js/jquery.min.js?v=0.0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:366c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3d973f78a001c1090073b87ffdb0bd885d76c50377f262c6b257c1c74c9f26

Request headers

Referer
https://twoupcasinonew.com/assets/css/style.css?v=0.2.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:11 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Feb 2018 15:35:20 GMT
server
cloudflare
etag
"772-56592710f1e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
54ddd7b68aea972a-FRA
content-length
1906
default-profile.svg
static-v.tawk.to/a-v3/images/ Frame 4C25
4 KB
2 KB
Image
General
Full URL
https://static-v.tawk.to/a-v3/images/default-profile.svg
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c95340c5c3803014f984134d727a81daa430d4431180ff6b23a7ce0b566e94
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Dec 2019 17:06:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
546612
status
200
vary
Accept-Encoding
pragma
public
last-modified
Mon, 15 Jul 2019 17:37:08 GMT
server
cloudflare
etag
W/"5d2cb9c4-103a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
54ddd7e58cd16479-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
tawk-widget.woff2
static-v.tawk.to/a-v3/fonts/ Frame 4C25
3 KB
3 KB
Font
General
Full URL
https://static-v.tawk.to/a-v3/fonts/tawk-widget.woff2?yh9epr
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://twoupcasinonew.com/?gaid=58982&trackingID=36448_435690_5e0b7fff67287c00016ec6b6
Origin
https://twoupcasinonew.com

Response headers

date
Tue, 31 Dec 2019 17:06:19 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1901385
status
200
vary
Accept-Encoding
content-length
2744
pragma
public
last-modified
Mon, 15 Jul 2019 17:37:05 GMT
server
cloudflare
etag
"5d2cb9c1-ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
54ddd7e589b997ea-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame 4C25
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
https://twoupcasinonew.com

Response headers

date
Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
3462488
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:18:11 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ Frame A91A
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5a7d7f254b401e45400ccfc7/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
https://twoupcasinonew.com

Response headers

date
Thu, 19 Dec 2019 18:23:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
1032195
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
0
expires
Fri, 18 Dec 2020 18:23:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.firsttexasbank.bank
URL
https://www.firsttexasbank.bank/wp-content/uploads/sites/189/AustinAve1Square.jpg
Domain
www1.firstdirect.com
URL
https://www1.firstdirect.com/content/dam/fsdt/en/media/images/icons/products/bank-accounts/42_features.svg
Domain
www.firstcitizens.com
URL
https://www.firstcitizens.com/content/images/content_personal_carousel_cds.jpg
Domain
www.firstsupply.com
URL
https://www.firstsupply.com/UserFiles/homepage/hp-water-heaters.jpg
Domain
www.americafirst.com
URL
https://www.americafirst.com/content/dam/visa/visa-card-signature-mega.jpg
Domain
firstsavingscc.com
URL
https://firstsavingscc.com/assets/img/banner-image_sm.jpg

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| $ function| jQuery function| gtag object| google_tag_manager object| Tawk_API object| Tawk_LoadStart string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName

8 Cookies

Domain/Path Name / Value
twoupcasinonew.com/ Name: TawkConnectionTime
Value: 1577811968699
.twoupcasinonew.com/ Name: _gat_gtag_UA_122036262_9
Value: 1
.twoupcasinonew.com/ Name: _gat_UA-122406701-1
Value: 1
.twoupcasinonew.com/ Name: _ga
Value: GA1.2.989573317.1577811969
.twoupcasinonew.com/ Name: _gid
Value: GA1.2.703520392.1577811969
.twoupcasinonew.com/ Name: __cfduid
Value: d7129585c65d0f49999c0a31d6e1283511577811967
.twoupcasinonew.com/ Name: trackingID
Value: 36448_435690_5e0b7fff67287c00016ec6b6
.twoupcasinonew.com/ Name: gaid
Value: 58982

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankfirstwi.bank
best24bet.ru
cdn.jsdelivr.net
cdn.vox-cdn.com
code.jquery.com
dictionary.cambridge.org
embed.tawk.to
firstsavingscc.com
fonts.googleapis.com
fonts.gstatic.com
go.affalliance.com
go.bxtmbz.pw
i.guim.co.uk
i.ytimg.com
merriam-webster.com
newsroom.churchofjesuschrist.org
sembrafduckpatsi.gq
static-v.tawk.to
stats.g.doubleclick.net
twoupcasinonew.com
upload.wikimedia.org
va.tawk.to
vignette.wikia.nocookie.net
vs94.tawk.to
wow.zamimg.com
www.americafirst.com
www.bankatfirst.com
www.dictionary.com
www.first-online.bank
www.first.org
www.firstcitizens.com
www.firstcitizenstt.com
www.firstgroup.com
www.firstinspires.org
www.firstrepublic.com
www.firstsolar.com
www.firstsupply.com
www.firsttechfed.com
www.firsttexasbank.bank
www.fitnessfirst.co.th
www.fitnessfirst.com.my
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hdfcbank.com
www.idfcfirstbank.com
www1.firstdirect.com
firstsavingscc.com
www.americafirst.com
www.firstcitizens.com
www.firstsupply.com
www.firsttexasbank.bank
www1.firstdirect.com
13.35.253.38
14.142.152.238
149.126.77.252
151.101.114.133
151.101.12.124
159.180.84.2
192.124.249.18
2001:4de0:ac19::1:b:1a
209.94.203.72
212.32.250.9
212.47.233.95
213.208.154.14
216.25.32.226
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:f34f
2606:4700:30::6812:366c
2606:4700:30::6818:6a47
2606:4700::6810:6c19
2620:0:862:ed1a::2:b
2620:11a:e002:fa00::194
2620:12a:8001::1
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2016
2a00:1450:400c:c00::9a
2a02:26f0:6c00:18c::1e1
2a04:4e42:1b::621
2a04:4e42:3::367
35.234.82.254
54.171.26.152
54.197.224.147
54.72.24.212
95.100.69.142
95.100.69.96
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0471ff0421825e83e30e973987560e6ca6357d7c49c26ba8efce75f1fa556caa
08cee18f5684c80963c20480a451c88f5288b41831a0220bcc90c432449c6b2f
0c30b22cd08318582ecc2c64bd4af914bf31fbe0f1a5ab4e95887eddf0d158c6
13ae3492db2b4d7424528b0ac825d6dfa36c80dbe11029e7f49f493bee649c01
1597a3c548a65dfa332710085757805466b858fb5aae713cd966c23afd3d62ad
194fb0c5eef5c3672d25f806e39b1e2b3e2e580212c22f705f99faf98bd9d932
3840ad156c97fe165063b7171665de4282e0fb9b2b53406070eaf947f5585630
426a76c2eacb363c23eec234ce75661be9172adeb5c8eca62ebf4c15bb6c5b79
443ddf43048a9db984e41a5fd7d6cfab89ee7916458dfba18385f1e4e88c95b9
50b63ee79f8b149f32e87d97620128e452d66ae2e606668aa1e6a9c027e176c7
512a45664f03c48d60e74daef6d12ecc93e20c2a862832f452859fc9fcd584ba
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
521353b7e50c1833dcbdd0f0a3e6db8dac6431e5df77b1cda22fc20b388263fb
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a3d04065b97f90b944ef57c99fcc2614e96002413fcd9cfea6e0470d1308ea3
5dfa77b0c9082ec2d8322ce258a222f5fc87c733e70cd15feff2a450fc29ae2c
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
617250c57fb74cc9df04a55e2447eb9f5f903a40dfade67ea2c737d4e9c43b29
64c95340c5c3803014f984134d727a81daa430d4431180ff6b23a7ce0b566e94
65b0cda82676a48d25cd11507e7ef6b78a419c5384ad233f26de7b07c7ec1464
69d1b23c5773e87c622897bafa6639aff3b37968b7b36d5ad7823974d05b2e4b
7194e1b9d2210631ea62f67903d0154b90c104faec97eeb3b5253823001b79ef
78e716c6361399f785a04734c9c99e04efbfbf05f4429eabff62f438070ca6c4
7d3d973f78a001c1090073b87ffdb0bd885d76c50377f262c6b257c1c74c9f26
7e3d40005ac52ef0a5efc3e0f35325ed8d3ce12ae3bd4a4770109b320617712c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8415247ae85b0b395c736b4175ab5d25727c4ad386c6884f65ccdeab3aa2175f
9076fbec00ec214eb8f0bc6927cfef4694d56976719b1ed40a67a2abdc0d0197
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
97cca2573faf7124c67abf413b59bb619f9d6fd607f2d760f15a68b9a7c9a2b8
97e7c845a47eaf84d9fe99509dc719f497e3714d0469d8d15a1c48e67b91c919
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a946fc7dc52d0bdfb0e7325020f9e081a34f1a3bf668ef5bc779c21a3fc7f6da
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
abe452bd17368f421240db8a1e498fdcee69d6fdcac1ef58c0d44498b35f5c16
ac44ac9f6bb55637aace27295413da88ef44c9d8e07ff7e78b10fb71ed7ec558
aee5ff6353e8a465ca0a8a56c93da368aa59b7b7c360e9d4c47677a4e99a0a0d
afaa888d7be10d7c54cc70453132a5a76a5c8c4273dded6a41f4d6c0b92772b6
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036
b417e769d75e4f4ee612f04d3ec8fc0c6d36f4a418bc1dc20ae74658867030e6
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bc4ff2c6f5e5ca06857d5bc0e2a53d4a8529cf24143dab1d557fa1df8a8e42ef
c2af1fd1787092a00812da0409580bf45dde3e844946a099551663b06023cf20
c52c8c5064cea2ede1ef9578eeecb1cf3197fbaf8be9516ed3517430ce52fd76
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
d2e921228f040382347017421d6c39b579b8aa02970af3122a42505f64e2ee5b
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
da730f2700016b1f1e319bbd34beb7fe1c4ed6e24648b4c22a45eccba70d314e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df0f88a3f404fde4f254ef1ca85f312dba3f139bac64eff2a600e5e54d0dacd3
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e427ada183fc24310bcd4a74ee51e33566280a2f3ee3880c95a89718c7671893
ed2414ec7cec6cba8494ef43e35d8059a5bc3fc4c91bff91c9db1cc3414749b9
ed7338c0f26b5fcdfc798c0ae28320abe90af63c5c8c09ac541bd3534524e46c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f528632f704123cf190db2a617167112a2a14f121bd4bfdb21db2683ad0382
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f8a4c66822ed0342d1517427b3e82eaa52e6b1879f1362550f54248a85c2a7a2