Submitted URL: http://wwwmylongjohnsexperience.com/
Effective URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 09 via api from CA — Scanned from CA

Summary

This website contacted 17 IPs in 5 countries across 19 domains to perform 77 HTTP transactions. The main IP is 104.18.5.148, located in and belongs to CLOUDFLARENET, US. The main domain is powerplay.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2023. Valid for: a year.
This is the only time powerplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.172.228.26 14061 (DIGITALOC...)
1 2 52.117.247.211 36351 (SOFTLAYER)
2 2 34.234.154.208 14618 (AMAZON-AES)
2 2 20.93.81.72 8075 (MICROSOFT...)
1 1 104.18.28.20 13335 (CLOUDFLAR...)
1 9 104.18.5.148 13335 (CLOUDFLAR...)
39 99.84.108.42 16509 (AMAZON-02)
3 160.153.235.136 21501 (GODADDY-AMS)
1 104.16.57.101 13335 (CLOUDFLAR...)
4 172.217.13.104 15169 (GOOGLE)
1 172.217.13.98 15169 (GOOGLE)
3 104.86.233.107 16625 (AKAMAI-AS)
4 139.45.195.8 9002 (RETN-AS)
1 142.251.35.164 15169 (GOOGLE)
1 172.217.13.195 15169 (GOOGLE)
2 104.18.31.104 13335 (CLOUDFLAR...)
3 172.217.13.206 15169 (GOOGLE)
1 3 68.67.179.164 29990 (ASN-APPNEX)
1 2 52.6.65.1 14618 (AMAZON-AES)
2 2 54.157.73.116 14618 (AMAZON-AES)
2 104.18.12.29 13335 (CLOUDFLAR...)
77 17
Apex Domain
Subdomains
Transfer
39 ppsrvs.com
st.ppsrvs.com
641 KB
10 powerplay.com
www.powerplay.com
powerplay.com
291 KB
4 bidr.io
segment.prod.bidr.io — Cisco Umbrella Rank: 6631
match.prod.bidr.io — Cisco Umbrella Rank: 615
2 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11124
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
281 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 464
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54
21 KB
3 connextra.com
zz.connextra.com — Cisco Umbrella Rank: 16616
17 KB
3 powerplay-content.com
powerplay-content.com
wp.powerplay-content.com
3 KB
2 brevo.com
in-automate.brevo.com — Cisco Umbrella Rank: 23097
141 B
2 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 22157
4 KB
2 powerplaybet.com
www.powerplaybet.com
2 KB
2 akutapro.com
akutapro.com — Cisco Umbrella Rank: 186871
2 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 114921
p374591.myckdom.com
1 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9674
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1175
7 KB
1 wwwmylongjohnsexperience.com
wwwmylongjohnsexperience.com
2 KB
77 19
Domain Requested by
39 st.ppsrvs.com powerplay.com
st.ppsrvs.com
9 powerplay.com 1 redirects p374591.myckdom.com
powerplay.com
static.cloudflareinsights.com
4 my.rtmark.net powerplay.com
4 www.googletagmanager.com powerplay.com
www.googletagmanager.com
3 secure.adnxs.com 1 redirects powerplay.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 zz.connextra.com powerplay.com
zz.connextra.com
2 in-automate.brevo.com sibautomation.com
2 match.prod.bidr.io 2 redirects
2 segment.prod.bidr.io 1 redirects powerplay.com
2 sibautomation.com p374591.myckdom.com
sibautomation.com
2 powerplay-content.com powerplay.com
2 www.powerplaybet.com 2 redirects
2 akutapro.com 2 redirects
1 wp.powerplay-content.com st.ppsrvs.com
1 www.google.ca powerplay.com
1 www.google.com powerplay.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 static.cloudflareinsights.com powerplay.com
1 www.powerplay.com 1 redirects
1 p374591.myckdom.com
1 myckdom.com 1 redirects
1 wwwmylongjohnsexperience.com 1 redirects
77 23

This site contains links to these domains. Also see Links.

Domain
www.powerplay.com
Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-20 -
2024-03-20
a year crt.sh
powerplay.com
Cloudflare Inc ECC CA-3
2023-08-08 -
2024-08-06
a year crt.sh
*.ppsrvs.com
Amazon RSA 2048 M01
2023-06-23 -
2024-07-21
a year crt.sh
powerplay-content.com
Go Daddy Secure Certificate Authority - G2
2023-06-11 -
2024-07-12
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.connextra.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-28 -
2024-03-28
a year crt.sh
rtmark.net
R3
2023-07-25 -
2023-10-23
3 months crt.sh
www.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.google.ca
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
brevo.com
GTS CA 1P5
2023-07-03 -
2023-10-01
3 months crt.sh

This page contains 7 frames:

Primary Page: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Frame ID: AE380F47B7E6A35BF570E9B010A3997A
Requests: 69 HTTP requests in this frame

Frame: https://powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Frame ID: D61BAB5223DC03933F28D4EC459742AD
Requests: 2 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
Frame ID: 1A3315667D1C9286B2064E8703B43AF3
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Frame ID: D085C62499AF4822E10E85B90EF5BC7F
Requests: 1 HTTP requests in this frame

Frame: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
Frame ID: C97E92C5CDC92AD07095C64F5275488F
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAArdk7Jp-YAACWj9jyTuA
Frame ID: B936A702B6AE7424E36D3BB5A4B178C3
Requests: 1 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
Frame ID: C7D9C70FE830BEAF371E8CA698AC32BA
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Online Betting | Live Casino | Bet with PowerPlay | Free Bet Offers

Page URL History Show full URLs

  1. http://wwwmylongjohnsexperience.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=hx7PGIw6vFf-TiWPOexKVK3dDnCBF-q5XQaiCg3BLRs6xklmKOXj935XPU-DA... HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFy... Page URL
  2. https://akutapro.com/click?trvid=15507&externalid=90594028170&var1=6pcadt_447207301&var2=6p&var3=... HTTP 302
    https://akutapro.com/double?t=1&d=aHR0cHM6Ly93d3cucG93ZXJwbGF5YmV0LmNvbS9DLmFzaHg_YnRhZz1hXzQzNzY... HTTP 302
    https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinow... HTTP 302
    https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinow... HTTP 302
    https://www.powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&... HTTP 302
    https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

77
Requests

94 %
HTTPS

0 %
IPv6

19
Domains

23
Subdomains

17
IPs

5
Countries

1274 kB
Transfer

2794 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wwwmylongjohnsexperience.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=hx7PGIw6vFf-TiWPOexKVK3dDnCBF-q5XQaiCg3BLRs6xklmKOXj935XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZlpHmqSzyiFtiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJ3ZL4z-puOGeVSLRjlRWCkkIaXD4pzvG4nPvopM6LLaXL6U5aPnQM7lR404_Ngl39pqKLKiVcbHPXfnnGEUigEakuHgdL9NdnQde_yaCGP6CLyqVEoypiiMjFVf7QcAoM5i8_lFO134sqBCIdN5wwttFvD9NS3eSPhjZXKue3QZmD4eHyeNDFPlOk8LKlCKJRoaxtedH9f8MCZ1XK5EKK4JTWQEYrF4FyT1GLpAYT8qf8_NJr8dB2AfjDak-CS-jEsXyA3MbJePwW3mjKruAbTSofjrR4gYJIIG9mi5VFLGgZA5SZSBcls560EX4QEFbVwAjOKJB5zvsaCNAbUu4fKdrJzXrf2yLUn1Wf0YFbwy7C1wN-DHYxuIVrk0-hUQNqDJRgsLq-bz9CMrfWPwmR_FfP0XIBDOig7WFDDSCHyOW8-c0jfjZ5txBpJrHhcwMhbznJBhzVANgdymf-X4SabOGPp_elFc0rE59KT_JXyiM_HtgL6hodGyXiBqp9iBMiFo99F4sgyAnGpHr4qzb23jKgSyd9YnaBMQUkjFCHPlJjJBHnlFqEcOzOAOkHQEXn5rAmj3PmajD54GV4oZCiH4O93M1xwVlFx7jjitzb4-p4V07IiVumKNytfnNWuSjczslzgDSqjJyDaWVs3-4ovCPehLTgop-4TyXzThFBRdnKQWiBQMmuED96HRhY1FPpj4wsS0_63PEegVQTCs-0n8bEYsqF6E9Ap3FMJcMUcKXzLDBn9MwcaTW_izrJ83m9wZ0rSgIFNfcTPkN1ijp5Udl6zmwxYmZRLjddtNgvdsvEXGdFff_ufa0rPcNJJW9c2_Sk0cVIY47cBNUfmEpSA5Zdr6hFuuwgxjJTZWim8GX8Hie34Mf6qkV0nk022mZxR0CabMsVe5uDEV36nPbmS2uH0QRXJFgDopCageVuhQC_dI-DCN7QXmSEshjCans3WOBl6loIpdGuYis_aU2FVdzVMktjmOCxgauK-ugy1wxyqc2-EZ2HDFqFKw-W-fq-5dpQ5HX23ASN6eajaKvBVkiMWrTQykZbhCgaDOIiLeNR2mrokr7bOO1sATOyxe_2_jymT2ysoEFaOu8IQEvkMRo_MvfEYcXKRkZ3eROZR9bZCrHG00QWqiT_tPFbwSgY36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0It2cY6Mye7St8pw-VDmwYuJZc3s0a_giRxCkq4IS-Qg9MMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpCBk-zXXZfyBib44zJJ0kFIHSYifNgIelIgVew_SjNkqNpapZ2nWjuOnq3YN_0ZLzwPstLEJbklh24xwj_vae_UspKqkAUWdrPgFSWQD3UlHdAM6fo_EBoQ HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHSFHYdKph-nyB0mInzYCHpSIFXsP0ozZKjaWqWdp1o7j6-J7z7Cr0DTmMMKiT1gys0wwQsdUPaARaOu8IQEvkMRo_MvfEYcXKmHMPq20icC4PAe_L4WAxrauYP_kkJnzBbG8TSouzQp-jZ-QyLtot3NGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiP2KUlfY2PGaU&ui=hx7PGIw6vFf-TiWPOexKVFY37AsT2Aew6S7gT6OG4UNMAlK9DzjzVwt-EeBl8YIL36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0Lw1CW-JqTdSA&si=1&oref=1140f8b2e09da7b946c58eb3a5bec972&optunit=wAL4E_uDHxeqkPEIg6BX5GptB8VU8xVGrSujM-RWlas&rb=ddaJhf53DcI&rr=1&isco=t&abtg=0 Page URL
  2. https://akutapro.com/click?trvid=15507&externalid=90594028170&var1=6pcadt_447207301&var2=6p&var3=Desktop_Windows+10_Chrome+115_UNKNOWN_wwwmylongjohnsexperience.com+RO_@@CREATIVE-ID@@ HTTP 302
    https://akutapro.com/double?t=1&d=aHR0cHM6Ly93d3cucG93ZXJwbGF5YmV0LmNvbS9DLmFzaHg_YnRhZz1hXzQzNzY0Yl8xODg3NmNfJmFmZmlkPTcwMDM1ODAmc2l0ZWlkPTQzNzY0JmFkaWQ9MTg4NzYmYz1jYXNpbm93Yl82cGNhZHRfNDQ3MjA3MzAx HTTP 302
    https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinowb_6pcadt_447207301 HTTP 302
    https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinowb_6pcadt_447207301&AutoR=1 HTTP 302
    https://www.powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764 HTTP 302
    https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wwwmylongjohnsexperience.com/ HTTP 302
  • https://myckdom.com/aS/feedclick?s=hx7PGIw6vFf-TiWPOexKVK3dDnCBF-q5XQaiCg3BLRs6xklmKOXj935XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZlpHmqSzyiFtiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJ3ZL4z-puOGeVSLRjlRWCkkIaXD4pzvG4nPvopM6LLaXL6U5aPnQM7lR404_Ngl39pqKLKiVcbHPXfnnGEUigEakuHgdL9NdnQde_yaCGP6CLyqVEoypiiMjFVf7QcAoM5i8_lFO134sqBCIdN5wwttFvD9NS3eSPhjZXKue3QZmD4eHyeNDFPlOk8LKlCKJRoaxtedH9f8MCZ1XK5EKK4JTWQEYrF4FyT1GLpAYT8qf8_NJr8dB2AfjDak-CS-jEsXyA3MbJePwW3mjKruAbTSofjrR4gYJIIG9mi5VFLGgZA5SZSBcls560EX4QEFbVwAjOKJB5zvsaCNAbUu4fKdrJzXrf2yLUn1Wf0YFbwy7C1wN-DHYxuIVrk0-hUQNqDJRgsLq-bz9CMrfWPwmR_FfP0XIBDOig7WFDDSCHyOW8-c0jfjZ5txBpJrHhcwMhbznJBhzVANgdymf-X4SabOGPp_elFc0rE59KT_JXyiM_HtgL6hodGyXiBqp9iBMiFo99F4sgyAnGpHr4qzb23jKgSyd9YnaBMQUkjFCHPlJjJBHnlFqEcOzOAOkHQEXn5rAmj3PmajD54GV4oZCiH4O93M1xwVlFx7jjitzb4-p4V07IiVumKNytfnNWuSjczslzgDSqjJyDaWVs3-4ovCPehLTgop-4TyXzThFBRdnKQWiBQMmuED96HRhY1FPpj4wsS0_63PEegVQTCs-0n8bEYsqF6E9Ap3FMJcMUcKXzLDBn9MwcaTW_izrJ83m9wZ0rSgIFNfcTPkN1ijp5Udl6zmwxYmZRLjddtNgvdsvEXGdFff_ufa0rPcNJJW9c2_Sk0cVIY47cBNUfmEpSA5Zdr6hFuuwgxjJTZWim8GX8Hie34Mf6qkV0nk022mZxR0CabMsVe5uDEV36nPbmS2uH0QRXJFgDopCageVuhQC_dI-DCN7QXmSEshjCans3WOBl6loIpdGuYis_aU2FVdzVMktjmOCxgauK-ugy1wxyqc2-EZ2HDFqFKw-W-fq-5dpQ5HX23ASN6eajaKvBVkiMWrTQykZbhCgaDOIiLeNR2mrokr7bOO1sATOyxe_2_jymT2ysoEFaOu8IQEvkMRo_MvfEYcXKRkZ3eROZR9bZCrHG00QWqiT_tPFbwSgY36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0It2cY6Mye7St8pw-VDmwYuJZc3s0a_giRxCkq4IS-Qg9MMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpCBk-zXXZfyBib44zJJ0kFIHSYifNgIelIgVew_SjNkqNpapZ2nWjuOnq3YN_0ZLzwPstLEJbklh24xwj_vae_UspKqkAUWdrPgFSWQD3UlHdAM6fo_EBoQ HTTP 302
  • https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHSFHYdKph-nyB0mInzYCHpSIFXsP0ozZKjaWqWdp1o7j6-J7z7Cr0DTmMMKiT1gys0wwQsdUPaARaOu8IQEvkMRo_MvfEYcXKmHMPq20icC4PAe_L4WAxrauYP_kkJnzBbG8TSouzQp-jZ-QyLtot3NGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiP2KUlfY2PGaU&ui=hx7PGIw6vFf-TiWPOexKVFY37AsT2Aew6S7gT6OG4UNMAlK9DzjzVwt-EeBl8YIL36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0Lw1CW-JqTdSA&si=1&oref=1140f8b2e09da7b946c58eb3a5bec972&optunit=wAL4E_uDHxeqkPEIg6BX5GptB8VU8xVGrSujM-RWlas&rb=ddaJhf53DcI&rr=1&isco=t&abtg=0
Request Chain 51
  • https://powerplay.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Request Chain 54
  • https://secure.adnxs.com/seg?add=25129714&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
Request Chain 56
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value= HTTP 303
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
Request Chain 57
  • https://match.prod.bidr.io/cookie-sync/geniussports HTTP 303
  • https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1 HTTP 303
  • https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAArdk7Jp-YAACWj9jyTuA

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
domainClick
p374591.myckdom.com/adServe/
Redirect Chain
  • http://wwwmylongjohnsexperience.com/
  • https://myckdom.com/aS/feedclick?s=hx7PGIw6vFf-TiWPOexKVK3dDnCBF-q5XQaiCg3BLRs6xklmKOXj935XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZlpHmqSzyiFtiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJ3Z...
  • https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haV...
378 B
678 B
Document
General
Full URL
https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHSFHYdKph-nyB0mInzYCHpSIFXsP0ozZKjaWqWdp1o7j6-J7z7Cr0DTmMMKiT1gys0wwQsdUPaARaOu8IQEvkMRo_MvfEYcXKmHMPq20icC4PAe_L4WAxrauYP_kkJnzBbG8TSouzQp-jZ-QyLtot3NGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiP2KUlfY2PGaU&ui=hx7PGIw6vFf-TiWPOexKVFY37AsT2Aew6S7gT6OG4UNMAlK9DzjzVwt-EeBl8YIL36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0Lw1CW-JqTdSA&si=1&oref=1140f8b2e09da7b946c58eb3a5bec972&optunit=wAL4E_uDHxeqkPEIg6BX5GptB8VU8xVGrSujM-RWlas&rb=ddaJhf53DcI&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 09 Aug 2023 20:12:01 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 09 Aug 2023 20:12:01 GMT
location
https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHSFHYdKph-nyB0mInzYCHpSIFXsP0ozZKjaWqWdp1o7j6-J7z7Cr0DTmMMKiT1gys0wwQsdUPaARaOu8IQEvkMRo_MvfEYcXKmHMPq20icC4PAe_L4WAxrauYP_kkJnzBbG8TSouzQp-jZ-QyLtot3NGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiP2KUlfY2PGaU&ui=hx7PGIw6vFf-TiWPOexKVFY37AsT2Aew6S7gT6OG4UNMAlK9DzjzVwt-EeBl8YIL36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0Lw1CW-JqTdSA&si=1&oref=1140f8b2e09da7b946c58eb3a5bec972&optunit=wAL4E_uDHxeqkPEIg6BX5GptB8VU8xVGrSujM-RWlas&rb=ddaJhf53DcI&rr=1&isco=t&abtg=0
server
nginx
Primary Request /
powerplay.com/ontario/lp/CA_1000CB_scroll/
Redirect Chain
  • https://akutapro.com/click?trvid=15507&externalid=90594028170&var1=6pcadt_447207301&var2=6p&var3=Desktop_Windows+10_Chrome+115_UNKNOWN_wwwmylongjohnsexperience.com+RO_@@CREATIVE-ID@@
  • https://akutapro.com/double?t=1&d=aHR0cHM6Ly93d3cucG93ZXJwbGF5YmV0LmNvbS9DLmFzaHg_YnRhZz1hXzQzNzY0Yl8xODg3NmNfJmFmZmlkPTcwMDM1ODAmc2l0ZWlkPTQzNzY0JmFkaWQ9MTg4NzYmYz1jYXNpbm93Yl82cGNhZHRfNDQ3MjA3MzAx
  • https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinowb_6pcadt_447207301
  • https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinowb_6pcadt_447207301&AutoR=1
  • https://www.powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
  • https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
23 KB
7 KB
Document
General
Full URL
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Requested by
Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHSFHYdKph-nyB0mInzYCHpSIFXsP0ozZKjaWqWdp1o7j6-J7z7Cr0DTmMMKiT1gys0wwQsdUPaARaOu8IQEvkMRo_MvfEYcXKmHMPq20icC4PAe_L4WAxrauYP_kkJnzBbG8TSouzQp-jZ-QyLtot3NGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiP2KUlfY2PGaU&ui=hx7PGIw6vFf-TiWPOexKVFY37AsT2Aew6S7gT6OG4UNMAlK9DzjzVwt-EeBl8YIL36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0Lw1CW-JqTdSA&si=1&oref=1140f8b2e09da7b946c58eb3a5bec972&optunit=wAL4E_uDHxeqkPEIg6BX5GptB8VU8xVGrSujM-RWlas&rb=ddaJhf53DcI&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88dd4ccfb576adccc328013892e7ef1c86c956c6880972ee49b4895dccd5a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://p374591.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7f42a6d4089139ff-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 20:12:02 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f42a6d32b0ba1f3-YYZ
date
Wed, 09 Aug 2023 20:12:02 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
rocket-loader.min.js
powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 07 Aug 2023 18:20:33 GMT
server
cloudflare
content-encoding
gzip
etag
W/"64d135f1-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7f42a6d58a8c39ff-YYZ
expires
Fri, 11 Aug 2023 20:12:02 GMT
pp-default.min.css
st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/
28 KB
5 KB
Stylesheet
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9bef68e90b255743b372bdf95b79507c8e37cb4f5fba2c52580973749e4ff1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:56:20 GMT
content-encoding
gzip
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
36943
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
W/"c217e77553608b69c62358b0eabc1af8"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
m6UXK4v9nHiuhYT-8QSqHlRS50cVVzBIwIfkklAWFPIIbcrhXEZhCg==
pp-main.min.css
st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/
28 KB
5 KB
Stylesheet
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-main.min.css
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd26ed38feabef8914c776ca02fd708233d6778304a377068f391f00a530efee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 12:33:10 GMT
content-encoding
br
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
27533
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
W/"d1b0fc3f05d0cca343c1cb4983fd0f6e"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
RMsIzboTIb58F5345bLI6mhR7PpVW0Q72lROOdAnQN3kXTXzvRfe2w==
logo.svg
st.ppsrvs.com/img/ppdesign/lp-swi/img/
10 KB
4 KB
Image
General
Full URL
https://st.ppsrvs.com/img/ppdesign/lp-swi/img/logo.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b745a8848c639d15139e4017157c7207ac0a9e8d6948fcc2203267897e8c50ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 12:19:09 GMT
content-encoding
br
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
28374
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 23 Jan 2023 16:44:09 GMT
server
AmazonS3
etag
W/"3ac2c8b6dd92bb379d7451d16d3d105c"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
jiq8iMHbbJuTxkuCHhv9RkILFFBHWctB-PoqvedVbbQRrVAgs6QK3Q==
DT_CA-EN_LP_1000CB.jpg
st.ppsrvs.com/img/lp-scr/
143 KB
144 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/DT_CA-EN_LP_1000CB.jpg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d405bfaaf9ecbc1ebb18881d2d77026f7e17312b64d3969c64b625c0aa47b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 14:51:38 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
20849
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
146399
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:56 GMT
server
AmazonS3
etag
"434eecd6fc0f1f24e35ef7778c2c8d7b"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
_5sUvs_wj4AAqZS8LPZuuZ-Gdmckvyl4qCEOVcfVHqcuFctD_28IqQ==
CA-EN_LP-1000-casino-bonus-not-comma.svg
st.ppsrvs.com/img/lp-scr/main/
5 KB
3 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/main/CA-EN_LP-1000-casino-bonus-not-comma.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d91f70bd85c30767de25f9c149e5ad150ad5d99c0058a191a93464e2dab1211d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 22:52:57 GMT
content-encoding
gzip
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
76746
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:57 GMT
server
AmazonS3
etag
W/"1b27da2f7f2e6044c42d2b5bb312bd2b"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
qSmRK_ugs5SyM2wf1HG-csJiR48l1uLY30lqdCcdtkDe0M3F378FNw==
flag-icon-ca.svg
st.ppsrvs.com/img/lp-scr/main/
2 KB
1 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/main/flag-icon-ca.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9119462f6350c91b062884b4425f27f48be7063829347ecbfe6afb9af8e0b675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 21:05:42 GMT
content-encoding
br
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
83181
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:51:45 GMT
server
AmazonS3
etag
W/"1cac151faf1199a725bea7869a354608"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
ru-H0PUtIQqv1-gYY-ecjY3ai12CHGiYK177Y7H31ryGNfh9QEdEdw==
main-free-chips-ONT.svg
st.ppsrvs.com/img/lp-scr/main/
10 KB
4 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/main/main-free-chips-ONT.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdc2b549cfe75973a9fd32a72030d869f64a8055ce7d920b69ecee60b01fd213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:34:39 GMT
content-encoding
br
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
38244
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:58 GMT
server
AmazonS3
etag
W/"1f08ace91936087baafed97966fcad75"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
bUtZtzkuIHlvYUShtO9ER5Zz3lsS74xNUaSmAE00k1xmwjgXwBw9jA==
footer_safe-and-secure.svg
st.ppsrvs.com/img/lp-scr/footer/
5 KB
2 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/footer/footer_safe-and-secure.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07c9b43d551b0d49dd37ce4138b6a10a892292995955f9091bd962d3d8fcc949
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:52:52 GMT
content-encoding
br
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
12026
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:56 GMT
server
AmazonS3
etag
W/"5a77890089d9b87286d38dcbfe939b46"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
uos8FtV7LDwObCg6QzVwODp7jsJlpCdyrNIXxwmvY7lNv76dbSsmfA==
footer__betting-site.svg
st.ppsrvs.com/img/lp-scr/footer/
5 KB
3 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/footer/footer__betting-site.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9727700ca4a55d10f4879e109180b3d9b1f42f9d4d474aa2a66117eddc3bb604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:52:52 GMT
content-encoding
br
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
11981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:56 GMT
server
AmazonS3
etag
W/"fbaa76adc220d5836ed3f69ef4762407"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
7wiIvcWnZegVDmdhoEktRslzOuvwclu9E6IE8w1FXPMzssygKqTtzw==
footer__seen-on-tv.svg
st.ppsrvs.com/img/lp-scr/footer/
5 KB
2 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/footer/footer__seen-on-tv.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
652541be9999e94663d364c2de129df810eb4ce6f17134c9b546c42d24e63ea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:52:52 GMT
content-encoding
br
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
12763
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:56 GMT
server
AmazonS3
etag
W/"57d8d09a95ac44e46ba693d5ac060542"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
RphfC5l96Hs7-KPuAaQv3uyRa9PXBYIl0T2warsMEiLJsBGD95VU4Q==
footer__Igaming.svg
st.ppsrvs.com/img/lp-scr/footer/
13 KB
6 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/footer/footer__Igaming.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19693a063859fbc73bba7004aa8a0908c526a489d6eb3181fc161f6b21e6a502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 00:57:43 GMT
content-encoding
gzip
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
69260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:56 GMT
server
AmazonS3
etag
W/"61b77d7a52c0f157452d794c52c0f4f4"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
OEjFd0_ZSxracilLYmBRuelq7dVuoWPvLd5mg_Sfyj6wTU1_NNMpsQ==
timer-icon.svg
st.ppsrvs.com/img/lp-scr/icons/
971 B
1 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/icons/timer-icon.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d85caca825700df29d1acabcfda9ff45b1d1efac994f96a8e14b8f9f8906a2c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:56:20 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
36943
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
971
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:58 GMT
server
AmazonS3
etag
"7b5e11704593e3770abb56b8aa9b8676"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
IFY4xiXT0vUgNKDAFuKqB8Z08-aey5GrPE8AvHCgbnmP3ysHAknN5Q==
cup-icon.svg
st.ppsrvs.com/img/lp-scr/icons/
3 KB
2 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/icons/cup-icon.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58dd618ab54b9d91dee0a2732c6e67c180efb196e1412a556f8cff6b8d277fcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 00:57:43 GMT
content-encoding
gzip
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
69260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:57 GMT
server
AmazonS3
etag
W/"ed31afb0e985b97185e4826f99c08711"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
tpP3qehJTj5p16c-7Dg_kwyYx80fmF1FIRf91icNqIuH7iiVr7b4Uw==
interac.svg
st.ppsrvs.com/img/lp-scr/icons/
5 KB
2 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/icons/interac.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c86348593a20522880f1a46a91eacd67e18cc15925bf0e197720344ab63599e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 15:42:30 GMT
content-encoding
gzip
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
55573
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:57 GMT
server
AmazonS3
etag
W/"ec70297faec3b459047fbcd43508520a"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
IKrFsGRR3MKEnBW89rajh73wUOnwgLCngJoGzbyfMXGmpCkq9mlwvA==
visa.svg
st.ppsrvs.com/img/lp-scr/icons/
1 KB
1 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/icons/visa.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74ba75b04f4c6ab366f6ccc158d4267e7c3f1e66fca8c43333f955c6b19f7a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 03:52:24 GMT
content-encoding
gzip
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
58779
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:57 GMT
server
AmazonS3
etag
W/"b59d01a1d037c3948ce824dc888e2599"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
tsOK6pCDZeuSg80EXaLJQ6Q0nO9xqKSSbW-QE7TVY4CJlgcQQi2gdQ==
mastercard.svg
st.ppsrvs.com/img/lp-scr/icons/
4 KB
2 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/icons/mastercard.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a92326ae6f5aea36d4393910d678a6760ae6eadd0ab9be62c46a03082474ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:52:52 GMT
content-encoding
gzip
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
25591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:58 GMT
server
AmazonS3
etag
W/"aa2aa5a1476da61fd332e2344bf79f76"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
GpNgn0KWgAyPEJBTeMPiKNgvlbo4xSCpyTK8dp53QAkFMLD5v7panQ==
payicon-paysafecard.svg
st.ppsrvs.com/img/lp-scr/icons/
7 KB
3 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/icons/payicon-paysafecard.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb3230e4dadc08d9e8312c75f5b59c145fce03e630a72f508b64da7cc1386cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 15:56:49 GMT
content-encoding
gzip
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
21231
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:58 GMT
server
AmazonS3
etag
W/"9e7863954f4cbfc0b16cec54c3c5a2a2"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
aBqE9-sZWTz3kLek1Gir_AmJOtOxW5yqQwP7wBlu1DF-UB9toLo8PQ==
support-bg.png
st.ppsrvs.com/img/lp-scr/slide/
8 KB
9 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/slide/support-bg.png
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10e8276f1b592bf92c9b41a7c4507d67316ed62e87f6c6b3cb0476d317f68080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:01:12 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
23318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8190
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:56 GMT
server
AmazonS3
etag
"14f5fc27e5a50cee7002bf028ae11473"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
_36Al76z00cHZed70qiQRWr7QJUBlscIOKfYdY4eJeOx7NzJTg8iFw==
avatar.png
st.ppsrvs.com/img/lp-scr/slide/
12 KB
13 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/slide/avatar.png
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
508b3eba0feab2726c520379d719703d902ee584fd6ada6e5b36b3033b20369d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 23:15:59 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
75364
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12435
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:56 GMT
server
AmazonS3
etag
"23e8717638242060dec7ecb1e2028ba5"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
E8vKqW-jk9Q7Qm66kXCiSpRiIzET9ocnuMHShzmjcouiBnd8GB9E0Q==
game-1.jpg
st.ppsrvs.com/img/lp-scr/games/
17 KB
18 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/games/game-1.jpg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56216f99251dd03c55f553b52bb5523f331e79caf984999d2fb19854fb67bb08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:41:23 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
37840
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
17903
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:57 GMT
server
AmazonS3
etag
"f7ed5f8f42a306a082dc510e17164bec"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
1ZocB4YK39W-MgQ6yMSaFYFT7mMgdC9AhErj4weSiTV_dSAkTBquJg==
game-2.jpg
st.ppsrvs.com/img/lp-scr/games/
14 KB
14 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/games/game-2.jpg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ee616de01e916ba4ce6e8c48fa6551f6ec9c215ced5b31575762b535eba08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:41:23 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
37839
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13824
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:57 GMT
server
AmazonS3
etag
"620f51856f14eb2acdf5e541cecf10e8"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
0TX4gA_H38KER4KvKVr7uq3KbMpFgJVkTgP38kV4sl8cdJPsMc__4A==
game-3.jpg
st.ppsrvs.com/img/lp-scr/games/
21 KB
22 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/games/game-3.jpg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e18c2c1b2ca3939bffeb9ac90e47ce207aba9d1c06c4549576bc41f3d12a7bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 19:34:40 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
37155
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
21763
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:57 GMT
server
AmazonS3
etag
"73837a182de16cdb6fe546814a1698cd"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
_xKox-MG7w0Nbo8Dj6-A6-fo-bFWhpZt3TT0K1z2wTRAMkpAYRSoiw==
game-4.jpg
st.ppsrvs.com/img/lp-scr/games/
13 KB
13 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/games/game-4.jpg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff248eaa2944486c77fe83465ff08e71cb12f1219d0011164e8cac6d3bd73282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:41:23 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
37840
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13128
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:57 GMT
server
AmazonS3
etag
"09374e084480ebccd802f76d0d741960"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
7jrx6NeUnOf3mNEapME8AEWzogtPbTGe4f3YpAoLx1n9HJCzcfL3_g==
flag-icon-ca.svg
powerplay-content.com/ppdesign/lp-swi/img/main/
2 KB
2 KB
Image
General
Full URL
https://powerplay-content.com/ppdesign/lp-swi/img/main/flag-icon-ca.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.235.136 Amsterdam, Netherlands, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
136.235.153.160.host.secureserver.net
Software
nginx /
Resource Hash
9119462f6350c91b062884b4425f27f48be7063829347ecbfe6afb9af8e0b675

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
last-modified
Mon, 16 Jan 2023 13:19:28 GMT
server
nginx
etag
"63c54ee0-8cf"
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2255
expires
Thu, 31 Dec 2037 23:55:55 GMT
close.svg
powerplay-content.com/ppdesign/lp-swi/img/icons/
396 B
575 B
Image
General
Full URL
https://powerplay-content.com/ppdesign/lp-swi/img/icons/close.svg
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.235.136 Amsterdam, Netherlands, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
136.235.153.160.host.secureserver.net
Software
nginx /
Resource Hash
cb754c69c75f59fb7de047a7dea616be73b6eec74c247dcda3109484073ebd0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
last-modified
Mon, 16 Jan 2023 13:19:28 GMT
server
nginx
etag
"63c54ee0-18c"
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
396
expires
Thu, 31 Dec 2037 23:55:55 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://powerplay.com/
Origin
https://powerplay.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:02 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7f42a6d638e33703-YYZ
react-vendors.e229ec7-97e3460-f340cfcb2.js
powerplay.com/
663 KB
180 KB
Script
General
Full URL
https://powerplay.com/react-vendors.e229ec7-97e3460-f340cfcb2.js
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c23a566aecd71a97288bb22d797a277c77a4e139fc5935cc8b910e3a2b21b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
181551
cf-polished
origSize=679357
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Mon, 07 Aug 2023 17:04:39 GMT
cf-bgj
minify
server
cloudflare
etag
W/"64d12427-a5dbd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7f42a6d5cad739ff-YYZ
expires
Thu, 08 Aug 2024 20:12:02 GMT
csr.e229ec7-97e3460-f340cfcb2.js
powerplay.com/
248 KB
67 KB
Script
General
Full URL
https://powerplay.com/csr.e229ec7-97e3460-f340cfcb2.js
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f02c5838c6793f05c8c2f0e917b624f295aa884be53af22d942106c1a5887b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
182716
cf-polished
origSize=253764
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Mon, 07 Aug 2023 17:04:39 GMT
cf-bgj
minify
server
cloudflare
etag
W/"64d12427-3df44"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7f42a6d5cad939ff-YYZ
expires
Thu, 08 Aug 2024 20:12:02 GMT
services.e229ec7-97e3460-f340cfcb2.js
powerplay.com/
84 KB
28 KB
Script
General
Full URL
https://powerplay.com/services.e229ec7-97e3460-f340cfcb2.js
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6154a7590615bf2649898db61cea8056988e4149b4dccdd11039018272ced0e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
183485
cf-polished
origSize=86535
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Mon, 07 Aug 2023 17:04:39 GMT
cf-bgj
minify
server
cloudflare
etag
W/"64d12427-15207"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7f42a6d5cadd39ff-YYZ
expires
Thu, 08 Aug 2024 20:12:02 GMT
js
www.googletagmanager.com/gtag/
223 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11031019498
Requested by
Host: powerplay.com
URL: https://powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d3fcf5d5206ff486e62ef44002086e1e8f33dc6dbaf68bf674db07d55b2ab312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78984
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 18:21:12 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Aug 2023 20:12:02 GMT
checking.svg
st.ppsrvs.com/img/lp-scr/icons/
578 B
1 KB
Image
General
Full URL
https://st.ppsrvs.com/img/lp-scr/icons/checking.svg
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c9d1126e2917a35816f5846f495faa9da19b4ca8b1ddff23981dec67302c6e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:41:23 GMT
via
1.1 dca69919d6f10bd537498dd599f5104e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
37841
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
578
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 May 2023 11:45:58 GMT
server
AmazonS3
etag
"cfa0e857ff6e099d2a8efa2df302daef"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
Ey9a_rENYbNsYtghlAHyuTKdPoFS8WGD6hkoGY6lZ_PEanLkpoQ1hw==
Montserrat-ExtraBold.woff2
st.ppsrvs.com/fonts/
62 KB
62 KB
Font
General
Full URL
https://st.ppsrvs.com/fonts/Montserrat-ExtraBold.woff2
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a520141c4ce651b279a73fec818c8f5dff495797dc185183db968079ff8846ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Origin
https://powerplay.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:43:24 GMT
via
1.1 5e3f4627de97deab81963915d14a9754.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
23320
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
63524
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Apr 2023 08:34:56 GMT
server
AmazonS3
etag
"8f29eb736ecaff0f962e48d3f14170e6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://powerplay.com
accept-ranges
bytes
x-amz-cf-id
PqGSJKxZ5s5mQEV1vjiwykdDEzyEjjN58BTOZOlKwavDIbcQmHEJqg==
Montserrat-Black.woff2
st.ppsrvs.com/fonts/
58 KB
59 KB
Font
General
Full URL
https://st.ppsrvs.com/fonts/Montserrat-Black.woff2
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d5506854228cd2719cf860e3d48f21ffe9ab70512b63b5130f52d8779c1f63c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Origin
https://powerplay.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 09:45:25 GMT
via
1.1 5e3f4627de97deab81963915d14a9754.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
37598
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
59748
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Apr 2023 08:34:56 GMT
server
AmazonS3
etag
"34fa9847b9d2ce7af7ac42969806195c"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://powerplay.com
accept-ranges
bytes
x-amz-cf-id
ALa22lSkCvMwQVTRMtyiaGCT9Fj6pPWwC6ff1KzyTU1fKraLvn2Nog==
Montserrat-Bold.woff2
st.ppsrvs.com/fonts/
62 KB
62 KB
Font
General
Full URL
https://st.ppsrvs.com/fonts/Montserrat-Bold.woff2
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7ef3fc2c877c901a53f282ad67b605b5553e0c5df723426dba4b7b78b1aef6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Origin
https://powerplay.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 01:15:46 GMT
via
1.1 5e3f4627de97deab81963915d14a9754.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
68178
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
63408
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Apr 2023 08:34:55 GMT
server
AmazonS3
etag
"2d2dee531bf3a2d2f3ca906bd6684d02"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://powerplay.com
accept-ranges
bytes
x-amz-cf-id
KCmR2BuvbGVtT-ndYhuPLK_Oytiz1SF_GM6E-0KfBqc70PlB68cTng==
Montserrat-Regular.woff2
st.ppsrvs.com/fonts/
61 KB
62 KB
Font
General
Full URL
https://st.ppsrvs.com/fonts/Montserrat-Regular.woff2
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
440e51e97a1f1e0f89fd9e4f5c679588c0f3124005365b71d3e64861a084dce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Origin
https://powerplay.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 14:01:12 GMT
via
1.1 5e3f4627de97deab81963915d14a9754.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
23320
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
62764
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Apr 2023 08:34:55 GMT
server
AmazonS3
etag
"d9349b96888554e9965b602afe6bea4a"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://powerplay.com
accept-ranges
bytes
x-amz-cf-id
dyr9ZsyKY48yqKaHAFCxWb-71VppOpYoYCtLagaWtDsoxQeHhZpr-A==
Montserrat-Medium.woff2
st.ppsrvs.com/fonts/
61 KB
62 KB
Font
General
Full URL
https://st.ppsrvs.com/fonts/Montserrat-Medium.woff2
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32ab5f8c0959e3400adae0e888fcc69695c4c6f6f50d9d329b3ecc5689063ab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/pp-default.min.css
Origin
https://powerplay.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 00:57:46 GMT
via
1.1 5e3f4627de97deab81963915d14a9754.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
69258
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
62936
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 19 Apr 2023 08:34:55 GMT
server
AmazonS3
etag
"9caeada6f03d0a09035477adf5dd3c74"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://powerplay.com
accept-ranges
bytes
x-amz-cf-id
zPmgXXutu_95LvjMxBHYa7a7fC8jdxizJ7DpZuK-PQWXSsuoj2Lunw==
b9dd88d4-e7a0-4c5c-9a91-c8c8c5392dad
https://powerplay.com/
291 B
0
Other
General
Full URL
blob:https://powerplay.com/b9dd88d4-e7a0-4c5c-9a91-c8c8c5392dad
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
126e5a82ae666d429d3ae7e57be6eda6c975ec9fe18d0d21df27aad79fdee1ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
291
Content-Type
application/json
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11031019498/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11031019498/?random=1691611923304&cv=11&fst=1691611923304&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fpowerplay.com%2Fontario%2Flp%2FCA_1000CB_scroll%2F%3Fbtag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764&hn=www.googleadservices.com&frm=0&tiba=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&auid=2041373173.1691611923&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11031019498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a262a9635bb8f28bd78fd4494f35f495e0343202bf4788e4ec7dbd4be64a660e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1423
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landingpage
zz.connextra.com/dcs/tagController/tag/770b6a2a5625/
45 KB
16 KB
Script
General
Full URL
https://zz.connextra.com/dcs/tagController/tag/770b6a2a5625/landingpage
Requested by
Host: powerplay.com
URL: https://powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.86.233.107 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-86-233-107.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
c6dbdb02881aecef8a4408b23b30521eae5a17f8364791b79aacadb9a818c614

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
must-revalidate, max-age=139
x-envoy-upstream-service-time
3
content-length
16411
expires
Wed, 09 Aug 2023 20:14:22 GMT
p.js
my.rtmark.net/
697 B
1 KB
Script
General
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc
Requested by
Host: powerplay.com
URL: https://powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
48aba20e2721ef10913638f8c60a47bf9a46772817687ae9b33ce8cb7cd3de27
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
697
p.js
my.rtmark.net/
697 B
1 KB
Script
General
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8
Requested by
Host: powerplay.com
URL: https://powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
531afb8d462c60b454489c1041538a5db9767de6a24793df88a509a35a6398b5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
697
pp-bundle.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
18 KB
7 KB
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Requested by
Host: powerplay.com
URL: https://powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffdd2071b5dce859b43f29e5d0fe90f35ba72684fdbcce012793aea6eeece28b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 02:07:51 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
IAD79-C2
age
65053
x-amz-server-side-encryption
AES256
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
W/"814f21c6b69c54cb086aa2e77de6e766"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
ssezWwyEIjgiWtldz9jkLoUbVnkyiYm_rKIyIzCbigFcjyFQzKXlrw==
js
www.googletagmanager.com/gtag/
179 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119769874-6
Requested by
Host: powerplay.com
URL: https://powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7bb97e6c8adbd4626d2fdaceb47c2c5fb50ea51028b8b149f0e35d8a65a7d3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66536
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 09 Aug 2023 20:12:03 GMT
/
www.google.com/pagead/1p-user-list/11031019498/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11031019498/?random=1691611923304&cv=11&fst=1691611200000&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fpowerplay.com%2Fontario%2Flp%2FCA_1000CB_scroll%2F%3Fbtag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764&frm=0&tiba=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1888967023&rmt_tld=0&ipr=y
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.164 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/11031019498/
42 B
455 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/11031019498/?random=1691611923304&cv=11&fst=1691611200000&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fpowerplay.com%2Fontario%2Flp%2FCA_1000CB_scroll%2F%3Fbtag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764&frm=0&tiba=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1888967023&rmt_tld=1&ipr=y
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sa.js
sibautomation.com/
8 KB
3 KB
Script
General
Full URL
https://sibautomation.com/sa.js?key=gm86guigrko4zzgucol1x
Requested by
Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHSFHYdKph-nyB0mInzYCHpSIFXsP0ozZKjaWqWdp1o7j6-J7z7Cr0DTmMMKiT1gys0wwQsdUPaARaOu8IQEvkMRo_MvfEYcXKmHMPq20icC4PAe_L4WAxrauYP_kkJnzBbG8TSouzQp-jZ-QyLtot3NGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiP2KUlfY2PGaU&ui=hx7PGIw6vFf-TiWPOexKVFY37AsT2Aew6S7gT6OG4UNMAlK9DzjzVwt-EeBl8YIL36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0Lw1CW-JqTdSA&si=1&oref=1140f8b2e09da7b946c58eb3a5bec972&optunit=wAL4E_uDHxeqkPEIg6BX5GptB8VU8xVGrSujM-RWlas&rb=ddaJhf53DcI&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
170be8230b71c7276d7f1b8ae46638f893216bb2dc3f9cb4d7320e88fa558dd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6300
traceresponse
00-f64cea40d5eb9f9bd4c4dc44d2d91546-cbfc4c7ec184e084-01
cf-polished
origSize=10688
x-powered-by
Sails <sailsjs.com>
cf-bgj
minify
x-dt-tracestate
14ea3eee-a07e0240@dt
server
cloudflare
etag
W/"29c0-QMKSDKj1D4k89JnW5TLws0oYXCc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
cf-ray
7f42a6ddbbef36b4-YYZ
expires
Wed, 09 Aug 2023 20:13:04 GMT
js
www.googletagmanager.com/gtag/
176 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-119769874-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11031019498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1d195b35cd8e579a17d000f888db81b4d814f80c1afb6cf492c685dc87608b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
65497
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 09 Aug 2023 20:12:03 GMT
js
www.googletagmanager.com/gtag/
210 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y3KG8VDTHZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119769874-6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0005b256e189bc5729342d8098520273e533023daefd8f15a672ee5aba6e591e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76401
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 09 Aug 2023 20:12:03 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-119769874-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Aug 2023 18:37:29 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5675
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 09 Aug 2023 20:37:29 GMT
invisible.js
powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/ Frame D61B
Redirect Chain
  • https://powerplay.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
7 KB
3 KB
Script
General
Full URL
https://powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Protocol
H2
Server
104.18.5.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b43d097a4fc009f6d290100529563dfd7e7e91d6a25ae35cb7ded55783f3d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7f42a6ddae7239ff-YYZ

Redirect headers

date
Wed, 09 Aug 2023 20:12:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
cache-control
max-age=300, public
cf-ray
7f42a6dbcb9e39ff-YYZ
admin-ajax.php
wp.powerplay-content.com/wp-admin/
197 B
426 B
Fetch
General
Full URL
https://wp.powerplay-content.com/wp-admin/admin-ajax.php?action=detect_ip
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.153.235.136 Amsterdam, Netherlands, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
136.235.153.160.host.secureserver.net
Software
nginx /
Resource Hash
7867964dbcde854e1d2757239b77a4aec8fef95fb67fdd9a51883131facc2112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://powerplay.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 09 Aug 2023 20:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://powerplay.com
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
770b6a2a5625
zz.connextra.com/PowerPlay/dcs/tagController/tagData/
0
532 B
XHR
General
Full URL
https://zz.connextra.com/PowerPlay/dcs/tagController/tagData/770b6a2a5625
Requested by
Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/770b6a2a5625/landingpage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.86.233.107 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-86-233-107.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerplay.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:03 GMT
content-encoding
gzip
server
istio-envoy
vary
origin,accept-encoding
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
access-control-allow-origin
https://powerplay.com
content-type
text/plain
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
content-length
20
expires
Wed, 09 Aug 2023 20:12:03 GMT
bounce
secure.adnxs.com/ Frame 1A33
Redirect Chain
  • https://secure.adnxs.com/seg?add=25129714&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
43 B
838 B
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:04 GMT
an-x-request-uuid
5d646813-ddb0-4aba-a6b6-91975c74a1e0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
153.92.40.88; 153.92.40.88; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:04 GMT
an-x-request-uuid
776277e8-3a5e-4077-bf22-6e5d94903d5b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
x-proxy-origin
153.92.40.88; 153.92.40.88; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
getuidnb
secure.adnxs.com/ Frame D085
43 B
572 B
Image
General
Full URL
https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:04 GMT
an-x-request-uuid
383a8bb4-efb9-47e1-92e1-5bf31cbdb982
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
153.92.40.88; 153.92.40.88; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
associate-segment
segment.prod.bidr.io/ Frame C97E
Redirect Chain
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
43 B
796 B
Image
General
Full URL
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
HTTP/1.1
Server
52.6.65.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-65-1.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 09 Aug 2023 20:12:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
Date
Wed, 09 Aug 2023 20:12:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
AAArdk7Jp-YAACWj9jyTuA
zz.connextra.com/sync/data/uid/508a5e2dd5/ Frame B936
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/geniussports
  • https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
  • https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAArdk7Jp-YAACWj9jyTuA
43 B
412 B
Image
General
Full URL
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAArdk7Jp-YAACWj9jyTuA
Requested by
Host: powerplay.com
URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Protocol
H2
Server
104.86.233.107 Seattle, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-86-233-107.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:04 GMT
content-encoding
gzip
server
istio-envoy
vary
accept-encoding
content-type
image/gif
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
1
content-length
64
expires
Wed, 09 Aug 2023 20:12:04 GMT

Redirect headers

location
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAArdk7Jp-YAACWj9jyTuA
Date
Wed, 09 Aug 2023 20:12:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
powerplay.com/cdn-cgi/
0
141 B
XHR
General
Full URL
https://powerplay.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/json

Response headers

date
Wed, 09 Aug 2023 20:12:03 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://powerplay.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7f42a6dc2c0739ff-YYZ
collect
www.google-analytics.com/g/
0
170 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y3KG8VDTHZ&gtm=45je3870&_p=89866535&cid=1611746934.1691611924&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1691611923&sct=1&seg=0&dl=https%3A%2F%2Fpowerplay.com%2Fontario%2Flp%2FCA_1000CB_scroll%2F%3Fbtag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764&dt=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y3KG8VDTHZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://powerplay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7f42a6d4089139ff
powerplay.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame D61B
0
292 B
XHR
General
Full URL
https://powerplay.com/cdn-cgi/challenge-platform/h/b/cv/result/7f42a6d4089139ff
Requested by
Host: powerplay.com
URL: https://powerplay.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Aug 2023 20:12:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
cf-ray
7f42a6debfc139ff-YYZ
content-type
text/plain; charset=UTF-8
img.gif
my.rtmark.net/
43 B
491 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8&ttl=&rurl=https%3A%2F%2Fpowerplay.com%2Fontario%2Flp%2FCA_1000CB_scroll%2F%3Fbtag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
img.gif
my.rtmark.net/
43 B
491 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc&ttl=&rurl=https%3A%2F%2Fpowerplay.com%2Fontario%2Flp%2FCA_1000CB_scroll%2F%3Fbtag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 20:12:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
cm.html
sibautomation.com/ Frame C7D9
2 KB
1 KB
Document
General
Full URL
https://sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=gm86guigrko4zzgucol1x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
df8a4a1094e339e1339fdc3caee1fabe4a5beb8f97b939825de7bf5917850bb1

Request headers

Referer
https://powerplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
age
13130
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
7f42a6dedd5036b4-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 20:12:04 GMT
expires
Wed, 09 Aug 2023 22:12:04 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
Sails <sailsjs.com>
collect
www.google-analytics.com/j/
1 B
91 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=89866535&t=pageview&_s=1&dl=https%3A%2F%2Fpowerplay.com%2Fontario%2Flp%2FCA_1000CB_scroll%2F%3Fbtag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764&ul=en-us&de=UTF-8&dt=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1256702419&gjid=1537454659&cid=1611746934.1691611924&tid=UA-119769874-6&_gid=932721268.1691611924&_r=1&gtm=457e3870&jsscut=1&z=1158455751
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://powerplay.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 20:12:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://powerplay.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pp-redirects.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
724 B
1 KB
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-redirects.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2a8b380044c8914bd056701890c61e05b58a0fc72f516395ff5d010a9a1cab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 13:53:03 GMT
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
IAD79-C2
age
22742
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
724
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
"1c6e330b47a3678a1aa02df204605703"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
gtJReMGYtY-4OOdizpNpNvfUiY_oJyPDv19Jag2XYqB10U4O_xHDCQ==
pp-setLanguage.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
363 B
739 B
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-setLanguage.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
171695fad3293c42592a04c152452710b9fc086508972c682217b7f2c6a1f731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 13:08:47 GMT
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
IAD79-C2
age
25398
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
363
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
"0b576c63c5358cb139ac8dfc4543daa5"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
QdYsuRgUm9zhl5ATAOMAfqm5RPiDR0OuSsVOigF_Bo98kShtlMJSnA==
pp-detectMouseMove.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
405 B
781 B
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-detectMouseMove.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e19966797cd0817a0596258e64f132494b3feeec848f33509a99a10160d5f0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 13:09:52 GMT
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
IAD79-C2
age
25333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
405
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
"16ab75f21b0b0c76811e3046af88b15c"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
tCfW60y8STZmB3LG4cPFOZlVmglEpWFDGfrF_p37MKZ-OD9G1BtQ_Q==
pp-setBtag.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
441 B
818 B
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-setBtag.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57ad6e36430aed8c974637cc02bd2ac0450c9fbdc8651c5757cfbe9bb22b5bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 13:09:52 GMT
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
IAD79-C2
age
25333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
441
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
"3f5069d2844d07b01ee6b8ce9ae5d344"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
5eku8acqrQjmkujcDuhVUG4WA6YO3t8MUIzxgWWw_gNgZ-DL7YEXfQ==
pp-dynamicAdapt.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
3 KB
1 KB
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-dynamicAdapt.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab3d4ba968ab1b6b8403cf13a2fdddd4cf710f52aea5ee01e06e8e62b13181ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 08 Aug 2023 23:10:05 GMT
x-content-type-options
nosniff
content-encoding
br
x-amz-cf-pop
IAD79-C2
age
75720
x-amz-server-side-encryption
AES256
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
W/"53dc7b6d0fcd604a856c1f8b916fc4c7"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
pBeQIarGssKbDckcoeeID4jhbL9xOCb_9NIzOTfvQWOjuCuqzQPr8Q==
pp-initPopups.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
6 KB
2 KB
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-initPopups.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8167fbc5c1e56c68bea6cb59e801f73724566740ab4f66cbd93b6fa47463acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Wed, 09 Aug 2023 12:59:05 GMT
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C2
age
26364
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
W/"e3b034dfedb79ba87cd2d7a6075d9373"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
6keJ7AYU3Zrc54V7hjfyCv-n8odg-nDRBkAYQrcJHLWtsK-okmDy2Q==
pp-slider.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
135 KB
38 KB
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-slider.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be191b44f5c7989a743dc8c634df519ec31f416581b65e4377d3d9f3efeb1ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 06:15:40 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
IAD79-C2
age
50185
x-amz-server-side-encryption
AES256
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:44 GMT
server
AmazonS3
etag
W/"add3bd689cc249b7294d1e270a2ac3a2"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
2Nzs8mIQs2DtqNmUWewJ8QRm4_m1IizTyRn1CZlQR39z64b9iTmLjw==
pp-counterTimer.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
509 B
869 B
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-counterTimer.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14ecf14f7ee782f8057ef81c23e44a22f64caf10d736f30be2f250e662b1d3ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 16:01:14 GMT
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
15050
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
509
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
"3951881ff9d963a4c15d10ba132903c8"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
r9qFOa8hsIcMq6CE2JwQnWbQnDv3V1ohbyoSp1FDPbF-QEte1_lcqA==
cm
in-automate.brevo.com/ Frame C7D9
0
108 B
XHR
General
Full URL
https://in-automate.brevo.com/cm?uuid=c1cbd129-bc48-43a2-8f3b-0114c32fa55d&key=gm86guigrko4zzgucol1x&cuid=64336d13-eeba-468e-b2e8-2895d7bc0b12
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sibautomation.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 20:12:04 GMT
cache-control
no-cache
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f42a6df9ad0a1e7-YYZ
pp-createAffiliateCookie.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/
430 B
791 B
Script
General
Full URL
https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-createAffiliateCookie.js
Requested by
Host: st.ppsrvs.com
URL: https://st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/pp-bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.84.108.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-42.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa71a7d7048a9a83d444a3c9d2f7e2b610b129b75306398e7636a48049fd1d3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 10:46:45 GMT
via
1.1 f3ee8ae60de459e8972313e578c7addc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD79-C2
age
33920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
430
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 02 Aug 2023 12:12:43 GMT
server
AmazonS3
etag
"20e59f936b04b1ae54b1b01bec4e9a34"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
JabvBA_L5HAZMOosS5JR0xYcAJdBFYpueEdebpRvDd2URqoyDovMow==
p
in-automate.brevo.com/
0
33 B
XHR
General
Full URL
https://in-automate.brevo.com/p?key=gm86guigrko4zzgucol1x&cuid=64336d13-eeba-468e-b2e8-2895d7bc0b12&ma_url=https%3A%2F%2Fpowerplay.com%2Fontario%2Flp%2FCA_1000CB_scroll%2F%3Fbtag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764&sib_type=page&ma_title=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&sib_name=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&ma_referrer=&ma_path=%2Fontario%2Flp%2FCA_1000CB_scroll%2F
Requested by
Host: sibautomation.com
URL: https://sibautomation.com/sa.js?key=gm86guigrko4zzgucol1x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://powerplay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 20:12:04 GMT
cache-control
no-cache
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f42a6e06bd7a1e7-YYZ

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer object| webpackChunk function| react-vendors object| regeneratorRuntime object| csr object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| __cfQR object| __cfBeacon object| sib object| sendinblue boolean| __cfRLUnblockHandlers string| GoogleAnalyticsObject function| ga object| webpackChunkppdesign object| ppScope object| cxt_conf object| cxt_mod_shared_scope function| cxtdcs function| cxtdcs_pt object| gaGlobal object| gaplugins object| gaData

34 Cookies

Domain/Path Name / Value
.myckdom.com/ Name: rhid
Value: 83525882050
.myckdom.com/ Name: loi
Value: ad_1655191_off_1097836_aff_92356_cid_374591-WWWMYLONGJOHNSEXPERIENCE.COM_ts_1691611921
akutapro.com/ Name: ClickDataNG
Value: H4sIAAAAAAAA_4xUTW_bOBD9K8KcWkQrk5Yl2SqMxusUu0GapGid5rKAQJNjm2uZJEjKivvx3xeUVNcoetibZuZx-Ibznr7CEa2TWkEJNCEJgRj8ySCUJAbXrFc_vrlWR7QeBZQbVjuMgdeS728FlDAV2ZfdbqtmU9ZADIJ5hJLmM5pTOhvTGDg7GCa3KqBplpEiBumWHxbnXlZ75qXuAFlGpzHYpsYQkRgsCmmR-3v0Oy2gTGNwurG8q9NJGkPNlJBqO-CH6MnWUALEoDcbtB02JTSNYW2Z4rsB3BV76M5748rRqG3bxOgWranZaY0-4fowWibM7V7erj3bzlk1SYt8sq7odFrkvPqnIWScs81GinlBSJpNSZ9y0qMU8w49gIQU8-5YH_M5Z04q3a6r3HAmfDWZFGNSpIRCeHTnhyc4omr6TRh20o3_SX7ZWIuKn6CEp083EENj5cU0bN94Zqzupuh29tbbY2ARFtGzwBePVrFaivmMZLMJGU9pMcxwZJbOf-V2Lo3nuTkH6fwG3d5rUz1LJXTrriipljurD3hFaVY9Pdw9PD4_VG3bHk61Vtt_9U45fDFoJSqOgeLVx8fq-nr58d1idfv53R-3N9fXEIM0CyEsOhdkmqXJbJxMSDKdXpbyftuNQ7vYovJQwr3-IuuajbKERK8GTtHDKqIkIW-iZ6nyyZvoJZ-8jhbG1PiM6zvpR1laJGkevbr7e3X_Po5qucfoL-R7_TrqhxlRmiUkyYoZSWhBok9sw6wczkHY1gYt2p6PwKPkePaRDiMMVII23eef_gvmW1vduu5sf9e5w5-WKXHZ8l4LrC8TD-yAfcz762CprdE22DEYzkAJHxjfo98168glLOkk1ihvg3iWi476tiezXHz79qg8s1IHlPSnIbnSVisfkoZZVH4ZJDUYzcqtVO_NRcpbphzjvbcdlKqp6xh447w-QPkVfiiv-49caA9iOBIo4TemONIuH77GUMIvkovOkov-r-Si30ju-_f_AgAA___TZ69NGgUAAA==
akutapro.com/ Name: ClickDataNgFall
Value: H4sIAAAAAAAA_4xUTW_bOBD9K8KcWkQrk5Yl2SqMxusUu0GapGid5rKAQJNjm2uZJEjKivvx3xeUVNcoetibZuZx-Ibznr7CEa2TWkEJNCEJgRj8ySCUJAbXrFc_vrlWR7QeBZQbVjuMgdeS728FlDAV2ZfdbqtmU9ZADIJ5hJLmM5pTOhvTGDg7GCa3KqBplpEiBumWHxbnXlZ75qXuAFlGpzHYpsYQkRgsCmmR-3v0Oy2gTGNwurG8q9NJGkPNlJBqO-CH6MnWUALEoDcbtB02JTSNYW2Z4rsB3BV76M5748rRqG3bxOgWranZaY0-4fowWibM7V7erj3bzlk1SYt8sq7odFrkvPqnIWScs81GinlBSJpNSZ9y0qMU8w49gIQU8-5YH_M5Z04q3a6r3HAmfDWZFGNSpIRCeHTnhyc4omr6TRh20o3_SX7ZWIuKn6CEp083EENj5cU0bN94Zqzupuh29tbbY2ARFtGzwBePVrFaivmMZLMJGU9pMcxwZJbOf-V2Lo3nuTkH6fwG3d5rUz1LJXTrriipljurD3hFaVY9Pdw9PD4_VG3bHk61Vtt_9U45fDFoJSqOgeLVx8fq-nr58d1idfv53R-3N9fXEIM0CyEsOhdkmqXJbJxMSDKdXpbyftuNQ7vYovJQwr3-IuuajbKERK8GTtHDKqIkIW-iZ6nyyZvoJZ-8jhbG1PiM6zvpR1laJGkevbr7e3X_Po5qucfoL-R7_TrqhxlRmiUkyYoZSWhBok9sw6wczkHY1gYt2p6PwKPkePaRDiMMVII23eef_gvmW1vduu5sf9e5w5-WKXHZ8l4LrC8TD-yAfcz762CprdE22DEYzkAJHxjfo98168glLOkk1ihvg3iWi476tiezXHz79qg8s1IHlPSnIbnSVisfkoZZVH4ZJDUYzcqtVO_NRcpbphzjvbcdlKqp6xh447w-QPkVfiiv-49caA9iOBIo4TemONIuH77GUMIvkovOkov-r-Si30ju-_f_AgAA___TZ69NGgUAAA==
www.powerplaybet.com/ Name: CEK
Value: a
www.powerplaybet.com/ Name: XYZ
Value: 120&1&148&&&&0&1&&be765685-e9ef-48d4-83f5-bab1650e00ff&&a_43764b_18876&
www.powerplaybet.com/ Name: A_18876
Value: a=18876&r=0&fv=0&lv=0&vc=0&fc=20230809&lc=20230809081202&cc=1
www.powerplaybet.com/ Name: PM_196
Value: id=8955f7e2-f7e4-4aff-9e65-6a5520f1fcb3&c=casinowb_6pcadt_447207301&s=43764&ad=18876&md=0&pm=196&d=20230809201202&ip=2572953688&r=0&ref=&RedirectParams=btag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764&cip=MTUzLjkyLjQwLjg4
.www.powerplay.com/ Name: __cf_bm
Value: di3QVm7mC94wEV4pJ52PAV8.PwAg0WogpSAT9PKsErE-1691611922-0-AdmskQOHT8Ur0WB8shEMinNDaj0RVjiqcZnLzZ3Uc9vWZZdh2f9NOS7/dv9PwTT0CsVB3haVtuGBH+5fH3eL++cwgIRdvSl9DUZ2cWs0Y8tW
powerplay.com/ Name: JSESSIONID
Value: "-_mtU6V0S8qkxQQkByZHYfmPdGU7NW2JUN3IWJXi.ppca-app2.rs.fsbtech.com:ppca-app2.rs.fsbtech.com-wildfly"
powerplay.com/ Name: currencyCode
Value: CAD
powerplay.com/ Name: languageId
Value: 1
powerplay.com/ Name: localeKey
Value: en
powerplay.com/ Name: siteId
Value: 5
powerplay.com/ Name: SERVERID
Value: ppca-app3|ZNPzF|ZNPzF
.powerplay.com/ Name: __cf_bm
Value: eiF2u11P_8mdCxcd3XgcLtCcnc3wNIgEZeZ3GUi0f7I-1691611922-0-ASiinR030Oy/kTvVQWSF6XQBoK9iN7BufsjU70dLd4IBuytt3/0Fmhcpg0HEtR/QX875hv9Z9wrVMKixol/1pQUgjJULRUjoaaQ78HppY0VD
powerplay.com/ Name: clid
Value: 8b287e38-63ec-400b-956f-993a43bba8a5
powerplay.com/ Name: affiliateTrack
Value: {%22affiliateName%22:%22?btag%22%2C%22affiliateValue%22:%22a_43764b_18876c_casinowb_6pcadt_447207301&siteid%22}
.powerplay.com/ Name: _gcl_au
Value: 1.1.2041373173.1691611923
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.powerplay.com/ Name: _ga_Y3KG8VDTHZ
Value: GS1.1.1691611923.1.0.1691611923.0.0.0
.connextra.com/ Name: CxtId
Value: fd2bec82-2894-42e8-a01d-cf11b8ccf606
.connextra.com/ Name: PowerPlay
Value: P%7Clandingpage%7C1%7C202308092112
.adnxs.com/ Name: uuid2
Value: 7421073909296206250
.powerplay.com/ Name: sib_cuid
Value: 64336d13-eeba-468e-b2e8-2895d7bc0b12
.powerplay.com/ Name: _ga
Value: GA1.2.1611746934.1691611924
.powerplay.com/ Name: _gid
Value: GA1.2.932721268.1691611924
.powerplay.com/ Name: _gat_gtag_UA_119769874_6
Value: 1
.bidr.io/ Name: bitoIsSecure
Value: ok
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVIgq#j3!]tbP6j2F-XstGt!@DS3$e(La
.powerplay.com/ Name: cf_clearance
Value: ceIZlGVyGW.7akO91bOLWQYaOb2o.AQSyvFX_pYHpFg-1691611924-0-1-b2f88981.674db848.e5f9d661-0.2.1691611924
sibautomation.com/ Name: uuid
Value: c1cbd129-bc48-43a2-8f3b-0114c32fa55d
.bidr.io/ Name: bito
Value: AAArdk7Jp-YAACWj9jyTuA
my.rtmark.net/ Name: ID
Value: d69fffbfda6b417d84433d07a1f14d03

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akutapro.com
googleads.g.doubleclick.net
in-automate.brevo.com
match.prod.bidr.io
my.rtmark.net
myckdom.com
p374591.myckdom.com
powerplay-content.com
powerplay.com
secure.adnxs.com
segment.prod.bidr.io
sibautomation.com
st.ppsrvs.com
static.cloudflareinsights.com
wp.powerplay-content.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.powerplay.com
www.powerplaybet.com
wwwmylongjohnsexperience.com
zz.connextra.com
104.16.57.101
104.18.12.29
104.18.28.20
104.18.31.104
104.18.5.148
104.86.233.107
139.45.195.8
142.251.35.164
160.153.235.136
167.172.228.26
172.217.13.104
172.217.13.195
172.217.13.206
172.217.13.98
20.93.81.72
34.234.154.208
52.117.247.211
52.6.65.1
54.157.73.116
68.67.179.164
99.84.108.42
0005b256e189bc5729342d8098520273e533023daefd8f15a672ee5aba6e591e
07c9b43d551b0d49dd37ce4138b6a10a892292995955f9091bd962d3d8fcc949
10e8276f1b592bf92c9b41a7c4507d67316ed62e87f6c6b3cb0476d317f68080
126e5a82ae666d429d3ae7e57be6eda6c975ec9fe18d0d21df27aad79fdee1ac
14ecf14f7ee782f8057ef81c23e44a22f64caf10d736f30be2f250e662b1d3ec
15f02c5838c6793f05c8c2f0e917b624f295aa884be53af22d942106c1a5887b
170be8230b71c7276d7f1b8ae46638f893216bb2dc3f9cb4d7320e88fa558dd0
171695fad3293c42592a04c152452710b9fc086508972c682217b7f2c6a1f731
19693a063859fbc73bba7004aa8a0908c526a489d6eb3181fc161f6b21e6a502
1d195b35cd8e579a17d000f888db81b4d814f80c1afb6cf492c685dc87608b66
32ab5f8c0959e3400adae0e888fcc69695c4c6f6f50d9d329b3ecc5689063ab2
3c9d1126e2917a35816f5846f495faa9da19b4ca8b1ddff23981dec67302c6e3
3d5506854228cd2719cf860e3d48f21ffe9ab70512b63b5130f52d8779c1f63c
440e51e97a1f1e0f89fd9e4f5c679588c0f3124005365b71d3e64861a084dce9
484ee616de01e916ba4ce6e8c48fa6551f6ec9c215ced5b31575762b535eba08
48aba20e2721ef10913638f8c60a47bf9a46772817687ae9b33ce8cb7cd3de27
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508b3eba0feab2726c520379d719703d902ee584fd6ada6e5b36b3033b20369d
531afb8d462c60b454489c1041538a5db9767de6a24793df88a509a35a6398b5
56216f99251dd03c55f553b52bb5523f331e79caf984999d2fb19854fb67bb08
57ad6e36430aed8c974637cc02bd2ac0450c9fbdc8651c5757cfbe9bb22b5bcb
58dd618ab54b9d91dee0a2732c6e67c180efb196e1412a556f8cff6b8d277fcc
6154a7590615bf2649898db61cea8056988e4149b4dccdd11039018272ced0e0
652541be9999e94663d364c2de129df810eb4ce6f17134c9b546c42d24e63ea1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74ba75b04f4c6ab366f6ccc158d4267e7c3f1e66fca8c43333f955c6b19f7a6a
76b43d097a4fc009f6d290100529563dfd7e7e91d6a25ae35cb7ded55783f3d3
7867964dbcde854e1d2757239b77a4aec8fef95fb67fdd9a51883131facc2112
7bb97e6c8adbd4626d2fdaceb47c2c5fb50ea51028b8b149f0e35d8a65a7d3f3
87c23a566aecd71a97288bb22d797a277c77a4e139fc5935cc8b910e3a2b21b8
8d405bfaaf9ecbc1ebb18881d2d77026f7e17312b64d3969c64b625c0aa47b42
8e19966797cd0817a0596258e64f132494b3feeec848f33509a99a10160d5f0c
9119462f6350c91b062884b4425f27f48be7063829347ecbfe6afb9af8e0b675
9727700ca4a55d10f4879e109180b3d9b1f42f9d4d474aa2a66117eddc3bb604
9a92326ae6f5aea36d4393910d678a6760ae6eadd0ab9be62c46a03082474ba9
a262a9635bb8f28bd78fd4494f35f495e0343202bf4788e4ec7dbd4be64a660e
a520141c4ce651b279a73fec818c8f5dff495797dc185183db968079ff8846ba
ab3d4ba968ab1b6b8403cf13a2fdddd4cf710f52aea5ee01e06e8e62b13181ea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a8b380044c8914bd056701890c61e05b58a0fc72f516395ff5d010a9a1cab1
b745a8848c639d15139e4017157c7207ac0a9e8d6948fcc2203267897e8c50ce
b7ef3fc2c877c901a53f282ad67b605b5553e0c5df723426dba4b7b78b1aef6a
be191b44f5c7989a743dc8c634df519ec31f416581b65e4377d3d9f3efeb1ff9
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c6dbdb02881aecef8a4408b23b30521eae5a17f8364791b79aacadb9a818c614
c86348593a20522880f1a46a91eacd67e18cc15925bf0e197720344ab63599e8
c88dd4ccfb576adccc328013892e7ef1c86c956c6880972ee49b4895dccd5a66
cb754c69c75f59fb7de047a7dea616be73b6eec74c247dcda3109484073ebd0b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc2b549cfe75973a9fd32a72030d869f64a8055ce7d920b69ecee60b01fd213
d3fcf5d5206ff486e62ef44002086e1e8f33dc6dbaf68bf674db07d55b2ab312
d85caca825700df29d1acabcfda9ff45b1d1efac994f96a8e14b8f9f8906a2c9
d91f70bd85c30767de25f9c149e5ad150ad5d99c0058a191a93464e2dab1211d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd26ed38feabef8914c776ca02fd708233d6778304a377068f391f00a530efee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8a4a1094e339e1339fdc3caee1fabe4a5beb8f97b939825de7bf5917850bb1
e18c2c1b2ca3939bffeb9ac90e47ce207aba9d1c06c4549576bc41f3d12a7bc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bef68e90b255743b372bdf95b79507c8e37cb4f5fba2c52580973749e4ff1f
eb3230e4dadc08d9e8312c75f5b59c145fce03e630a72f508b64da7cc1386cd5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8167fbc5c1e56c68bea6cb59e801f73724566740ab4f66cbd93b6fa47463acc
fa71a7d7048a9a83d444a3c9d2f7e2b610b129b75306398e7636a48049fd1d3f
ff248eaa2944486c77fe83465ff08e71cb12f1219d0011164e8cac6d3bd73282
ffdd2071b5dce859b43f29e5d0fe90f35ba72684fdbcce012793aea6eeece28b