urlscan.io logo urlscan.io
SecurityTrails logo

play.sanmanuel.com Open in urlscan Pro
2.16.186.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.mail6.spopessentials6.com/ctt?ms=MTA0NjQxMDQS1&kn=10&r=NDU5MzA5NDg4OTAyS0&b=0&j=MTYxMjk3Njc0MQS2&mt=1&rt=0
Effective URL: https://play.sanmanuel.com/promotions.shtml
Submission: On October 16 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 16 domains to perform 76 HTTP transactions. The main IP is 2.16.186.147, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is play.sanmanuel.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 1st 2020. Valid for: 3 months.
This is the only time play.sanmanuel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.127.205.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-205-219.eu-central-1.compute.amazonaws.com
links.mail6.spopessentials6.com
30    2.16.186.147 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-147.deploy.static.akamaitechnologies.com
play.sanmanuel.com
2    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:6c00:287::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
s.go-mpulse.net
4    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:6c00:191::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
c.go-mpulse.net
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.86.243.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-121.vie50.r.cloudfront.net
static.hotjar.com
2    104.108.64.24 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-24.deploy.static.akamaitechnologies.com
munchkin.marketo.net
6    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    99.86.243.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-87.vie50.r.cloudfront.net
script.hotjar.com
1    192.28.147.68 (United States)

ASN15224 (OMNITURE, US)
844-omb-024.mktoresp.com
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    99.86.243.5 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-5.vie50.r.cloudfront.net
vars.hotjar.com
1    99.86.243.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-54.vie50.r.cloudfront.net
vc.hotjar.io
Domain Requested by
30 play.sanmanuel.com play.sanmanuel.com
13 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
play.sanmanuel.com
6 www.facebook.com play.sanmanuel.com
6 connect.facebook.net play.sanmanuel.com
connect.facebook.net
4 fonts.gstatic.com fonts.googleapis.com
3 stats.g.doubleclick.net www.google-analytics.com
2 munchkin.marketo.net play.sanmanuel.com
munchkin.marketo.net
2 fonts.googleapis.com play.sanmanuel.com
1 vc.hotjar.io script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 www.google.de play.sanmanuel.com
1 www.google.com play.sanmanuel.com
1 844-omb-024.mktoresp.com munchkin.marketo.net
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com play.sanmanuel.com
1 www.googletagmanager.com play.sanmanuel.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net play.sanmanuel.com
1 links.mail6.spopessentials6.com 1 redirects
76 19

This site contains links to these domains. Also see Links.

Domain
sanmanuel.com
app.appsflyer.com
gan.com
www.sanmanuel.com
Subject Issuer Validity Valid
play.sanmanuel.com
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.hotjar.com
Amazon		 2020-01-22 -
2021-02-22		 a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2022-01-21		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.hotjar.io
Amazon		 2020-09-15 -
2021-10-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://play.sanmanuel.com/promotions.shtml
Frame ID: 7FCE402FA6A8D4C8068B3A80A7BF7715
Requests: 74 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/XX8JY-5KZ24-BMK7M-ZVJH9-EZY3H
Frame ID: D2875C7CBA8C3C0805C3C4CF9F66BEAE
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: CF7FA6158CB8C655520E956121E9EA35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.mail6.spopessentials6.com/ctt?ms=MTA0NjQxMDQS1&kn=10&r=NDU5MzA5NDg4OTAyS0&b=0&j=MTYxMjk3Njc0MQS2&mt=1&... HTTP 302
    https://play.sanmanuel.com/promotions.shtml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

76
Requests

100 %
HTTPS

58 %
IPv6

16
Domains

19
Subdomains

19
IPs

6
Countries

2724 kB
Transfer

6585 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.mail6.spopessentials6.com/ctt?ms=MTA0NjQxMDQS1&kn=10&r=NDU5MzA5NDg4OTAyS0&b=0&j=MTYxMjk3Njc0MQS2&mt=1&rt=0 HTTP 302
    https://play.sanmanuel.com/promotions.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request promotions.shtml
play.sanmanuel.com/
Redirect Chain
  • http://links.mail6.spopessentials6.com/ctt?ms=MTA0NjQxMDQS1&kn=10&r=NDU5MzA5NDg4OTAyS0&b=0&j=MTYxMjk3Njc0MQS2&mt=1&rt=0
  • https://play.sanmanuel.com/promotions.shtml
60 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d4a6ff42daebea74dbd577c63f22cd0077eccecd4b35b159f4ba4f7efb69f422
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
play.sanmanuel.com
:scheme
https
:path
/promotions.shtml
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
x-frame-options
SAMEORIGIN
content-encoding
gzip
geoipcheckedaddress
185.156.175.107
countrycode
CH
content-type
text/html;charset=UTF-8
cache-control
private
x-akamai-transformed
9 - 0 pmb=mRUM,1
date
Fri, 16 Oct 2020 07:49:48 GMT
content-length
13428
vary
Accept-Encoding
set-cookie
JSESSIONID=26EBD4DF2A12B8CD5574D3EC7F65A7E3.jboss; Path=/; Secure; HttpOnly;HttpOnly;Secure;SameSite=None _p_ref=C4941E30; Expires=Wed, 03-Nov-2088 11:03:55 GMT; Path=/; Secure; HttpOnly _loc_id=3; Expires=Wed, 03-Nov-2088 11:03:55 GMT; Path=/; Secure; HttpOnly JSESSIONID=26EBD4DF2A12B8CD5574D3EC7F65A7E3.jboss; Path=/; Secure; HttpOnly;HttpOnly;Secure;SameSite=None GANSESSIONID=26EBD4DF2A12B8CD5574D3EC7F65A7E3.jboss; Domain=""; Path=/; Secure; HttpOnly PSID=s3; path=/; HttpOnly; Secure
server-timing
edge; dur=154 origin; dur=680 cdn-cache; desc=MISS

Redirect headers

Date
Fri, 16 Oct 2020 07:49:47 GMT
Location
https://play.sanmanuel.com/promotions.shtml
Content-Length
0
Connection
close
css
fonts.googleapis.com/ 		44 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
252c33daac161ea5803c3a7639d5c7bc6f56ff64bc28c6c5453164dba14930dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 07:49:48 GMT
server
ESF
date
Fri, 16 Oct 2020 07:49:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Oct 2020 07:49:48 GMT
main.css
play.sanmanuel.com/sanManuel/default/css/ 		606 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/sanManuel/default/css/main.css?v=1f8b27d101a66fd28d09a0a478520c08
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
754e0eb81c976efb5ca3e3f41d08b3ee26ac5fb9cbd53f79d5de53e1ce3da34e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
vary
Accept-Encoding
status
200
countrycode
CH
server-timing
edge; dur=1, origin; dur=162, cdn-cache; desc=MISS
geoipcheckedaddress
185.156.175.107
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-transform
access-control-allow-credentials
true
accept-ranges
bytes
date
Fri, 16 Oct 2020 07:49:48 GMT
main.min.css
play.sanmanuel.com/default/default/js/modules/accountHistory/app/dist/ 		44 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/default/default/js/modules/accountHistory/app/dist/main.min.css
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9a4457a13f062738dc2b1363659fce435e05d32271bcce41c1c46df6e938d7ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
vary
Accept-Encoding
status
200
countrycode
CH
server-timing
edge; dur=1, origin; dur=441, cdn-cache; desc=MISS
content-length
5961
last-modified
Wed, 26 Aug 2020 13:17:52 GMT
server
Apache
geoipcheckedaddress
185.156.175.107
etag
"5adc7a59a4000-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-transform
access-control-allow-credentials
true
accept-ranges
bytes
date
Fri, 16 Oct 2020 07:49:48 GMT
modernizr-picturefill.min.js
play.sanmanuel.com/sanManuel/default/js/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/sanManuel/default/js/modernizr-picturefill.min.js
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e62ce5f64e84cce564db0aa406a61ad09c22ff400850237bc822485a1d72b9e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
vary
Accept-Encoding
status
200
countrycode
CH
server-timing
edge; dur=1, origin; dur=443, cdn-cache; desc=MISS
content-length
24445
last-modified
Mon, 14 Sep 2020 16:36:56 GMT
server
Apache
geoipcheckedaddress
185.156.175.107
etag
"5af48a4815a00-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-transform
access-control-allow-credentials
true
accept-ranges
bytes
date
Fri, 16 Oct 2020 07:49:48 GMT
sm_promo_page_1366x460_bg_outer.jpg
play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/2020/250-bone-garden/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/2020/250-bone-garden/sm_promo_page_1366x460_bg_outer.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d16562a3a01e5eb1ff5aedbb9191f964398f597ecf010bbdd92eb4f6c99ca388
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 13 Oct 2020 08:47:34 GMT
server
Apache
geoipcheckedaddress
185.156.175.107
etag
"1630511266535"
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
status
200
cache-control
max-age=86369
countrycode
CH
server-timing
cdn-cache; desc=MISS, edge; dur=10, origin; dur=448
access-control-allow-credentials
true
content-length
225660
date
Fri, 16 Oct 2020 07:49:49 GMT
expires
Sat, 17 Oct 2020 07:49:18 GMT
sm_promo_p_1366x460_fpb_outer.jpg
play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/2020/fbp-2020/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/2020/fbp-2020/sm_promo_p_1366x460_fpb_outer.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ccd09383041e556eabcf6a1cc115c3d28097bc7e002a0b2d5268a9d844ff1e7a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Thu, 19 Mar 2020 13:29:34 GMT
server
Apache
geoipcheckedaddress
174.195.136.72
etag
"1619405291083"
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
status
200
cache-control
max-age=86369
countrycode
US
server-timing
cdn-cache; desc=HIT, edge; dur=464
access-control-allow-credentials
true
content-length
228709
date
Fri, 16 Oct 2020 07:49:49 GMT
expires
Sat, 17 Oct 2020 07:49:18 GMT
mi_dlb_outer.jpg
play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/desktop/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/desktop/mi_dlb_outer.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b8cd431763f20d9d9132de5434d532e95b379ba2bf09ad0230b9b50244f002d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 23 Jul 2019 15:25:03 GMT
server
Apache
geoipcheckedaddress
45.155.40.36
etag
"1533221288709"
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
status
200
cache-control
max-age=86394
countrycode
US
server-timing
cdn-cache; desc=HIT, edge; dur=455
access-control-allow-credentials
true
content-length
168028
date
Fri, 16 Oct 2020 07:49:49 GMT
expires
Sat, 17 Oct 2020 07:49:43 GMT
playsm_promo_page_outer_1366x460_loyalty_lounge.jpg
play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/desktop/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/desktop/playsm_promo_page_outer_1366x460_loyalty_lounge.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aeb64788fe50a3edfac00509c04b4c15b588bd060ff303ad5683995c7cd573e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Mon, 15 Jul 2019 12:46:16 GMT
server
Apache
geoipcheckedaddress
185.156.175.107
etag
"1541478315600"
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
status
200
cache-control
max-age=86400
countrycode
CH
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=16, origin; dur=446
access-control-allow-credentials
true
content-length
148273
date
Fri, 16 Oct 2020 07:49:49 GMT
expires
Sat, 17 Oct 2020 07:49:49 GMT
promo_xtra_credit_desktop.jpg
play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/desktop/ 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/desktop/promo_xtra_credit_desktop.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c131df93a70428fec70880f2a59831040570e784e7484c9637af87aa7e691c9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Thu, 21 Feb 2019 23:54:16 GMT
server
Apache
geoipcheckedaddress
45.155.40.36
etag
"1562359220050"
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
status
200
cache-control
max-age=86358
countrycode
US
server-timing
cdn-cache; desc=HIT, edge; dur=457
access-control-allow-credentials
true
content-length
212472
date
Fri, 16 Oct 2020 07:49:49 GMT
expires
Sat, 17 Oct 2020 07:49:07 GMT
sm_promo_page_outer_1366x460_benefits_online_playing_logged_new_5x.jpg
play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/banners/desktop/free-play/ 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/banners/desktop/free-play/sm_promo_page_outer_1366x460_benefits_online_playing_logged_new_5x.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
da6a1379c2fb16efb41bde8cbe985fe15cc852e33a6730c10e34f341e64c0c01
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
status
200
countrycode
CH
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
211048
last-modified
Thu, 01 Oct 2020 15:49:22 GMT
server
Apache
geoipcheckedaddress
185.156.175.107
etag
"1602307816661"
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
cache-control
max-age=86399
access-control-allow-credentials
true
date
Fri, 16 Oct 2020 07:49:49 GMT
x-akamai-path-stats
[3:145104:6896]
expires
Sat, 17 Oct 2020 07:49:48 GMT
1fwpromo_fortune_wheel_desktop_outer.jpg
play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/desktop/ 		197 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/desktop/1fwpromo_fortune_wheel_desktop_outer.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
79c619e334ddb5cf391dfb8e8c1f41f881ae5969f98ecb40b1505f514d4c68df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 10 Jul 2019 11:39:54 GMT
server
Apache
geoipcheckedaddress
3.127.26.198
etag
"1582030855491"
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
status
200
cache-control
max-age=86310
countrycode
DE
server-timing
cdn-cache; desc=HIT, edge; dur=484
access-control-allow-credentials
true
content-length
201299
date
Fri, 16 Oct 2020 07:49:49 GMT
expires
Sat, 17 Oct 2020 07:48:19 GMT
1rfpromo_refer_friend_outer.jpg
play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/inner/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/binaries/content/gallery/gancms/sanmanuel/promotions/inner/1rfpromo_refer_friend_outer.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7337fa9519c097ab27313ad600f073af46fe3c254f88677aeed1e4e509cdf96c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Wed, 10 Jul 2019 12:17:13 GMT
server
Apache
geoipcheckedaddress
174.195.136.72
etag
"1581479636689"
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
status
200
cache-control
max-age=86378
countrycode
US
server-timing
cdn-cache; desc=HIT, edge; dur=1
access-control-allow-credentials
true
content-length
78965
date
Fri, 16 Oct 2020 07:49:49 GMT
expires
Sat, 17 Oct 2020 07:49:27 GMT
twentys.png
play.sanmanuel.com/sanManuel/default/images/footer/ 		490 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/twentys.png
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b47f558789cd32d52f94db8c92674c46235cdb3896bd2deaddc88096f7fc2e2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-transform, max-age=31340
countrycode
DE
content-length
490
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
geoipcheckedaddress
3.127.26.198
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
logo-white.svg
play.sanmanuel.com/sanManuel/default/images/footer/ 		140 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/logo-white.svg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8d907370b669a162c3dcc5fcf97650b51ed73eccdf0322d818311e884a9571f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
geoipcheckedaddress
3.127.26.198
x-frame-options
SAMEORIGIN
etag
"5aec8aea08180-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
countrycode
DE
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
37399
date
Fri, 16 Oct 2020 07:49:49 GMT
all-thrill-logo.png
play.sanmanuel.com/sanManuel/default/images/footer/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/all-thrill-logo.png?
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14bc344c6d04366896de8bbf8f820401e34dd95b62e39b9d81ec2a8fd8e620b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-transform, max-age=12376
countrycode
DE
content-length
2064
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
geoipcheckedaddress
213.239.216.194
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
map.png
play.sanmanuel.com/sanManuel/default/images/footer/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/map.png
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
78f61ecf430a1fc6be4795709ce28707e56f42e3cf42c5bd0773a210c42b807e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-transform, max-age=12269
countrycode
DE
content-length
10589
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
geoipcheckedaddress
3.127.26.198
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
tablets.gif
play.sanmanuel.com/sanManuel/default/images/footer/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/tablets.gif
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5d4456f7acff866112dc490dde672af1334c146a5900e34884f5a347096cd3c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/gif
status
200
cache-control
no-transform, max-age=12502
countrycode
DE
content-length
3661
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
geoipcheckedaddress
3.127.26.198
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
app-store-logo.png
play.sanmanuel.com/sanManuel/default/images/footer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/app-store-logo.png
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9aced4e589f61c93e56ccda9d9849b7943149696137b1429af6b0d3f70a3a900
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-transform, max-age=12373
countrycode
DE
content-length
1441
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
geoipcheckedaddress
3.127.26.198
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
google-play-logo.png
play.sanmanuel.com/sanManuel/default/images/footer/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/google-play-logo.png
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f7f4d5ffbb43d954be4a36ad3455557742516135cdb111787b3b75e6696a6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-transform, max-age=12511
countrycode
DE
content-length
2609
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
geoipcheckedaddress
3.127.26.198
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
main.min.js
play.sanmanuel.com/sanManuel/default/js/ 		688 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/sanManuel/default/js/main.min.js?v=3e362df302bf541dc52fdb2213d33fee
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cd506eeb4902ac071b9d5830deb48829b45ea238fdae41e64c534d0173afe0de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
vary
Accept-Encoding
status
200
countrycode
CH
server-timing
edge; dur=1, origin; dur=160, cdn-cache; desc=MISS
geoipcheckedaddress
185.156.175.107
last-modified
Mon, 14 Sep 2020 16:36:56 GMT
server
Apache
etag
"5af48a4815a00-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-transform
access-control-allow-credentials
true
accept-ranges
bytes
date
Fri, 16 Oct 2020 07:49:49 GMT
main.min.js
play.sanmanuel.com/default/default/js/modules/leaderboards/app/dist/ 		449 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/default/default/js/modules/leaderboards/app/dist/main.min.js?v=3e362df302bf541dc52fdb2213d33fee
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
300074a7b5dbee7feed8a3870976beaae97cf9edcb8035264d455a0ceefc5b9d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
vary
Accept-Encoding
status
200
countrycode
CH
server-timing
edge; dur=1, origin; dur=172, cdn-cache; desc=MISS
geoipcheckedaddress
185.156.175.107
last-modified
Fri, 31 Jul 2020 15:45:32 GMT
server
Apache
etag
"5abbeadd35f00-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-transform
access-control-allow-credentials
true
accept-ranges
bytes
date
Fri, 16 Oct 2020 07:49:49 GMT
ads.js
play.sanmanuel.com/sanManuel/default/js/ 		21 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/sanManuel/default/js/ads.js
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f33c0e75f1fcf2d6371860b19b628086bae8488a0e2230c3335d411850d723e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
no-transform
countrycode
CH
content-length
21
server-timing
edge; dur=1, origin; dur=147, cdn-cache; desc=MISS
accept-ranges
bytes
geoipcheckedaddress
185.156.175.107
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
XX8JY-5KZ24-BMK7M-ZVJH9-EZY3H
s.go-mpulse.net/boomerang/ Frame D287 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/XX8JY-5KZ24-BMK7M-ZVJH9-EZY3H
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:49 GMT
content-encoding
br
last-modified
Sun, 11 Oct 2020 07:30:38 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
logo-new.svg
play.sanmanuel.com/sanManuel/default/images/header/ 		158 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/header/logo-new.svg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/css/main.css?v=1f8b27d101a66fd28d09a0a478520c08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3068b4a302e4fa84fde02ea4538c59fcdd38cd5f28913cfe0976c9bc16cd1869
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/sanManuel/default/css/main.css?v=1f8b27d101a66fd28d09a0a478520c08
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
geoipcheckedaddress
89.106.125.235
x-frame-options
SAMEORIGIN
etag
"5aec8aea08180-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
countrycode
BG
server-timing
cdn-cache; desc=HIT, edge; dur=18
accept-ranges
bytes
content-length
45009
date
Fri, 16 Oct 2020 07:49:49 GMT
cards.png
play.sanmanuel.com/sanManuel/default/images/footer/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/cards.png
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/css/main.css?v=1f8b27d101a66fd28d09a0a478520c08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
31fd3952af6ee87472471a3baceb2ade9ccc9c4a8de72ffdc6394063aa4ec23c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/sanManuel/default/css/main.css?v=1f8b27d101a66fd28d09a0a478520c08
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-transform, max-age=79595
countrycode
RS
content-length
10985
server-timing
cdn-cache; desc=HIT, edge; dur=17
accept-ranges
bytes
geoipcheckedaddress
87.116.166.96
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
footer-envelope.png
play.sanmanuel.com/sanManuel/default/images/footer/ 		736 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/footer/footer-envelope.png
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/css/main.css?v=1f8b27d101a66fd28d09a0a478520c08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
df855b2da9a1d92c891444c9f693355930d20ff087fe455be75e6dd521616f9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/sanManuel/default/css/main.css?v=1f8b27d101a66fd28d09a0a478520c08
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-transform, max-age=79551
countrycode
DE
content-length
736
server-timing
cdn-cache; desc=HIT, edge; dur=11
accept-ranges
bytes
geoipcheckedaddress
3.127.26.198
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://play.sanmanuel.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 14:47:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
234117
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 13 Oct 2021 14:47:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://play.sanmanuel.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 10:32:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
335839
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 12 Oct 2021 10:32:30 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21ffcd0688aff2f3be7bf2cf3e5a9f4164a087423a24230887c8dff0079b1c1a

Request headers

Origin
https://play.sanmanuel.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://play.sanmanuel.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 05:22:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
8826
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 16 Oct 2021 05:22:43 GMT
css
fonts.googleapis.com/ 		44 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/js/main.min.js?v=3e362df302bf541dc52fdb2213d33fee
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
252c33daac161ea5803c3a7639d5c7bc6f56ff64bc28c6c5453164dba14930dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 07:49:49 GMT
server
ESF
date
Fri, 16 Oct 2020 07:49:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Oct 2020 07:49:49 GMT
main.css
play.sanmanuel.com/sanManuel/default/css/ 		606 KB
101 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/sanManuel/default/css/main.css?v=1f8b27d101a66fd28d09a0a478520c08
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/js/main.min.js?v=3e362df302bf541dc52fdb2213d33fee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
754e0eb81c976efb5ca3e3f41d08b3ee26ac5fb9cbd53f79d5de53e1ce3da34e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
vary
Accept-Encoding
status
200
countrycode
CH
server-timing
edge; dur=1, origin; dur=159, cdn-cache; desc=MISS
geoipcheckedaddress
185.156.175.107
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-transform
access-control-allow-credentials
true
accept-ranges
bytes
date
Fri, 16 Oct 2020 07:49:49 GMT
main.min.css
play.sanmanuel.com/default/default/js/modules/accountHistory/app/dist/ 		44 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/default/default/js/modules/accountHistory/app/dist/main.min.css
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/js/main.min.js?v=3e362df302bf541dc52fdb2213d33fee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b9a13082b2866969b029dfb69d666406cd6645d6841563e15efd62942aeac3dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
vary
Accept-Encoding
status
200
countrycode
CH
server-timing
edge; dur=1, origin; dur=151, cdn-cache; desc=MISS
content-length
5961
last-modified
Wed, 26 Aug 2020 13:17:52 GMT
server
Apache
geoipcheckedaddress
185.156.175.107
etag
"5adc7a59a4000-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-transform
access-control-allow-credentials
true
accept-ranges
bytes
date
Fri, 16 Oct 2020 07:49:49 GMT
config.json
c.go-mpulse.net/api/ Frame D287 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=XX8JY-5KZ24-BMK7M-ZVJH9-EZY3H&d=play.sanmanuel.com&t=5342782&v=1.632.0&if=&sl=0&si=yafmp0x8sma-qiab31&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=612556
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/XX8JY-5KZ24-BMK7M-ZVJH9-EZY3H
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:191::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
216a3f5789f111890e189d8d718ad0fef832342a7437b0edf54bb780e07b674d

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Oct 2020 07:49:49 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
link-account-sml.jpg
play.sanmanuel.com/sanManuel/default/images/body/popups/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.sanmanuel.com/sanManuel/default/images/body/popups/link-account-sml.jpg
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b68050ee9a648f9c40798c4fbcb39848f4ffb8cef7f890c2e14653964938541
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
last-modified
Tue, 08 Sep 2020 07:57:10 GMT
server
Apache
etag
"5aec8aea08180"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
no-transform, max-age=79576
countrycode
RS
content-length
19084
server-timing
cdn-cache; desc=HIT, edge; dur=6
accept-ranges
bytes
geoipcheckedaddress
87.116.166.96
date
Fri, 16 Oct 2020 07:49:49 GMT
access-control-allow-credentials
true
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://play.sanmanuel.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,500italic,400italic,700,700italic,900,900italic%7CRoboto+Condensed:400,300,300italic,400italic,700,700italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 15:34:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:08 GMT
server
sffe
age
231332
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
expires
Wed, 13 Oct 2021 15:34:17 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/js/main.min.js?v=3e362df302bf541dc52fdb2213d33fee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
352ec441f69ec75c26cfe550d0b42bdc0cbff49d6052d41d57072c1d4d6ec599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
x0H/dviMSsz3NTBaAKK3mA==
status
200
cross-origin-resource-policy
cross-origin
expires
Fri, 16 Oct 2020 07:54:53 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1777
etag
"b16766161b767e6576791e19802a8e10"
x-fb-debug
Y7NSm4BqeiXDD7sXcrkso1VSJIpPa5icPoBZ3l+Fb/ZQZ2uvJYEkOiE46B9ZN4yYWB6c70Jr7JC4co0IBgP14Q==
x-fb-trip-id
664085054
x-fb-content-md5
caf9065262ef8c91ac8a0d256aa5d7ba
date
Fri, 16 Oct 2020 07:49:49 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
gtm.js
www.googletagmanager.com/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5CH3VW
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
912e30a18c397d5ca0c9523433fa04db441ae1fd30724dc8eaed1b77ca328f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:49 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35813
x-xss-protection
0
last-modified
Fri, 16 Oct 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Oct 2020 07:49:49 GMT
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
s/30QdMhd48DJN08p/RgZA0FxmmGiPTpPzVgCB6jcSod/3FW/ukmyLFKduzfTRuP1H2UY/uv9nDnYPZfHmV1Xg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 16 Oct 2020 07:49:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
varsgames
play.sanmanuel.com/casino/gan/ 		358 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/casino/gan/varsgames
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/js/main.min.js?v=3e362df302bf541dc52fdb2213d33fee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
50b3f570d4bc6dc3a246b75b53d375a6d777893b73430765dae0e7139055c79d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://play.sanmanuel.com/promotions.shtml
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
server
Apache
geoipcheckedaddress
185.156.175.107
x-frame-options
SAMEORIGIN
date
Fri, 16 Oct 2020 07:49:50 GMT
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
status
200
countrycode
CH
server-timing
edge; dur=5, origin; dur=541, cdn-cache; desc=MISS
content-length
17805
x-akamai-transformed
9 17808 0 pmb=mRUM,1
sdk.js
connect.facebook.net/en_US/ 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2184044b6c02d4d8e70d171ae2da46df&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3036ec219cbd54a3f84697673e5ae2ed2d663d9b3b7eb295b73c43a9186b663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://play.sanmanuel.com
Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
AhUlR2xMWI21y4nHQN42EQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60004
etag
"75ebfe33fc8ea24b913a1fbff041fbfd"
x-fb-debug
ONQdaIiaLkn3nJSO6+Ph2/Yl0sT8bCRVd42ERPWxnBZb50eGBEGnwxOxTU3A0PnGI4FsryNzul1S762L0XV+jQ==
x-fb-trip-id
664085054
x-fb-content-md5
e7c11617c40f2efcd6e1108020eb39e0
x-frame-options
DENY
date
Fri, 16 Oct 2020 07:49:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sat, 16 Oct 2021 05:09:06 GMT
1733391530238482
connect.facebook.net/signals/config/ 		234 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1733391530238482?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1be84909cbb4189f60043e8abe803738c647eee06bb5439e0d0104a6fb8e380a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
24qnUnn/iOFXK0BSUqHQHoew1DHLcDI3ET/g6LwcIUQWiDdm9t/Y7ttXAfpqp465TqlqIJUN4PW+5EC11GnJ+g==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 16 Oct 2020 07:49:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CH3VW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
25
date
Fri, 16 Oct 2020 07:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 16 Oct 2020 09:49:25 GMT
hotjar-100576.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-100576.js?sv=5
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-121.vie50.r.cloudfront.net
Software
/
Resource Hash
61b5c78e745f41424508908138c2d981837d708859e2c794e99e9170e37765df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
VIE50-C1
etag
W/4078ce9865a65e80e65424c0f98c5340
status
200
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
vary
Accept-Encoding
content-length
1522
via
1.1 aa98922692c099827cdae6a16b894745.cloudfront.net (CloudFront)
x-amz-cf-id
vtqj55T9jXqgQ4KAb-H1UoqH9oq705VwDFn0buUOVPynqmm6ySsJ2Q==
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.64.24 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 07:49:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 06:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3362
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Fri, 16 Oct 2020 07:53:48 GMT
1947164122175736
connect.facebook.net/signals/config/ 		234 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1947164122175736?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d4c22a9ce320b4fef889d05b3760c9150abed0a2124457c4aed75cb7921ef8f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
2pIHhHt87TJ2Gdykf9SMgD/HdVfcEpqOWT2oND6TJZq2nv7yNs+UFnQwHMDKWKey33lvBYPxqyXsFPp3Jrhf7w==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 16 Oct 2020 07:49:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1733391530238482&ev=PageView&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&rl=&if=false&ts=1602834590128&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602834590127.1218859977&it=1602834589987&coo=false&rqm=GET
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Oct 2020 07:49:50 GMT
munchkin.js
munchkin.marketo.net/159/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.64.24 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-64-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 07:49:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Sun, 24 Jan 2021 07:49:50 GMT
collect
www.google-analytics.com/j/ 		2 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&ul=en-us&de=UTF-8&dt=Promotions%20%7C%20San%20Manuel%20Online%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAAjAAAAAC~&jid=132467174&gjid=725681352&cid=325254734.1602834590&tid=UA-15635623-2&_gid=633030435.1602834590&_r=1&gtm=2wg9u15CH3VW&z=1391427996
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 07:49:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://play.sanmanuel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&ul=en-us&de=UTF-8&dt=Promotions%20%7C%20San%20Manuel%20Online%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAjAAAAAC~&jid=1312862411&gjid=1855909120&cid=325254734.1602834590&tid=UA-69439774-1&_gid=633030435.1602834590&_r=1&gtm=2wg9u15CH3VW&z=1083228088
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 07:49:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://play.sanmanuel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-69439774-1&cid=325254734.1602834590&jid=1089806322&gjid=292391829&_gid=633030435.1602834590&_u=aGHAgEAjAAAAAG~&z=440726936
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Oct 2020 07:49:50 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://play.sanmanuel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&dp=%2Fvirtual%2Fcheckout%2Ffirst-deposit%2Fstep1&ul=en-us&de=UTF-8&dt=Checkout%20-%20Step%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAgEAjAAAAAC~&jid=1089806322&gjid=292391829&cid=325254734.1602834590&tid=UA-69439774-1&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=1245201527
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&dp=%2Fvirtual%2Fcheckout%2Ffirst-deposit%2Fstep1&ul=en-us&de=UTF-8&dt=Checkout%20-%20Step%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAAEAjAAAAAG~&jid=&gjid=&cid=325254734.1602834590&tid=UA-15635623-2&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=1171525100
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&dp=%2Fvirtual%2Fcheckout%2Ffirst-deposit%2Fpayment-method&ul=en-us&de=UTF-8&dt=Checkout%20-%20Payment%20Method&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAgEAjAAAAAG~&jid=&gjid=&cid=325254734.1602834590&tid=UA-69439774-1&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=2040056179
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&dp=%2Fvirtual%2Fcheckout%2Ffirst-deposit%2Fpayment-method&ul=en-us&de=UTF-8&dt=Checkout%20-%20Payment%20Method&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAAEAjAAAAAG~&jid=&gjid=&cid=325254734.1602834590&tid=UA-15635623-2&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=727224742
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&dp=%2Fvirtual%2Fcheckout%2Ffirst-deposit%2Fstep1&ul=en-us&de=UTF-8&dt=Checkout%20-%20Step%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAgEAjAAAAAG~&jid=&gjid=&cid=325254734.1602834590&tid=UA-69439774-1&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=1731846721
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&dp=%2Fvirtual%2Fcheckout%2Ffirst-deposit%2Fstep1&ul=en-us&de=UTF-8&dt=Checkout%20-%20Step%201&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAAEAjAAAAAG~&jid=&gjid=&cid=325254734.1602834590&tid=UA-15635623-2&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=1543103287
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&dp=%2Fvirtual%2Fcheckout%2Ffirst-deposit%2Fpayment-method&ul=en-us&de=UTF-8&dt=Checkout%20-%20Payment%20Method&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAgEAjAAAAAG~&jid=&gjid=&cid=325254734.1602834590&tid=UA-69439774-1&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=675097551
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&dp=%2Fvirtual%2Fcheckout%2Ffirst-deposit%2Fpayment-method&ul=en-us&de=UTF-8&dt=Checkout%20-%20Payment%20Method&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAAEAjAAAAAG~&jid=&gjid=&cid=325254734.1602834590&tid=UA-15635623-2&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=1963207767
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=656210723&t=pageview&_s=1&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&ul=en-us&de=UTF-8&dt=Promotions%20%7C%20San%20Manuel%20Online%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAgEAjAAAAAG~&jid=&gjid=&cid=325254734.1602834590&tid=UA-69439774-1&_gid=633030435.1602834590&gtm=2wg9u15CH3VW&z=411671556
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:46:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28978
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-15635623-2&cid=325254734.1602834590&jid=132467174&gjid=725681352&_gid=633030435.1602834590&_u=aGBAAAAiAAAAAC~&z=186489167
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Oct 2020 07:49:50 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://play.sanmanuel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-69439774-1&cid=325254734.1602834590&jid=1312862411&gjid=1855909120&_gid=633030435.1602834590&_u=aGDAAEAjAAAAAC~&z=586402052
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Oct 2020 07:49:50 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://play.sanmanuel.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.0734134ae79697970353.js
script.hotjar.com/ 		356 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0734134ae79697970353.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-100576.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-87.vie50.r.cloudfront.net
Software
/
Resource Hash
c74711a6e6e88947e72e1c2f784eda87306fb357433f2e62baddccebaebe2ff8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 07:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
175240
x-cache
Hit from cloudfront
status
200
content-length
71676
access-control-allow-origin
*
last-modified
Wed, 14 Oct 2020 07:05:37 GMT
etag
"b1cca6d49bf8bc8d90a12726e6e60651"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ivr9DsloLWHk5dAyJMirUQ6bA3S02XWnSIHwz4ZAAvASQYnhWsUzaQ==
visitWebPage
844-omb-024.mktoresp.com/webevents/ 		2 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://844-omb-024.mktoresp.com/webevents/visitWebPage?_mchNc=1602834590196&_mchCn=&_mchId=844-OMB-024&_mchTk=_mch-sanmanuel.com-1602834590196-31351&_mchHo=play.sanmanuel.com&_mchPo=&_mchRu=%2Fpromotions.shtml&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 16 Oct 2020 07:49:51 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
28f840ee-769e-4ebf-981e-5a5296c4d9bd
282059135697715
connect.facebook.net/signals/config/ 		234 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/282059135697715?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4c1c05b53a961cbd2f247bd56d94f001e675ec8018ede08041ad02f5b8828ba9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
BAXzyvplciBYWze+SkL4PvcE2sWQ8GrXMX/YvYQBn0/m5HjFyGIJ/0Tgu6pi+kseqOmU/RqSzNB0w2dTGBn6ZA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 16 Oct 2020 07:49:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1947164122175736&ev=PageView&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&rl=&if=false&ts=1602834590204&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602834590127.1218859977&it=1602834589987&coo=false&rqm=GET
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Oct 2020 07:49:50 GMT
ga-audiences
www.google.com/ads/ 		42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-15635623-2&cid=325254734.1602834590&jid=132467174&_u=aGBAAAAiAAAAAC~&z=551677697
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 07:49:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-15635623-2&cid=325254734.1602834590&jid=132467174&_u=aGBAAAAiAAAAAC~&z=551677697
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Oct 2020 07:49:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
progressive-jackpot-xml.action
play.sanmanuel.com/social/ 		10 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.sanmanuel.com/social/progressive-jackpot-xml.action?_=1602834589222
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/sanManuel/default/js/main.min.js?v=3e362df302bf541dc52fdb2213d33fee
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
296bba699d581e7f3c762a7f7b9efeb820a39b704a67aa04833196955b269170
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://play.sanmanuel.com/promotions.shtml
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/xml

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-encoding
gzip
server
Apache
x-frame-options
SAMEORIGIN
date
Fri, 16 Oct 2020 07:49:50 GMT
vary
Accept-Encoding
content-type
${contenttype}; charset=UTF-8;charset=ISO-8859-1
status
200
countrycode
CH
server-timing
edge; dur=1, origin; dur=221, cdn-cache; desc=MISS
content-length
806
geoipcheckedaddress
185.156.175.107
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame CF7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-100576.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.5 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-5.vie50.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://play.sanmanuel.com/promotions.shtml
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://play.sanmanuel.com/promotions.shtml

Response headers

status
200
content-type
text/html
content-length
851
date
Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ff42f0c276df6efb8ccff2182e6cfe91.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
JI5sbTkArD6Vgl4QnbaWk3y9VQ7Yk9phQO4n1Gs3M0RfyCZpfVxAFA==
age
931625
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=282059135697715&ev=PageView&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&rl=&if=false&ts=1602834590279&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602834590127.1218859977&it=1602834589987&coo=false&rqm=GET
Requested by
Host: play.sanmanuel.com
URL: https://play.sanmanuel.com/promotions.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Oct 2020 07:49:50 GMT
100576
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/100576?s=0.25&r=0.16330413778851316
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0734134ae79697970353.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-54.vie50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:50 GMT
via
1.1 211cf9a99496c6338c640ec7552e07cb.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
VIE50-C1
x-cache
Miss from cloudfront
status
204
cache-control
no-store
access-control-allow-origin
*
x-amz-cf-id
7guSCeiH-YBEo_oXBhBG-mELTcZ7x3n9ybE5yQC_SrLfcyYBRuBrUA==
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1733391530238482&ev=Microdata&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&rl=&if=false&ts=1602834591631&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Promotions%20%7C%20San%20Manuel%20Online%20Casino%22%2C%22meta%3Adescription%22%3A%22Browse%20our%20wide%20range%20promotions%20and%20offers%20we%20have%20exclusively%20for%20you%20at%20San%20Manuel%20Online%20Casino.%20Click%20on%20each%20promotion%20for%20more%20details%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1602834590127.1218859977&it=1602834589987&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Oct 2020 07:49:51 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1947164122175736&ev=Microdata&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&rl=&if=false&ts=1602834591706&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Promotions%20%7C%20San%20Manuel%20Online%20Casino%22%2C%22meta%3Adescription%22%3A%22Browse%20our%20wide%20range%20promotions%20and%20offers%20we%20have%20exclusively%20for%20you%20at%20San%20Manuel%20Online%20Casino.%20Click%20on%20each%20promotion%20for%20more%20details%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1602834590127.1218859977&it=1602834589987&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Oct 2020 07:49:51 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=282059135697715&ev=Microdata&dl=https%3A%2F%2Fplay.sanmanuel.com%2Fpromotions.shtml&rl=&if=false&ts=1602834591781&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Promotions%20%7C%20San%20Manuel%20Online%20Casino%22%2C%22meta%3Adescription%22%3A%22Browse%20our%20wide%20range%20promotions%20and%20offers%20we%20have%20exclusively%20for%20you%20at%20San%20Manuel%20Online%20Casino.%20Click%20on%20each%20promotion%20for%20more%20details%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1602834590127.1218859977&it=1602834589987&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://play.sanmanuel.com/promotions.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 16 Oct 2020 07:49:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Oct 2020 07:49:51 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| DEBUG string| siteDomain function| antiClickJackIFFE string| FacebookAppId object| html5 object| Modernizr function| MobileDetect object| mobileDetect object| picturefillCFG function| picturefill boolean| USER_LOGGED object| dataLayer string| BOOMR_API_key object| BOOMR number| BOOMR_lstart boolean| isUiView object| gan object| BOOMR_mq function| openNamedWindow object| AirBridgeEvokeArray function| runAirBridgeEvokes function| Websockets function| Notifications function| FacebookApp function| Fingerprint function| CustomTrackbar object| SANMANUEL object| LOGIC object| GDL function| GCD function| saveLocalStorageUser object| recentlyPlayed object| TheExchange function| LocalStorage function| SearchGames function| SearchPageGames function| DateOfBirth object| validationHelpers function| PopWhiteLabelGameMobileEnforcer function| StatesManagement object| FORMS function| $ function| jQuery function| Blazy function| Fingerprint2 object| StyleFix object| PrefixFree string| prefix object| Placeholders function| sha1 object| AirBridge object| socialGaming object| simGaming object| jstlMessages object| LEADERBOARD_APP_CONF number| BOOMR_configt object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill boolean| AdBlock function| fbAsyncInit boolean| sanManuelHighLimitPage function| fbq function| _fbq object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| MunchkinTracker number| BOOMR_onload

19 Cookies

Domain/Path Name / Value
.sanmanuel.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.sanmanuel.com/ Name: _hjid
Value: 2b90a748-c215-4e71-8e1b-a422ff79ef07
.sanmanuel.com/ Name: _hjTLDTest
Value: 1
play.sanmanuel.com/ Name: _alias
Value: ""
.sanmanuel.com/ Name: _mkto_trk
Value: id:844-OMB-024&token:_mch-sanmanuel.com-1602834590196-31351
.sanmanuel.com/ Name: _gat_UA-69439774-1
Value: 1
.sanmanuel.com/ Name: _gid
Value: GA1.2.633030435.1602834590
.play.sanmanuel.com/ Name: _gat_UA-15635623-2
Value: 1
.sanmanuel.com/ Name: RT
Value: "z=1&dm=sanmanuel.com&si=yafmp0x8sma&ss=kgbybw4f&sl=0&tt=0"
.sanmanuel.com/ Name: _fbp
Value: fb.1.1602834590127.1218859977
.sanmanuel.com/ Name: _gcl_au
Value: 1.1.1027941729.1602834590
play.sanmanuel.com/ Name: PSID
Value: s3
play.sanmanuel.com/ Name: _loc_id
Value: 3
play.sanmanuel.com/ Name: _p_ref
Value: C4941E30
.play.sanmanuel.com/ Name: _dc_gtm_UA-69439774-1
Value: 1
.sanmanuel.com/ Name: _ga
Value: GA1.2.325254734.1602834590
.play.sanmanuel.com/ Name: _gid
Value: GA1.3.633030435.1602834590
.play.sanmanuel.com/ Name: _ga
Value: GA1.3.325254734.1602834590
play.sanmanuel.com/ Name: JSESSIONID
Value: 26EBD4DF2A12B8CD5574D3EC7F65A7E3.jboss

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

844-omb-024.mktoresp.com
c.go-mpulse.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
links.mail6.spopessentials6.com
munchkin.marketo.net
play.sanmanuel.com
s.go-mpulse.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.108.64.24
192.28.147.68
2.16.186.147
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
2a00:1450:400c:c00::9b
2a02:26f0:6c00:191::11a6
2a02:26f0:6c00:287::11a6
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.127.205.219
99.86.243.121
99.86.243.5
99.86.243.54
99.86.243.87
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14bc344c6d04366896de8bbf8f820401e34dd95b62e39b9d81ec2a8fd8e620b8
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1be84909cbb4189f60043e8abe803738c647eee06bb5439e0d0104a6fb8e380a
216a3f5789f111890e189d8d718ad0fef832342a7437b0edf54bb780e07b674d
21ffcd0688aff2f3be7bf2cf3e5a9f4164a087423a24230887c8dff0079b1c1a
252c33daac161ea5803c3a7639d5c7bc6f56ff64bc28c6c5453164dba14930dd
296bba699d581e7f3c762a7f7b9efeb820a39b704a67aa04833196955b269170
300074a7b5dbee7feed8a3870976beaae97cf9edcb8035264d455a0ceefc5b9d
3068b4a302e4fa84fde02ea4538c59fcdd38cd5f28913cfe0976c9bc16cd1869
31fd3952af6ee87472471a3baceb2ade9ccc9c4a8de72ffdc6394063aa4ec23c
352ec441f69ec75c26cfe550d0b42bdc0cbff49d6052d41d57072c1d4d6ec599
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4c1c05b53a961cbd2f247bd56d94f001e675ec8018ede08041ad02f5b8828ba9
50b3f570d4bc6dc3a246b75b53d375a6d777893b73430765dae0e7139055c79d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d4456f7acff866112dc490dde672af1334c146a5900e34884f5a347096cd3c3
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61b5c78e745f41424508908138c2d981837d708859e2c794e99e9170e37765df
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7337fa9519c097ab27313ad600f073af46fe3c254f88677aeed1e4e509cdf96c
754e0eb81c976efb5ca3e3f41d08b3ee26ac5fb9cbd53f79d5de53e1ce3da34e
78f61ecf430a1fc6be4795709ce28707e56f42e3cf42c5bd0773a210c42b807e
79c619e334ddb5cf391dfb8e8c1f41f881ae5969f98ecb40b1505f514d4c68df
7b68050ee9a648f9c40798c4fbcb39848f4ffb8cef7f890c2e14653964938541
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d4c22a9ce320b4fef889d05b3760c9150abed0a2124457c4aed75cb7921ef8f
8d907370b669a162c3dcc5fcf97650b51ed73eccdf0322d818311e884a9571f8
912e30a18c397d5ca0c9523433fa04db441ae1fd30724dc8eaed1b77ca328f16
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9a4457a13f062738dc2b1363659fce435e05d32271bcce41c1c46df6e938d7ec
9aced4e589f61c93e56ccda9d9849b7943149696137b1429af6b0d3f70a3a900
aeb64788fe50a3edfac00509c04b4c15b588bd060ff303ad5683995c7cd573e0
b47f558789cd32d52f94db8c92674c46235cdb3896bd2deaddc88096f7fc2e2b
b8cd431763f20d9d9132de5434d532e95b379ba2bf09ad0230b9b50244f002d0
b9a13082b2866969b029dfb69d666406cd6645d6841563e15efd62942aeac3dc
c131df93a70428fec70880f2a59831040570e784e7484c9637af87aa7e691c9b
c3036ec219cbd54a3f84697673e5ae2ed2d663d9b3b7eb295b73c43a9186b663
c74711a6e6e88947e72e1c2f784eda87306fb357433f2e62baddccebaebe2ff8
ccd09383041e556eabcf6a1cc115c3d28097bc7e002a0b2d5268a9d844ff1e7a
cd506eeb4902ac071b9d5830deb48829b45ea238fdae41e64c534d0173afe0de
d16562a3a01e5eb1ff5aedbb9191f964398f597ecf010bbdd92eb4f6c99ca388
d4a6ff42daebea74dbd577c63f22cd0077eccecd4b35b159f4ba4f7efb69f422
da6a1379c2fb16efb41bde8cbe985fe15cc852e33a6730c10e34f341e64c0c01
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df855b2da9a1d92c891444c9f693355930d20ff087fe455be75e6dd521616f9f
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62ce5f64e84cce564db0aa406a61ad09c22ff400850237bc822485a1d72b9e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33c0e75f1fcf2d6371860b19b628086bae8488a0e2230c3335d411850d723e3
f7f4d5ffbb43d954be4a36ad3455557742516135cdb111787b3b75e6696a6d3b