www.golfballantyne.com.moroccopavilion.com Open in urlscan Pro
198.252.98.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.golfballantyne.com.moroccopavilion.com/
Submission: On March 23 via api (March 23rd 2024, 1:41:34 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 198.252.98.122, located in United States and belongs to HAWKHOST, CA. The main domain is www.golfballantyne.com.moroccopavilion.com.
TLS certificate: Issued by R3 on March 21st 2024. Valid for: 3 months.

This is the only time www.golfballantyne.com.moroccopavilion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	198.252.98.122 198.252.98.122	20068 (HAWKHOST) (HAWKHOST)
7	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
9	2606:4700:303... 2606:4700:3030::6815:206d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	4

2 198.252.98.122 (United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.98.122-static.reverse.arandomserver.com

www.golfballantyne.com.moroccopavilion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.golfballantyne.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3030::6815:206d (United States)

ASN13335 (CLOUDFLARENET, US)

logoibanner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	logoibanner.com logoibanner.com	861 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 328	97 KB
1	golfballantyne.com www.golfballantyne.com
1	moroccopavilion.com www.golfballantyne.com.moroccopavilion.com	10 KB
18	4

	Domain	Requested by
9	logoibanner.com	www.golfballantyne.com.moroccopavilion.com
7	cdn.ampproject.org	www.golfballantyne.com.moroccopavilion.com cdn.ampproject.org
1	www.golfballantyne.com	www.golfballantyne.com.moroccopavilion.com
1	www.golfballantyne.com.moroccopavilion.com
18	4

This site contains links to these domains. Also see Links.

Domain
www.golfballantyne.com
2ly.link

Subject Issuer	Validity	Valid
pragmatic77.online R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
logoibanner.com E1	`2024-03-20` - `2024-06-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.golfballantyne.com.moroccopavilion.com/
Frame ID: 68C95C11C27CDC682390BA8E1EDFB55F
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MARVEL138 - Daftar Link Login Website MARVEL 138 Pragmatic Play Betting 200 Rupiah Paling Murah

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

968 kB
Transfer

1229 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.golfballantyne.com/

Search URL Search Domain Scan URL

URL: https://2ly.link/1x9ZB
Title: LOGIN

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.golfballantyne.com.moroccopavilion.com/ 46 KB
10 KB 509ms
101ms Document
text/html 198.252.98.122
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.122 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.122-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: e094bc3cd1d886c01e7c82c8b332bf77029b84dc2be9039d7e1c650963f93662

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Mar 2024 13:41:28 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 /
www.golfballantyne.com/ 0
0 199ms
110ms Image
text/html 198.252.98.122
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.golfballantyne.com/
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.98.122 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.122-static.reverse.arandomserver.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
62 KB 146ms
63ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c285656f631de5623c63584f69fb96bdc96bc1a25caf80b44cc236eab6e1af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.golfballantyne.com.moroccopavilion.com/
Origin: https://www.golfballantyne.com.moroccopavilion.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Mar 2024 13:41:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63612
x-xss-protection: 0
server: sffe
etag: "d60a24c7a82ded31"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Mar 2024 13:41:28 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/v0/ 33 KB
10 KB 208ms
126ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs

Requested by

Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

519f20b39a9c7160976106b5b07bade72c578f164db7968507d737f4750875e4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.golfballantyne.com.moroccopavilion.com/
Origin: https://www.golfballantyne.com.moroccopavilion.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Mar 2024 13:41:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10083
x-xss-protection: 0
server: sffe
etag: "3a0eaf2a2b9cc3ee"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Mar 2024 13:41:28 GMT

GET
H2 200 amp-install-serviceworker-0.1.mjs Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 137ms
55ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs

Requested by

Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4197bc36a73ac65b755e5f538bdc23924674fb87c54bef4d48a3e0c6e499fb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.golfballantyne.com.moroccopavilion.com/
Origin: https://www.golfballantyne.com.moroccopavilion.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Mar 2024 13:41:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2375
x-xss-protection: 0
server: sffe
etag: "0cf38346f207a2fd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Mar 2024 13:41:28 GMT

GET
H2 200 amp-youtube-0.1.mjs Show response
cdn.ampproject.org/v0/ 31 KB
11 KB 126ms
44ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs

Requested by

Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20718a348e28739425b7a25e22fc405f31d3ddb9476c78fc0a5b283bb60db533

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.golfballantyne.com.moroccopavilion.com/
Origin: https://www.golfballantyne.com.moroccopavilion.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Mar 2024 13:41:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10332
x-xss-protection: 0
server: sffe
etag: "b16d6a0636007495"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Mar 2024 13:41:28 GMT

GET
H2 200 amp-accordion-0.1.mjs Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 139ms
58ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs

Requested by

Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dacc2ff753b4d40bf6715d8d5f5f720186d90dd3cd69121fa7f5bb90fe2b998

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.golfballantyne.com.moroccopavilion.com/
Origin: https://www.golfballantyne.com.moroccopavilion.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Mar 2024 13:41:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4864
x-xss-protection: 0
server: sffe
etag: "2842ddde6d1235f6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Mar 2024 13:41:28 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ba23d7255cc3f3007e17b62d04169c9ae9c3a600c5108d99bb14a3adaddc5e9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 logo-rtpslot.png
logoibanner.com/banner-spam/ 19 KB
20 KB 360ms
158ms Image
image/png 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/logo-rtpslot.png
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d9057e0d6806777fc4c8135162a516a97028529e9f35406152d91c84ee383a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 26 Nov 2023 03:29:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4d1c-60b05cb406140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8O9BuzW3wz2uHXAbhi4vtFVOS3x6SqTkBSZSrW0NV%2FSbNd%2Fkf7PipoodUo9L2NC60YvwwJzrpjKgetZR%2FFKRDXtH%2FXtRQLmp1kVcwr1b9FxRPSH2eXlkuyLYF7PRPjh2sZntCnY8pXTLZ0ymoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6d96feb4bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 19740

GET
H2 200 Sub-Banner-rtp3.jpg
logoibanner.com/banner-spam/ 193 KB
194 KB 362ms
160ms Image
image/jpeg 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/Sub-Banner-rtp3.jpg
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbe716ae05af26af6b7550318b34a1217d2b9bc695757af8a27d259d6eadeb1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 Nov 2023 12:59:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "30469-60b21dfdea280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pm7dN2NXTx92yClM3NN%2B2grqN0HTlls99ajcioU7nGTDwxUGURAuz9vbOMhW7ebEQHqwjkTDzH9sh7uTg3AutINt2tcPNDBaNYGck0TnWbHo6OTMPsVCxY%2FnpieWJJl7Aok0P1LOxRYXYKs9YYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6d96fee4bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 197737

GET
H2 200 android-wbmpdv-1.png
logoibanner.com/banner-spam/ 33 KB
34 KB 361ms
160ms Image
image/png 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/android-wbmpdv-1.png
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bc7acc22641d49a360df924f5ab79ce82c623acee25313ebeedf3389293634a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Nov 2023 15:05:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8519-60ae74800d080"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oocshEn7kNOLjE6CVUFvnvP80hHFEkN%2ByO8RQ4mmeC120VdABsjX7%2FMsS1vEl9lpWzPgrWylN8ZPDoXIyvIqMuEyIatm20dw1MYDkLp3gbvLz43Xk5vVZeQwaCjtFbAVTJ5sEeZI8l5wX%2BlbG%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6d96fef4bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 34073

GET
H2 200 bonus-mqwb4s-1.png
logoibanner.com/banner-spam/ 24 KB
24 KB 328ms
127ms Image
image/png 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/bonus-mqwb4s-1.png
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19512b7b4ad3f3b2c5ce901fb302d8fc201a1311c4ccf044f3ea646216192053

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Nov 2023 15:05:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ec1-60ae7482e9740"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAWmvrGRI0FymuXaXnShHb%2FfRqgVH%2BILKXRMo8SALWHS821MF0GikGoexb5skA1t33MkmD%2B42R5FO2yTICnl5Xs%2FOi%2BzuruepL0arSqWa0KOBoEXiFJwsDt26lYEg2eXM5BW5MtBJOm8G1Wnkw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6d96fea4bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 24257

GET
H2 200 user-yzbufa.png
logoibanner.com/banner-spam/ 14 KB
15 KB 360ms
159ms Image
image/png 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/user-yzbufa.png
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9452b0cc625c7486a262bc94983a94900aa32df41c439ae4838784bf2f7de95d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Nov 2023 15:05:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3981-60ae7486ba040"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgxGeo4qxttkUqjEnAjoQs8ET%2BexY%2Fooz7HQftaj10Wv8dh%2FCORpZG07fXWFCYDoe%2FIjoq26zFB1bgeQgA7YdnWFwzxAG0xZrisi4hVOB9PhZjmpoY0aA5p0FoNN1UnnKYnDS5jt4DCAovB7GFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6d96fe94bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 14721

GET
H2 200 whatsapp-ea3wc5.png
logoibanner.com/banner-spam/ 60 KB
60 KB 360ms
159ms Image
image/png 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/whatsapp-ea3wc5.png
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ae0da608502c76d86c276585ec9db8c0d677204edc68329a425b7992b1bd71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Nov 2023 15:05:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ee44-60ae748a8a940"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4TFHW7UolOHH7KoS12DDZVvd%2FhuW7x6%2BWnyI7ylAEsB6HnOiJLkYsX5H2juH8x3UmFSJtUsgFcuA3RH4%2BnOUbmlcFJ07Tg3K36UMZHZE3Y5DVr8icttAxb1SqokRnH7dJM7LXYxK82VGxUY21A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6d96fe54bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 60996

GET
H2 200 live-chat-k8zjuk.png
logoibanner.com/banner-spam/ 47 KB
47 KB 330ms
130ms Image
image/png 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/live-chat-k8zjuk.png
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8deeac16377d8d003fcac7855f0a77bbe7d2aa7c5969c41bbb14699df10d92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Nov 2023 15:05:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bb07-60ae748d67000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2B1TFAXNjcv%2Bw6PVZNdVLIpLtKRELLrRM8vi%2FQ7KKxSgNEmzeNJgNAUcJhv2TXuMfidXdMJRjecxmNsn9eAz4gU%2BwAfBfduG5PSsfITg%2FRC0bKzOMoH18tSJeAR%2BRqBtU%2BDmnQ994vERxD%2B0eaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6d96fe84bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 47879

GET
H2 200 SubBanner-rtp4.jpg
logoibanner.com/banner-spam/ 162 KB
162 KB 128ms
127ms Image
image/jpeg 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/SubBanner-rtp4.jpg
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33d1540574d53e142a6698c7bc81be64bcb1ef59d58fed9b94d69ff59461e1c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 Nov 2023 14:00:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "28800-60b22b9026740"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Hajwhv8t%2FV9EqSLHvZ64P9Mxp4yjDRMRvc%2BFQ2qNvXfwDROAplOZtkxs35mU1i36ahgIA70FUtxoC78MAex0w%2FgOwIDVWVFcIuUJqhrn9onP%2BmYlkmN%2FZ36oXDVasn2xJwJI3n2ofz38Ed40Wo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6da38294bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 165888

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012403072016000/v0/ 7 KB
3 KB 40ms
40ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012403072016000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e423f9f0e5d2f5025dfa17df7d43ee990f810a2cdad37b0bc975d8b24b52e70c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.golfballantyne.com.moroccopavilion.com/
Origin: https://www.golfballantyne.com.moroccopavilion.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Mar 2024 04:32:08 GMT
age: 205761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2819
x-xss-protection: 0
server: sffe
etag: "2c1f9b4dc816fe1a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Mar 2025 04:32:08 GMT

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012403072016000/v0/ 12 KB
4 KB 40ms
40ms Script
text/javascript 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012403072016000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

392ab384497754f8e8e9564e466faa82080dc9083b4e68f8fd8e6dce0f4accec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.golfballantyne.com.moroccopavilion.com/
Origin: https://www.golfballantyne.com.moroccopavilion.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Mar 2024 04:34:34 GMT
age: 205615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
server: sffe
etag: "4c7254302c2b6a6b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Mar 2025 04:34:34 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 banner-rtp3.jpg
logoibanner.com/banner-spam/ 305 KB
305 KB 323ms
160ms Image
image/jpeg 2606:4700:3030::6815:206d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logoibanner.com/banner-spam/banner-rtp3.jpg
Requested by: Host: www.golfballantyne.com.moroccopavilion.com
URL: https://www.golfballantyne.com.moroccopavilion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:206d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93a285ecc112c29d91af47ef7fa73cfd88e94aebd01b167f17fe07d3836fc9bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.golfballantyne.com.moroccopavilion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 13:41:29 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 Nov 2023 12:59:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4c2d4-60b21dfc01e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5NzuXEDbh2gArzCfgnwqED0d2p0M1QEupdgBgzFNA05Le%2Bij50imDHSF8MkJGlLhghuho7QGL5s36GsfsQ5PUIZaHnsJWOYYB3CIf9C7EwN5R0j34S6oyr7Dc4%2BgX6WfjihMTvEK3d8ICdC7Wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 868ed6d96ff14bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 312020

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.golfballantyne.com.moroccopavilion.com/ Message: The resource https://www.golfballantyne.com/ was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
logoibanner.com
www.golfballantyne.com
www.golfballantyne.com.moroccopavilion.com
198.252.98.122
2606:4700:3030::6815:206d
2607:f8b0:4004:c17::84
0bc7acc22641d49a360df924f5ab79ce82c623acee25313ebeedf3389293634a
19512b7b4ad3f3b2c5ce901fb302d8fc201a1311c4ccf044f3ea646216192053
20718a348e28739425b7a25e22fc405f31d3ddb9476c78fc0a5b283bb60db533
25c285656f631de5623c63584f69fb96bdc96bc1a25caf80b44cc236eab6e1af
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2dacc2ff753b4d40bf6715d8d5f5f720186d90dd3cd69121fa7f5bb90fe2b998
33d1540574d53e142a6698c7bc81be64bcb1ef59d58fed9b94d69ff59461e1c2
392ab384497754f8e8e9564e466faa82080dc9083b4e68f8fd8e6dce0f4accec
4d9057e0d6806777fc4c8135162a516a97028529e9f35406152d91c84ee383a8
4fbe716ae05af26af6b7550318b34a1217d2b9bc695757af8a27d259d6eadeb1
519f20b39a9c7160976106b5b07bade72c578f164db7968507d737f4750875e4
72ae0da608502c76d86c276585ec9db8c0d677204edc68329a425b7992b1bd71
8ba23d7255cc3f3007e17b62d04169c9ae9c3a600c5108d99bb14a3adaddc5e9
93a285ecc112c29d91af47ef7fa73cfd88e94aebd01b167f17fe07d3836fc9bf
9452b0cc625c7486a262bc94983a94900aa32df41c439ae4838784bf2f7de95d
aa8deeac16377d8d003fcac7855f0a77bbe7d2aa7c5969c41bbb14699df10d92
ca6c3c5c8e1daefb217c253fda11ab0bddd7621911d4636f07ffe364f80dddb1
e094bc3cd1d886c01e7c82c8b332bf77029b84dc2be9039d7e1c650963f93662
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e423f9f0e5d2f5025dfa17df7d43ee990f810a2cdad37b0bc975d8b24b52e70c
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f4197bc36a73ac65b755e5f538bdc23924674fb87c54bef4d48a3e0c6e499fb9
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

www.golfballantyne.com.moroccopavilion.com Open in urlscan Pro 198.252.98.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

968 kBTransfer

1229 kBSize

0 Cookies

2 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.golfballantyne.com.moroccopavilion.com Open in urlscan Pro
198.252.98.122 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

968 kB
Transfer

1229 kB
Size

0
Cookies

18 HTTP transactions
5 data transactions