Submitted URL: http://click.freshwaterlive.info/campaign/clicked/MTczODY3NjM%3D__NTE0__MjU4NTk1MQ%3D%3D__MjAy/aHR0cHM6Ly9iaXQubHkvMzZTakRDSw%3D%...
Effective URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00ed...
Submission: On November 23 via manual from AU

Summary

This website contacted 5 IPs in 2 countries across 8 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::681c:1db8, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.collarsclubb.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 1st 2020. Valid for: a year.
This is the only time www.collarsclubb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 52.219.73.64 16509 (AMAZON-02)
22 5
Domain Requested by
12 www.collarsclubb.com www.collarsclubb.com
4 s3-eu-central-1.amazonaws.com www.collarsclubb.com
3 fonts.googleapis.com www.collarsclubb.com
2 s.pandapluss.com www.collarsclubb.com
s.pandapluss.com
1 www.yourluckyjackpot.com 1 redirects
1 www.happymomlifes.com 1 redirects
1 bit.ly 1 redirects
1 click.freshwaterlive.info
22 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-01 -
2021-10-01
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.s3.eu-central-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-08-27 -
2021-09-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Frame ID: 8AF735AA42D296A967AC7204EDA3CAD2
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

Spin & Win

Page URL History Show full URLs

  1. http://click.freshwaterlive.info/campaign/clicked/MTczODY3NjM%3D__NTE0__MjU4NTk1MQ%3D%3D__MjAy/aHR0cHM6Ly9iaX... Page URL
  2. https://bit.ly/36SjDCK HTTP 301
    https://www.happymomlifes.com/tracking/5c45ea2be0392c3a46906501?src=5f1e8b955e0584481ace1ab9&s1=&s2=&s3=&s... HTTP 302
    https://www.yourluckyjackpot.com/tracking/5c3dd338276d7534fa9af790?src=5bacc595996f024a00edd03a&s1=5f1e8b955e... HTTP 302
    https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

95 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

5
IPs

2
Countries

514 kB
Transfer

671 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.freshwaterlive.info/campaign/clicked/MTczODY3NjM%3D__NTE0__MjU4NTk1MQ%3D%3D__MjAy/aHR0cHM6Ly9iaXQubHkvMzZTakRDSw%3D%3D?c=17386763 Page URL
  2. https://bit.ly/36SjDCK HTTP 301
    https://www.happymomlifes.com/tracking/5c45ea2be0392c3a46906501?src=5f1e8b955e0584481ace1ab9&s1=&s2=&s3=&s4=&s5=&k=5d1c749c3cee265de3b13f6b HTTP 302
    https://www.yourluckyjackpot.com/tracking/5c3dd338276d7534fa9af790?src=5bacc595996f024a00edd03a&s1=5f1e8b955e0584481ace1ab9&s2=&s3=&s4=&s5=&k=5d1c679da400a827829c3840&extuid=5fbc3f6ff4f96b74f53f26d8 HTTP 302
    https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set aHR0cHM6Ly9iaXQubHkvMzZTakRDSw%3D%3D
click.freshwaterlive.info/campaign/clicked/MTczODY3NjM%3D__NTE0__MjU4NTk1MQ%3D%3D__MjAy/
144 B
904 B
Document
General
Full URL
http://click.freshwaterlive.info/campaign/clicked/MTczODY3NjM%3D__NTE0__MjU4NTk1MQ%3D%3D__MjAy/aHR0cHM6Ly9iaXQubHkvMzZTakRDSw%3D%3D?c=17386763
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:823b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.19
Resource Hash
d6bfa0ee39e1a9e42de77cf061c677bc1c9786f883167a8cf6075af863417ee6

Request headers

Host
click.freshwaterlive.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 23 Nov 2020 23:02:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dcc5c472d3f1c3aa4d7de6eff345c88ac1606172523; expires=Wed, 23-Dec-20 23:02:03 GMT; path=/; domain=.freshwaterlive.info; HttpOnly; SameSite=Lax
X-Powered-By
PHP/7.3.19
CF-Cache-Status
DYNAMIC
cf-request-id
0698f0d4bb000016f2cc88a000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zCgKTHLUdCSMojDaJcbQpa0so%2BYZj%2FgXW%2Bp5upU7I2JaKSQIgDzGflS3pNPBKOAL97%2F0MZMPrGXejqli88fDAVYoNKqHDPzWdkPVEtCgRqmb8J2y6zp6aeRkvNvekaGR%2FQ71lsn0"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5f6e84012e0616f2-FRA
Content-Encoding
gzip
Primary Request nrp=5fbc3f6fbd748c634728d31d
www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/
Redirect Chain
  • https://bit.ly/36SjDCK
  • https://www.happymomlifes.com/tracking/5c45ea2be0392c3a46906501?src=5f1e8b955e0584481ace1ab9&s1=&s2=&s3=&s4=&s5=&k=5d1c749c3cee265de3b13f6b
  • https://www.yourluckyjackpot.com/tracking/5c3dd338276d7534fa9af790?src=5bacc595996f024a00edd03a&s1=5f1e8b955e0584481ace1ab9&s2=&s3=&s4=&s5=&k=5d1c679da400a827829c3840&extuid=5fbc3f6ff4f96b74f53f26d8
  • https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
21 KB
6 KB
Document
General
Full URL
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28f7085dbcd2e82e4a5ce03921942f5038418c23be3226c4dcf3c9e4c48f276

Request headers

:method
GET
:authority
www.collarsclubb.com
:scheme
https
:path
/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://click.freshwaterlive.info/campaign/clicked/MTczODY3NjM%3D__NTE0__MjU4NTk1MQ%3D%3D__MjAy/aHR0cHM6Ly9iaXQubHkvMzZTakRDSw%3D%3D?c=17386763
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://click.freshwaterlive.info/campaign/clicked/MTczODY3NjM%3D__NTE0__MjU4NTk1MQ%3D%3D__MjAy/aHR0cHM6Ly9iaXQubHkvMzZTakRDSw%3D%3D?c=17386763

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfce6b3468442fe2307c1bab704912f1f1606172527; expires=Wed, 23-Dec-20 23:02:07 GMT; path=/; domain=.collarsclubb.com; HttpOnly; SameSite=Lax laravel_session=eyJpdiI6IlRoVFBVNmp4SHQwM3VnWHZEb245eUE9PSIsInZhbHVlIjoicUg1dnJ5R2VMNGV0TXYydG90S1I3RTJSelVEMnVxRjcxc1hjSG5ZazZ4enVHUGRkTm5PMUFUc1NLcnoxRld6NGlaNGplbUkwQVIyYXJcL0NITkV5d3pRPT0iLCJtYWMiOiIxY2FlNzgzYjQ0Y2Y0ZmE0Yzc4YzVlOGJjNGMzYTU2OGQxN2UxNWRiYTZkMTM1NmMyYTY1ZWFkMTBjYjRkYWFiIn0%3D; expires=Mon, 30-Nov-2020 21:41:08 GMT; Max-Age=599940; path=/; httponly
vary
Accept-Encoding
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0698f0e405000032609c3bf000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4GH1ay52OUmvkqxRmnIZh%2BAd0oqiotg6LPmTcsdmBVUv2z4pj2ENFkcj5HVkyigARuh8%2FjAqI9y6TXMKvhQaxXcYPOALsKcpn4xVgriw3DW7FqyRZHAT8YrgvOeM63C6Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f6e8419a8753260-FRA
content-encoding
br

Redirect headers

date
Mon, 23 Nov 2020 23:02:07 GMT
set-cookie
__cfduid=d49cd65dc09e209caab2fd08e51f08d151606172527; expires=Wed, 23-Dec-20 23:02:07 GMT; path=/; domain=.yourluckyjackpot.com; HttpOnly; SameSite=Lax c2lub3M=5fbc3f6fbd748c634728d31d; Max-Age=595999; Path=/; Expires=Mon, 30 Nov 2020 20:35:26 GMT connect.sid=s%3A0libnZq6Fxr56nxzW4DESdwIj_2wn8aM.eJlz%2B2BMj7NjZE0yv8Dqx%2BxkUmOR0JgbCLjk%2FLfzUxo; Path=/; HttpOnly
x-powered-by
Express
access-control-allow-origin
*
location
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
cf-cache-status
DYNAMIC
cf-request-id
0698f0e31700001f1d8e8eb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d0rMTm31EfPJ4Tfokvic94p5Rg6WvuZIfFBpWu8fQBWkNUhvcu6wd%2B9O9zfcOqaVG7nQrOCdbruvUck43GX2C4EA8oJkIBje6VvKTuKTpLNVt1PWMa41Va8vsMPQkJ4XoKhrgMc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f6e84182c2a1f1d-FRA
main_au.css
www.collarsclubb.com/css/
15 KB
3 KB
Stylesheet
General
Full URL
https://www.collarsclubb.com/css/main_au.css
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45eaa4cd6cd21195cc225638fb375613213d6b604bf883455f48c1f32c48a381

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Jun 2017 10:14:47 GMT
server
cloudflare
etag
W/"59410c97-3a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KPqT43FYBYLulreLcADL86YtyjgIcXLfrzP7hkRtuvvJRjJDlzN86%2BJnQGDPnbkQFFczMaNn59C0PI7i%2FE6YiSCWt3DQSljCx2yx7e9h3r2SbbJj5sFKl3DRd9PYfKaSSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841cfe513260-FRA
cf-request-id
0698f0e61a000032605212a000000001
font-awesome460.min.css
www.collarsclubb.com/css/
28 KB
6 KB
Stylesheet
General
Full URL
https://www.collarsclubb.com/css/font-awesome460.min.css
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Jun 2017 10:14:44 GMT
server
cloudflare
etag
W/"59410c94-7057"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4sBmh7dV0CRlonl6HnYgq6gs5sezCMP5g8JIHq64k6EyH6R%2B3jEJQzdMw8rOsT91DxuJD1qKzl64y4hx3OHTkGdpSiGS%2BrhJr0O733r6MqJva4xi3D6fubovPsMiCc1IaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841cfe533260-FRA
cf-request-id
0698f0e61a0000326085b58000000001
magnific-popup.min.css
www.collarsclubb.com/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.collarsclubb.com/css/magnific-popup.min.css
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b0e50f9445fbbaeb73128e1e847f5a67d7ad164f817e892565db5553af5d7cf

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Jun 2017 10:14:23 GMT
server
cloudflare
etag
W/"59410c7f-148c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gPWvjb5yysphZKbjHZ2coBeUZzNpsmrxKjAqAGJ3xl%2F6rDl5bTPFXKDl%2BUJEV5DPJ0EVkxs5UvgHx%2Bf7b3DVfObGGMYl1H7ONyrwKLeWvZI5qlKGUJfTtt%2FrGTF2CgiCcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841cfe543260-FRA
cf-request-id
0698f0e61a00003260b9295000000001
css
fonts.googleapis.com/
2 KB
622 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fc6cf05f3910ead58e414f122581283b5dbd969596c39fcae4f6b442da1ab1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Nov 2020 22:19:10 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Mon, 23 Nov 2020 23:02:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 23 Nov 2020 23:02:08 GMT
css
fonts.googleapis.com/
361 B
366 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Arvo
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60e2659fde26481893787739e540f24423281aa4f45e2870a9c20af7abd6ab35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Nov 2020 22:52:32 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Mon, 23 Nov 2020 23:02:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 23 Nov 2020 23:02:08 GMT
blue_notys3.css
www.collarsclubb.com/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.collarsclubb.com/css/blue_notys3.css
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 15 Nov 2017 11:25:47 GMT
server
cloudflare
etag
W/"5a0c243b-2381"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V%2FwRkukt9GJLCyge2RPYuftNCJabIdRdUiItSByYmCzm6d0mqf6QkSM%2FVhUKv5ve7KwkS9U9vDomTidYEUdiPlbTWDAAKk9wInQd7paz8qvh6DpKOTcWCexJql4psgHj%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841cfe553260-FRA
cf-request-id
0698f0e61b00003260693b7000000001
embed.js
s.pandapluss.com/
22 KB
8 KB
Script
General
Full URL
https://s.pandapluss.com/embed.js
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d108998402f1d542c0d6ac92c19ea4818554e1093fb96b1bd589ebb5a4f533a8

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 12 May 2020 10:59:19 GMT
server
cloudflare
etag
W/"5eba8187-563e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u22YgENnzfCT%2FMO3wBIMmBDkn1CtGvsrpaWwJsL2GhgMqbqrw9qAZSF929CpLoxnzRcXG9VEOD8SIDhQ%2BrISt59khpr83ttWEqjTKoT8BrBWoHBb9IKeJvUo%2B57d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841d1910bf28-FRA
cf-request-id
0698f0e6330000bf28d731c000000001
Wagerbeat_logo.png
s3-eu-central-1.amazonaws.com/igamingcloudstr/spimages/
21 KB
22 KB
Image
General
Full URL
https://s3-eu-central-1.amazonaws.com/igamingcloudstr/spimages/Wagerbeat_logo.png
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.73.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a642eb85e24ee6fbd6b61d717bc7d28441c8cc8ec209114af654eabec33d31f2

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 23 Nov 2020 23:02:09 GMT
Last-Modified
Wed, 03 Jul 2019 07:44:53 GMT
Server
AmazonS3
x-amz-request-id
4H8HDMES8SEYBPDP
ETag
"d61ce2a4c8e5bc43bf9998f9dfed2c00"
Content-Type
image/jpg
Accept-Ranges
bytes
Content-Length
21900
x-amz-id-2
LF1HV2IKh2hI8ErWdJ6UDZ8okf6ARhs6XYsR3YsDWDaKES2svY9E1UZf4D2C3ssFNonnXkk3oPQ=
WBspinner.png
s3-eu-central-1.amazonaws.com/igamingcloudstr/spimages/
137 KB
137 KB
Image
General
Full URL
https://s3-eu-central-1.amazonaws.com/igamingcloudstr/spimages/WBspinner.png
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.73.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
68aa5a4586a0c1fe412c1fc22aa3131a6c6eadc77bb99052eb5d9ef0ec12da3e

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 23 Nov 2020 23:02:09 GMT
Last-Modified
Wed, 03 Jul 2019 08:11:17 GMT
Server
AmazonS3
x-amz-request-id
1BDAB615452E853E
ETag
"22659b99e2a794272567f307f67d46dc"
Content-Type
image/jpg
Accept-Ranges
bytes
Content-Length
140155
x-amz-id-2
0qLXQDqrwPa4UvteG96vc+DV56IHu1djrJV9Co9MUL7xrZP8BHmyqDn8ALR09EdaCPk0YJjeisg=
WBwinnerspinnerbanner.jpg
s3-eu-central-1.amazonaws.com/igamingcloudstr/spimages/
75 KB
75 KB
Image
General
Full URL
https://s3-eu-central-1.amazonaws.com/igamingcloudstr/spimages/WBwinnerspinnerbanner.jpg
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.73.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6a2c3957e6bd32f49bd34e1c710809492ce34fa9a5ef1d25d9cb999327a73dc7

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 23 Nov 2020 23:02:09 GMT
Last-Modified
Wed, 03 Jul 2019 08:23:12 GMT
Server
AmazonS3
x-amz-request-id
4F5EBBC1400D7BD0
ETag
"0713db5a5b3d407b842c0c1f7fbdced9"
Content-Type
image/jpg
Accept-Ranges
bytes
Content-Length
76542
x-amz-id-2
Gzelygsh+wgCHfydw/BeYsfjrDe7J1Hk2EvoIJKaLUB6leAdx0P+4EyCX4d5VMLLmiHRq3wTkGU=
jquery-2.1.4.min.js
www.collarsclubb.com/js/
82 KB
28 KB
Script
General
Full URL
https://www.collarsclubb.com/js/jquery-2.1.4.min.js
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Jun 2017 09:52:00 GMT
server
cloudflare
etag
W/"59410740-14979"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wQpCUNR6XD%2FiUBxToapp9JHhNnlOvNCSXSlqi8oeRGfwmcmeMUZXu7iTGF2ghWSK2emY8mSjD28AIRBihQ79MsMBpwK1qLl2Wf%2F2q1QRRqzTh6x2hkkTkYrc%2FYTygTFG8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841cfe573260-FRA
cf-request-id
0698f0e61b00003260ac34d000000001
jquery.magnific-popup.min.js
www.collarsclubb.com/js/
32 KB
8 KB
Script
General
Full URL
https://www.collarsclubb.com/js/jquery.magnific-popup.min.js
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dee5bddbad21462d24377c7148dbbcf7e334fca046cea6f139f5e0d792372b6

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Jun 2017 09:51:53 GMT
server
cloudflare
etag
W/"59410739-8023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Hmm8mYdmM%2Bs9NTxw1FK1dp%2BI5LNmNd1kjWBkrRPZmFsUFojTQRWQG5m%2BjMKjBaXsymi%2B50m2qRaLBYxWL19UQjVB69sbiy63wvVBzGvT%2BiqMSv%2Fy49%2F8WasqsQUAgQfJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841cfe593260-FRA
cf-request-id
0698f0e61b00003260663af000000001
jq_fortune4.js
www.collarsclubb.com/js/
4 KB
1 KB
Script
General
Full URL
https://www.collarsclubb.com/js/jq_fortune4.js
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2647a4da1fea466d79e5bbf6a170f7b2c8b836fe34693914061443a17d435c91

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Jun 2017 09:51:50 GMT
server
cloudflare
etag
W/"59410736-114e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2RuK%2BM2Y2cfhDsWHCiL2sUgJ3KfPMh5jBu%2B2T%2FOCCkGjDcGwYuCsno8MAZQhthj8OZ4%2Fzk7mcKyAE6iuHgMXl2AaoiG4Ga3vCG%2B48t7JK5Jn2%2BKOm45xyA3jVhLyzhjsRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841cfe5b3260-FRA
cf-request-id
0698f0e61c000032609faa6000000001
jquery.cookie.js
www.collarsclubb.com/js/plugins/jqueryCookie/
3 KB
1 KB
Script
General
Full URL
https://www.collarsclubb.com/js/plugins/jqueryCookie/jquery.cookie.js
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Jun 2017 09:55:44 GMT
server
cloudflare
etag
W/"59410820-c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A8uOiKcey2d5lA8mtmEk2hkE%2FGfhuWFl1vKBmPQ4r1rBIK%2BVR1zzbrs7gNqgrLPhF%2BbOV6T4jrMWSc%2B3ReAWkOITLhXHQ9rKPvfoAn4f%2BQL7lWFEX2t%2BvWofZ9wDbZFs3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5f6e841cfe5d3260-FRA
cf-request-id
0698f0e61c000032607c82f000000001
css
fonts.googleapis.com/
6 KB
763 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/css/blue_notys3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.collarsclubb.com/css/blue_notys3.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Nov 2020 21:59:14 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Mon, 23 Nov 2020 23:02:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 23 Nov 2020 23:02:08 GMT
WBBG2019.jpg
s3-eu-central-1.amazonaws.com/igamingcloudstr/spimages/
96 KB
97 KB
Image
General
Full URL
https://s3-eu-central-1.amazonaws.com/igamingcloudstr/spimages/WBBG2019.jpg
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.73.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
df20764ac25501e66234bcb0772fb5aa057473472626b24878e92f26d80c9dda

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 23 Nov 2020 23:02:09 GMT
Last-Modified
Wed, 03 Jul 2019 07:55:12 GMT
Server
AmazonS3
x-amz-request-id
9477ABC4C4745E2A
ETag
"4c625b786673c6f4c7f879fa3a227f55"
Content-Type
image/jpg
Accept-Ranges
bytes
Content-Length
98723
x-amz-id-2
kl0teO/B1skvz1isZsO98tSABNHRKvKc7h4+BpwWzjO66P1jyW3/6FlkB52KjhvTDWpkV3BAwIA=
fontawesome-webfont.woff2
www.collarsclubb.com/fonts/
0
311 B
Font
General
Full URL
https://www.collarsclubb.com/fonts/fontawesome-webfont.woff2?v=4.6.0
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/css/font-awesome460.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://www.collarsclubb.com
Referer
https://www.collarsclubb.com/css/font-awesome460.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1s%2BttWVtOhZcPTjXKW4zzYAu3T%2BAiwLZJmfy4U5c2sOtC1IUXM7LCSM1rYQ1%2BK4AdpW2IuMj9jy5edrA63l%2B%2FMEzAs0rr7DzhMx0MJbKeepPXtjYj86zxkofy53COFFWLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
5f6e841d9f4d3260-FRA
cf-request-id
0698f0e67c000032605b870000000001
20170509122816_casinom.mp3
www.collarsclubb.com/uploads/
30 KB
30 KB
Media
General
Full URL
https://www.collarsclubb.com/uploads/20170509122816_casinom.mp3
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
543dcbc15dd31d70b34b2b125d91164dded0f5208b4741f9a6eecc6fc5fa9a72

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 May 2017 10:28:16 GMT
server
cloudflare
etag
"591199c0-7754"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HBBs5tlhhgW%2BQPzTR5v1jL4SGAuddpk91JlwZBiyCNWo%2FAxt39owdBWqlqEjLevwOwnQ2RvqkaOfg0%2FELHebAyrfZTl06csA%2F%2Fe0VQYQyfmzIWfnKvHirnu7Sishj120qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-30547/30548
cf-ray
5f6e841ddfb23260-FRA
Content-Length
30548
cf-request-id
0698f0e6a6000032605e95c000000001
fontawesome-webfont.woff
www.collarsclubb.com/fonts/
82 KB
82 KB
Font
General
Full URL
https://www.collarsclubb.com/fonts/fontawesome-webfont.woff?v=4.6.0
Requested by
Host: www.collarsclubb.com
URL: https://www.collarsclubb.com/css/font-awesome460.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:1db8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Origin
https://www.collarsclubb.com
Referer
https://www.collarsclubb.com/css/font-awesome460.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:08 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
83760
cf-request-id
0698f0e6d600003260b62b5000000001
last-modified
Wed, 14 Jun 2017 10:12:35 GMT
server
cloudflare
etag
"59410c13-14730"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SGkD%2FbuQYKeXHN%2Bexk06nEO1fC%2FOQUSpuSPwH1Voi1D%2FOglfIRzBNQDXIYrCdCgYrvRZ%2BlGN%2BL9BLRLq2NzCPP%2BQo3MmNRKcHtK04zg2eZpcqCC%2FVL0kVXuNmpcscEd5fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5f6e841e284a3260-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
s.pandapluss.com/pull/
19 B
664 B
Fetch
General
Full URL
https://s.pandapluss.com/pull/?notifications=no&campaign:id=NzIwNTE%3D&country:locale=AU
Requested by
Host: s.pandapluss.com
URL: https://s.pandapluss.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e430707e0ab4413cb3c8c0dab8daf93186950a437b226c3f509e907296fde9a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:02:09 GMT
vary
Origin
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
GET, HEAD, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r%2BDsDNuoPXJPuwEx7S%2FtYMDlsvV1ydW2jQ5UBron4Qb2gG6DSYeY7DOzojKoknwA7Ep6MRwi%2BYjNBorpkR8yoEzsQkpjudRV32HTLmm1rfCUa7%2FQ292WjKrzKxz%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
5f6e84247d9d6353-FRA
content-length
19
cf-request-id
0698f0eacd00006353cb09d000000001

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| plushLoaded function| $ function| jQuery object| prices number| spins number| cash number| count object| $spinner function| transition function| startTimer function| rand function| myRedirectTimer function| stopRedirectTimer number| checkTimer string| survey_id function| Plush boolean| plushExecuted

4 Cookies

Domain/Path Name / Value
www.collarsclubb.com/ Name: survey_id_17179
Value: true
www.collarsclubb.com/ Name: b2ZmZXJXYWxs
Value: %7B%22campaign%22%3A%22NzIwNTE%3D%22%2C%22survey%22%3A%2217179%22%2C%22source%22%3A%225bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9%22%2C%22subid%22%3A%22subid%3D5bacc595996f024a00edd03a%26firstname%3D%22%2C%22firstSession%22%3A%22z5HbniWMQLAHqpKsib4X6OCylOBjifWgCQZWNwtz_NzIwNTE%3D%22%7D
www.collarsclubb.com/ Name: laravel_session
Value: eyJpdiI6IlRoVFBVNmp4SHQwM3VnWHZEb245eUE9PSIsInZhbHVlIjoicUg1dnJ5R2VMNGV0TXYydG90S1I3RTJSelVEMnVxRjcxc1hjSG5ZazZ4enVHUGRkTm5PMUFUc1NLcnoxRld6NGlaNGplbUkwQVIyYXJcL0NITkV5d3pRPT0iLCJtYWMiOiIxY2FlNzgzYjQ0Y2Y0ZmE0Yzc4YzVlOGJjNGMzYTU2OGQxN2UxNWRiYTZkMTM1NmMyYTY1ZWFkMTBjYjRkYWFiIn0%3D
.collarsclubb.com/ Name: __cfduid
Value: dfce6b3468442fe2307c1bab704912f1f1606172527

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d(Line 102)
Message:
processed: firstname-
console-api info URL: https://www.collarsclubb.com/survey/15027/source=5bacc595996f024a00edd03a_5f1e8b955e0584481ace1ab9/subid=5bacc595996f024a00edd03a&firstname=/nrp=5fbc3f6fbd748c634728d31d(Line 102)
Message:
TP init

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
click.freshwaterlive.info
fonts.googleapis.com
s.pandapluss.com
s3-eu-central-1.amazonaws.com
www.collarsclubb.com
www.happymomlifes.com
www.yourluckyjackpot.com
2606:4700:3031::681c:1db8
2606:4700:3033::ac43:c1b6
2606:4700:3034::6812:3648
2606:4700:3034::ac43:c141
2606:4700:3035::ac43:823b
2a00:1450:4001:808::200a
52.219.73.64
67.199.248.11
1b0e50f9445fbbaeb73128e1e847f5a67d7ad164f817e892565db5553af5d7cf
2647a4da1fea466d79e5bbf6a170f7b2c8b836fe34693914061443a17d435c91
3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e
3fc6cf05f3910ead58e414f122581283b5dbd969596c39fcae4f6b442da1ab1e
45eaa4cd6cd21195cc225638fb375613213d6b604bf883455f48c1f32c48a381
4e430707e0ab4413cb3c8c0dab8daf93186950a437b226c3f509e907296fde9a
543dcbc15dd31d70b34b2b125d91164dded0f5208b4741f9a6eecc6fc5fa9a72
5dee5bddbad21462d24377c7148dbbcf7e334fca046cea6f139f5e0d792372b6
60e2659fde26481893787739e540f24423281aa4f45e2870a9c20af7abd6ab35
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
68aa5a4586a0c1fe412c1fc22aa3131a6c6eadc77bb99052eb5d9ef0ec12da3e
6a2c3957e6bd32f49bd34e1c710809492ce34fa9a5ef1d25d9cb999327a73dc7
a642eb85e24ee6fbd6b61d717bc7d28441c8cc8ec209114af654eabec33d31f2
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7
b28f7085dbcd2e82e4a5ce03921942f5038418c23be3226c4dcf3c9e4c48f276
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
d108998402f1d542c0d6ac92c19ea4818554e1093fb96b1bd589ebb5a4f533a8
d6bfa0ee39e1a9e42de77cf061c677bc1c9786f883167a8cf6075af863417ee6
df20764ac25501e66234bcb0772fb5aa057473472626b24878e92f26d80c9dda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c