timetravelpromotion.com
2606:4700:3034::ac43:c9f8 

Submitted URL: https://detailcount.world/?aa=4069205036&sei=45884865&tk=4qici0HL42nfCO62Rc6r&t=4
Effective URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Submission: On January 21 via manual from NL

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3034::ac43:c9f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is timetravelpromotion.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 9th 2020. Valid for: a year.
This is the only time timetravelpromotion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
18 timetravelpromotion.com quotes-expert.com
timetravelpromotion.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.google.com timetravelpromotion.com
www.gstatic.com
3 www.googletagmanager.com admailers.net
quotes-expert.com
timetravelpromotion.com
2 fonts.gstatic.com fonts.googleapis.com
2 stackpath.bootstrapcdn.com timetravelpromotion.com
stackpath.bootstrapcdn.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com timetravelpromotion.com
1 quotes-expert.com admailers.net
1 admailers.net
1 detailcount.world 1 redirects
38 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-11-09 -
2021-11-08
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh

This page contains 3 frames:

Primary Page: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Frame ID: E0520C51AE85B3755CBA52D44A34573F
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdKMNQZAAAAAHNXJHI4XJZmUKVNvRfDKe6WGFKe&co=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbTo0NDM.&hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&size=normal&cb=3w352r1uvii1
Frame ID: 3404D3A6289F0C4F031925FF82460073
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LdKMNQZAAAAAHNXJHI4XJZmUKVNvRfDKe6WGFKe&cb=pvgfdnhgauaz
Frame ID: 94FF806AD7F9B9E7E57065EA3BC41171
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://detailcount.world/?aa=4069205036&sei=45884865&tk=4qici0HL42nfCO62Rc6r&t=4 HTTP 302
    https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24... Page URL
  2. https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24... Page URL
  3. https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

38
Requests

97 %
HTTPS

100 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

674 kB
Transfer

1480 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://detailcount.world/?aa=4069205036&sei=45884865&tk=4qici0HL42nfCO62Rc6r&t=4 HTTP 302
    https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20= Page URL
  2. https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward= Page URL
  3. https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://detailcount.world/?aa=4069205036&sei=45884865&tk=4qici0HL42nfCO62Rc6r&t=4 HTTP 302
  • https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
admailers.net/
Redirect Chain
  • https://detailcount.world/?aa=4069205036&sei=45884865&tk=4qici0HL42nfCO62Rc6r&t=4
  • https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=c...
2 KB
1 KB
Document
General
Full URL
https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
admailers.net
:scheme
https
:path
/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:15 GMT
content-type
text/html
set-cookie
__cfduid=de95486306fe4dba25953e4c33f6c70221611238155; expires=Sat, 20-Feb-21 14:09:15 GMT; path=/; domain=.admailers.net; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
07c6e03d190000d6f9c33f2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uAnmILBwS5Frw67cufskHmFW4dwgEKRFkF7pN5oRIIoesmBe8RswGTXzAXYz1YMElh%2Br%2F3i09Ofj%2Bf8F04KBLeOtFFYH7ta351XOFFtepaUermDDp8QE%2B9Fj"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61519ca82873d6f9-FRA
content-encoding
br

Redirect headers

date
Thu, 21 Jan 2021 14:09:15 GMT
content-type
text/html
set-cookie
__cfduid=d45d9c27780e947466fdabe00e09b67c71611238155; expires=Sat, 20-Feb-21 14:09:15 GMT; path=/; domain=.detailcount.world; HttpOnly; SameSite=Lax
location
https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
cf-cache-status
DYNAMIC
cf-request-id
07c6e03bc7000005bff8b06000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v6vU8%2BG3f2RY%2FwqTjzI7ANEuv6acrYBi%2FaeHzReK%2Bf7E%2FObQskGInWGCZxAGykqU7jveyMXfS0le2%2FHoAhpQ5h1KNtkPLpADrij2f2RJs%2BG1PmkpgTnfKEWq0e3%2BYQ%3D%3D"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
61519ca60b2f05bf-FRA
js?id=UA-182961244-1
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-182961244-1
Requested by
Host: admailers.net
URL: https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39560
x-xss-protection
0
last-modified
Thu, 21 Jan 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Jan 2021 14:09:15 GMT
traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
quotes-expert.com/
2 KB
1 KB
Document
General
Full URL
https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
Requested by
Host: admailers.net
URL: https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd36a46541d9eed2d3db8832ef3af47d228d65fc887fc37e9f570bd6bf9e624f

Request headers

:method
GET
:authority
quotes-expert.com
:scheme
https
:path
/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=

Response headers

date
Thu, 21 Jan 2021 14:09:15 GMT
content-type
text/html
set-cookie
__cfduid=d52e6dd21a9f2ac7c54560ae5eb1b51c11611238155; expires=Sat, 20-Feb-21 14:09:15 GMT; path=/; domain=.quotes-expert.com; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
cf-request-id
07c6e03d9f00002bc6d7145000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OibwdAvAGv9nE%2FMiIokzOTZzIvAITNcFjZJgXVhX66T0Cdu63ehXZQdTKlwgguowBX4q4UvZ9fCYGYgAxPXucr2FGifeyJzBAVl%2F2h40T2jxAOA3rRmgWzmT%2F7kLaA%3D%3D"}],"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61519ca8ff162bc6-FRA
content-encoding
br
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182961244-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://admailers.net/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=cXVvdGVzLWV4cGVydC5jb20=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2983
date
Thu, 21 Jan 2021 13:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 21 Jan 2021 15:19:32 GMT
collect?v=1&_v=j87&a=2111384701&t=pageview&_s=1&dl=https%3A%2F%2Fadmailers.net%2Ftraffic.php%3FLocation%3DaHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg...
www.google-analytics.com/j/
0
0

js?id=UA-182869449-1
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-182869449-1
Requested by
Host: quotes-expert.com
URL: https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39561
x-xss-protection
0
last-modified
Thu, 21 Jan 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Jan 2021 14:09:15 GMT
Primary Request scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
timetravelpromotion.com/
17 KB
4 KB
Document
General
Full URL
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Requested by
Host: quotes-expert.com
URL: https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27928daaa65919c4ef063b1d5cae432f9e6347b6c9d3e17e8d95c66964f0f73c

Request headers

:method
GET
:authority
timetravelpromotion.com
:scheme
https
:path
/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-type
text/html
set-cookie
__cfduid=d82880210aafc87bfd5685c947810b5631611238155; expires=Sat, 20-Feb-21 14:09:15 GMT; path=/; domain=.timetravelpromotion.com; HttpOnly; SameSite=Lax; Secure
cf-cache-status
DYNAMIC
cf-request-id
07c6e03e3c00002bad98bdc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xa4jSojSADTWmw%2Bs4mrL7%2BdSKpBX7JiIw91THqpTjFQFHZRQrW1cUBisSgcI7QQ48%2FHUdML122%2BEMWgFATVbiwRMw2HdvRU21QHpCapyzlLYh1LBTYOf461NL944iUE61GJHQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61519ca9f8c62bad-FRA
content-encoding
br
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182869449-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2983
date
Thu, 21 Jan 2021 13:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 21 Jan 2021 15:19:32 GMT
collect?v=1&_v=j87&a=943388713&t=pageview&_s=1&dl=https%3A%2F%2Fquotes-expert.com%2Ftraffic.php%3FLocation%3DaHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00...
www.google-analytics.com/j/
1 B
188 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=943388713&t=pageview&_s=1&dl=https%3A%2F%2Fquotes-expert.com%2Ftraffic.php%3FLocation%3DaHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg%3D%3D%26Forward%3D&dr=https%3A%2F%2Fadmailers.net%2Ftraffic.php%3FLocation%3DaHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg%3D%3D%26Forward%3DcXVvdGVzLWV4cGVydC5jb20%3D&ul=en-us&de=UTF-8&dt=Latest%20news%2C%20offers%20and%20opportunities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=59589349&gjid=302660435&cid=1800192201.1611238156&tid=UA-182869449-1&_gid=1201382198.1611238156&_r=1&gtm=2ou1d0&z=808581967
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://quotes-expert.com/traffic.php?Location=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==&Forward=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 14:09:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://quotes-expert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.min.css
timetravelpromotion.com/assets/css/bootstrap-4-5-3/css/
157 KB
21 KB
Stylesheet
General
Full URL
https://timetravelpromotion.com/assets/css/bootstrap-4-5-3/css/bootstrap.min.css
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:47 GMT
server
cloudflare
age
6875
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3hqt3cqMKoIEyLh9dVujbXI1HbOzU%2BhrDYm6WJYEyTxq2YQmtM1OzchnEiVaPlUKhWgDljv2MOU%2Bf7edkZ4EXoA392cQdbzOjbB6V8EiLUkbwI9m4MBB43ys0tHTF5k0RiLfGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61519cacfa312bad-FRA
cf-request-id
07c6e0401f00002bad66aaa000000001
style-basic.min.css
timetravelpromotion.com/assets/css/style/
2 KB
1 KB
Stylesheet
General
Full URL
https://timetravelpromotion.com/assets/css/style/style-basic.min.css
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6000d4f1f68598ffce16ac5a380f8aa54f264044c827e84bd97aa0487d7cd8

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 13:53:25 GMT
server
cloudflare
age
6875
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n6SrTQkGh9ZitylzM0VG9aLVIxiNT%2Be3a%2FIS%2BhzhWDA7xPz2%2FpOhB0C6Je%2BEy%2B7Us2sz51ZSURLpCvlZFGtD4AuXAc30xtEo94Eg7nnwAjsHGBKt%2BU9301ViB1smkJaPBiJOTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61519cacfa332bad-FRA
cf-request-id
07c6e0401f00002bad748dd000000001
style-message.min.css
timetravelpromotion.com/assets/css/style/
2 KB
828 B
Stylesheet
General
Full URL
https://timetravelpromotion.com/assets/css/style/style-message.min.css
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef118cee6e3f0ef6ab9ee2a7e45738edd8b8eaa38576519c9c0d1b877258807

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 13:53:25 GMT
server
cloudflare
age
6875
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oU69SmEDiPlG68KFgkl%2FXjM8OyKb7z7M%2F2hkodSaIEjcpZkzVO%2FIHzLhJPsQQ0VqEAdhMN021hsVVWBvcoc9LG30CDuMWXl%2FQAMs9AMu1NK83G6Occw%2FEtYU6F5%2BYAF0666ZPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61519cacfa342bad-FRA
cf-request-id
07c6e0401f00002bad913bf000000001
style-input.min.css
timetravelpromotion.com/assets/css/style/
4 KB
1 KB
Stylesheet
General
Full URL
https://timetravelpromotion.com/assets/css/style/style-input.min.css
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4714510710a33ec0987c0956538ae9d2c5c325bd3f76872900f355016f3e66f4

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 13:53:25 GMT
server
cloudflare
age
6875
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NbwXVYXKsioTpEaYHt9IK9RgGc3V1OI3DDNRH6wH1FE6ejDzPaAYj4hXZ0%2BEOKxhD8%2BWbQHFJIeXc%2FKsQ9u8C30JbjeJIegPRXZQUFGmXF2ZxN%2FMF%2Bn0c6lyJX%2FvvzbvH8GNjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61519cacfa352bad-FRA
cf-request-id
07c6e0402000002baded055000000001
style-main.min.css
timetravelpromotion.com/assets/css/style/
3 KB
1 KB
Stylesheet
General
Full URL
https://timetravelpromotion.com/assets/css/style/style-main.min.css
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14a7b30306b5232a48b4607dada1a6b0dce83e68434669bd5d964e2accc1db1a

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 13:53:25 GMT
server
cloudflare
age
6875
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nds%2FvqfwC%2B1GULfcagiwqP60i1TzD81n0k8Y9EINGacXnMgXfuooQvG6IlL5luqlRmDzki8xqOFUskbingVCyHlFdonwQDTElJ3NkYz5folKp5LzVZ%2FbhUmErvuKoHRxoCxRUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61519cacfa362bad-FRA
cf-request-id
07c6e0402000002badd23c7000000001
page-info.min.css
timetravelpromotion.com/assets/css/style/
8 KB
2 KB
Stylesheet
General
Full URL
https://timetravelpromotion.com/assets/css/style/page-info.min.css
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1385605bf9f983caa207e5a2f9801af078f2e0b7e8839ec552e6c027e1a54fe

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 13:53:25 GMT
server
cloudflare
age
6875
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PyhO87PriGc2Ksbdh73KFQzZoXSeZWalU2z6bUR%2Bv4EZHKE3Ei3gjupIDKGzFyQXC3JPJYs93Jq2tGD8u1Fs0SvWLJRw08qrJAUAz4ZDbEPkbo9VizleLQrGT06z%2FaCREdd55Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61519cacfa382bad-FRA
cf-request-id
07c6e0402000002badea82e000000001
api.js
www.google.com/recaptcha/
850 B
972 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f883ac1ff4bb4a60ccf481ff2f9231b07dcb0bb82c64b8c6f96f5b91e152da9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Thu, 21 Jan 2021 14:09:16 GMT
js?id=UA-179739804-1
www.googletagmanager.com/gtag/
101 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-179739804-1
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35f4e4c388e3022d8f350a4c2310999fd8eac8a09f7b758ad073dbec3803bb8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40508
x-xss-protection
0
expires
Thu, 21 Jan 2021 14:09:16 GMT
icon.png
timetravelpromotion.com/assets/img/
6 KB
6 KB
Image
General
Full URL
https://timetravelpromotion.com/assets/img/icon.png
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d46b1f9503a0bbb44519116ce90acd85d2a882fc6daa864ffd840cea65d3e57

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:55 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=roDhxFdJ4zzgXc6U3ui2%2FLtfjeRY%2FM1lIVKl1j0ssRouCFqTdp9skYtuiwcM3TiPv3xnWMrvVlkBJi8T8oGwVbMgFFxc2D6FHKVjOJqkiggQk0OWWoyCjewiohqRZ9Tdogyg%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
61519cad5b2a2bad-FRA
content-length
5633
cf-request-id
07c6e0405400002badb8238000000001
poza.png
timetravelpromotion.com/assets/img/
131 KB
132 KB
Image
General
Full URL
https://timetravelpromotion.com/assets/img/poza.png
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaad0733a008e41d88009fb2815bb95299e33c6dbb49c09cb4b9ec503d7d21cc

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:56 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aHG3pCi2RUvraB4ERJmjIsZhv2X%2BDoe4eouCiS8jOHzVz1YvXr0VppYgQ8CC3SeYOSSJLba8B3EuQWJHKiZweU%2BGR%2F8htfmnhQUbQ9a4cI8QDnutaDbT2EIyxZkiTx1V4S%2F6VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
61519cad5b2b2bad-FRA
content-length
134519
cf-request-id
07c6e0405400002bad909ee000000001
01-mail.png
timetravelpromotion.com/assets/img/
13 KB
13 KB
Image
General
Full URL
https://timetravelpromotion.com/assets/img/01-mail.png
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9916c70e0ae36860b18bd903b15a3f29dd5abf56e06b01c7ddf270309f33399f

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:53 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fp7ehA4v%2Bmu5ZpCS07dlk%2FoJLXAa0FEH%2B0aAJtw9tV5wkPIdn3bPCPTu6lisTWfQu3g1qCsm%2BmQfjs5mC5Lrvaw51JQ5FWpAMDCqdMzDJVNmi1o9kNpqg4IrerNAfWopJEY7JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
61519cad5b2d2bad-FRA
content-length
13172
cf-request-id
07c6e0405400002baddf3fa000000001
02-mail.png
timetravelpromotion.com/assets/img/
8 KB
8 KB
Image
General
Full URL
https://timetravelpromotion.com/assets/img/02-mail.png
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a48135017c3eaf6f2f3a2465a62c44379a8bdf1608c45a2db7b7ce1c64ebc38

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:54 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pR6xma0IXpCJUjPqyfvq2cFLxUbwmkmYs25%2FQ1zp68qSQE73%2BWKofSpSlkcEJXyyX4tI8U3O3m8CyJ5T0plIbGsI7zogwy7x04um%2B9xkACvq6YYnKOsTsDQIcijPBcDxUr%2BByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
61519cad5b2f2bad-FRA
content-length
7921
cf-request-id
07c6e0405400002badf6064000000001
03-mail.png
timetravelpromotion.com/assets/img/
2 KB
2 KB
Image
General
Full URL
https://timetravelpromotion.com/assets/img/03-mail.png
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e640c80482247bcbe777c94c60e20c6e18015aa2c4b87df44efbc507c7deb34f

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:54 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sglZhqZeEwU6Z8Ki%2FaLU0qqULtdwQTL0a1z7AWAFmEyCXcdXkK6mBiHPyHT8r0vVctHoR%2F6aejaiC2%2BL3Nxx%2F2N6mTHmqqMo1v6n6cU2VujUSqIA4YXs0jo%2Ff8ZlBZTYI1Z7og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
61519cad5b312bad-FRA
content-length
1705
cf-request-id
07c6e0405400002badf9b89000000001
04-mail.png
timetravelpromotion.com/assets/img/
11 KB
12 KB
Image
General
Full URL
https://timetravelpromotion.com/assets/img/04-mail.png
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fedc6f2f946b4a0ae5ded42c911cb48df042f97d6afd213ca8f61a69104d59c

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:54 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KM9gw%2Fuyqr83RgAroaFRS%2F%2BXoD%2B9E2V4s6NmVvuU038AL5NZg7ST5pvG%2FSAnMfkneOXUy%2F32CbKyc37PbRKQznrjlOwOAXfp1kwFjnYf2ML3U7Fe6YypIbaqVlSQ0ex0Ae7SiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
61519cad5b342bad-FRA
content-length
11543
cf-request-id
07c6e0405500002badf7012000000001
menu.png
timetravelpromotion.com/assets/img/
12 KB
13 KB
Image
General
Full URL
https://timetravelpromotion.com/assets/img/menu.png
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7557d3cc6f36141147002297c321bf3cb32bf64a722e3ab180dc4014352ccbbd

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:55 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gFCjFN%2FAphPQkM7oe75s8XERZ3JhSwYvqggq41DDyF8DEwYyBYE197yD48P0%2F04JWl5eHk1n9x44d%2F40BBa28BsNRIxuN1BlJRn01C6rddsEie%2Bho2q0lD5oBZHY3Siiq5tUMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
accept-ranges
bytes
cf-ray
61519cad5b352bad-FRA
content-length
12492
cf-request-id
07c6e0405900002badf03c9000000001
tpixel.php?sli=4069205036&sei=45884865&tk=4qici0HL42nfCO62Rc6r&c=&lt=44&p=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTB...
timetravelpromotion.com/
70 B
371 B
Image
General
Full URL
https://timetravelpromotion.com/tpixel.php?sli=4069205036&sei=45884865&tk=4qici0HL42nfCO62Rc6r&c=&lt=44&p=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg==
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c38e9c4fd4766f5cdd01074572f66a82c9257b0b27878e173fb7916f8b6744

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id
07c6e0405500002badaf3f1000000001
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
date
Thu, 21 Jan 2021 14:09:16 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WoRlkL4JlLlwGBUvD0VL91bQTCAjqi6Gyz71XBwk9YFYjYYuZPqRY8VG%2FAB15qMrBkq%2BR8%2FaOw4ffPELFo0drmA8Lzr9cskuqrknBdipVLwRW5z%2F5KH%2Fg7U15L6VrJjYSzWDSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cf-ray
61519cad5b382bad-FRA
jquery-3.5.1.min.js
timetravelpromotion.com/assets/js/jquery-3-5-1/
87 KB
30 KB
Script
General
Full URL
https://timetravelpromotion.com/assets/js/jquery-3-5-1/jquery-3.5.1.min.js
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:57 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MYa%2Bhuvmxu2Zm8tlWHIcuiAKxImsi1Bz9LN2dtjlu9ItaRNGER2p0Z8xDDosflsXki%2FihT5Buc4a0C3lKh5pzc03j50FH2LXd1HAp1Yh4bPMsRMtBfwMOgq6rowK7C91bhOriQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61519cad4aee2bad-FRA
cf-request-id
07c6e0404800002bad91b81000000001
bootstrap.min.js
timetravelpromotion.com/assets/css/bootstrap-4-5-3/js/
62 KB
14 KB
Script
General
Full URL
https://timetravelpromotion.com/assets/css/bootstrap-4-5-3/js/bootstrap.min.js
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Nov 2020 18:15:51 GMT
server
cloudflare
age
6874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Em9lRyB7GdnhOjoLnTFpEndzENgX5WDlmLWKNqqKs320BcETf1N%2FZYDu655x0arFCAkGuMoxnegLbZzChkyk6CJIUEI40Px2ZM3bdREeTpW6Jg6I%2BGBdzfcv8UdxGCJLo98vnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
61519cad4b0c2bad-FRA
cf-request-id
07c6e0405100002bad98817000000001
scaledown.js
timetravelpromotion.com/
577 B
624 B
Script
General
Full URL
https://timetravelpromotion.com/scaledown.js
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93def3e57ec9b220d2058b103c8dd2a987f2c171c1c727746567a0d80f9f60af

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
6874
cf-polished
origSize=1562
cf-request-id
07c6e0405300002baddc0d0000000001
last-modified
Thu, 05 Nov 2020 19:46:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nw3NF1SIvJf9eXRVhCmdCiX2tlR6B9Thgh%2BrTK7Gb1P6Ge6MfHoEfveLfo8LbsPykARPOASTNCnPYEL1zSUpsTZQxD5UtbH%2FqORNqRMyfr4g%2FmO01M1bh%2Fe4LYj2nWZvC54vWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
61519cad5b252bad-FRA
cf-bgj
minify
css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext
fonts.googleapis.com/
57 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/assets/css/style/style-basic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d6603c97894269a8dc0c426361e0bc0f389e82ac9205799eef68de1f1a299c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://timetravelpromotion.com/assets/css/style/style-basic.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Jan 2021 14:09:16 GMT
server
ESF
date
Thu, 21 Jan 2021 14:09:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Jan 2021 14:09:16 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: timetravelpromotion.com
URL: https://timetravelpromotion.com/assets/css/style/style-basic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://timetravelpromotion.com/assets/css/style/style-basic.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/
331 KB
130 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ab2ee6c6698b57f2f3c79839a574a6808197ac57b7fbc6295b1be3ab8a4d279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://timetravelpromotion.com
Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 13:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2950
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132786
x-xss-protection
0
last-modified
Sun, 17 Jan 2021 15:08:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jan 2022 13:20:06 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://timetravelpromotion.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 16:17:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
597123
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 14 Jan 2022 16:17:13 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://timetravelpromotion.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=latin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 07:38:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
541826
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 15 Jan 2022 07:38:50 GMT
fontawesome-webfont.woff2?v=4.7.0
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
75 KB
Font
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://timetravelpromotion.com
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 14:09:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
anchor?ar=1&k=6LdKMNQZAAAAAHNXJHI4XJZmUKVNvRfDKe6WGFKe&co=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbTo0NDM.&hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&size=normal&cb=3w352r1uvii1
www.google.com/recaptcha/api2/ Frame 3404
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdKMNQZAAAAAHNXJHI4XJZmUKVNvRfDKe6WGFKe&co=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbTo0NDM.&hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&size=normal&cb=3w352r1uvii1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x22Mtm3NbZcCbLthz71gLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdKMNQZAAAAAHNXJHI4XJZmUKVNvRfDKe6WGFKe&co=aHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbTo0NDM.&hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&size=normal&cb=3w352r1uvii1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 21 Jan 2021 14:09:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-x22Mtm3NbZcCbLthz71gLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11423
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179739804-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2984
date
Thu, 21 Jan 2021 13:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 21 Jan 2021 15:19:32 GMT
collect?v=1&_v=j87&a=1686526074&t=pageview&_s=1&dl=https%3A%2F%2Ftimetravelpromotion.com%2Fscaledown.php%3Fsli%3D4069205036%26sei%3D45884865%26ctgi%3D130%26tk%3D4qici0HL42nfCO62Rc6r&dr=https%3A%2F%...
www.google-analytics.com/j/
1 B
70 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1686526074&t=pageview&_s=1&dl=https%3A%2F%2Ftimetravelpromotion.com%2Fscaledown.php%3Fsli%3D4069205036%26sei%3D45884865%26ctgi%3D130%26tk%3D4qici0HL42nfCO62Rc6r&dr=https%3A%2F%2Fquotes-expert.com%2Ftraffic.php%3FLocation%3DaHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg%3D%3D%26Forward%3D&ul=en-us&de=UTF-8&dt=Scale%20down%20the%20awesomeness&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1067006948&gjid=557438196&cid=1923792611.1611238157&tid=UA-179739804-1&_gid=721588597.1611238157&_r=1&gtm=2ou1d0&z=1415849188
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Jan 2021 14:09:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://timetravelpromotion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LdKMNQZAAAAAHNXJHI4XJZmUKVNvRfDKe6WGFKe&cb=pvgfdnhgauaz
www.google.com/recaptcha/api2/ Frame 94FF
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LdKMNQZAAAAAHNXJHI4XJZmUKVNvRfDKe6WGFKe&cb=pvgfdnhgauaz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-25QpW8KBWYgBtCQ9RwXcPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LdKMNQZAAAAAHNXJHI4XJZmUKVNvRfDKe6WGFKe&cb=pvgfdnhgauaz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://timetravelpromotion.com/scaledown.php?sli=4069205036&sei=45884865&ctgi=130&tk=4qici0HL42nfCO62Rc6r

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 21 Jan 2021 14:09:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-25QpW8KBWYgBtCQ9RwXcPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1126
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2111384701&t=pageview&_s=1&dl=https%3A%2F%2Fadmailers.net%2Ftraffic.php%3FLocation%3DaHR0cHM6Ly90aW1ldHJhdmVscHJvbW90aW9uLmNvbS9zY2FsZWRvd24ucGhwP3NsaT00MDY5MjA1MDM2JnNlaT00NTg4NDg2NSZjdGdpPTEzMCZ0az00cWljaTBITDQybmZDTzYyUmM2cg%3D%3D%26Forward%3DcXVvdGVzLWV4cGVydC5jb20%3D&ul=en-us&de=UTF-8&dt=Latest%20news%2C%20offers%20and%20opportunities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1416778977&gjid=2017319074&cid=365090763.1611238156&tid=UA-182961244-1&_gid=1459333667.1611238156&_r=1&gtm=2ou1d0&z=1290500259

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| gtag object| dataLayer function| $ function| jQuery object| bootstrap object| google_tag_manager object| recaptcha object| closure_lm_976997 object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.timetravelpromotion.com/ Name: _gat_gtag_UA_179739804_1
Value: 1
.timetravelpromotion.com/ Name: _gid
Value: GA1.2.721588597.1611238157
.timetravelpromotion.com/ Name: _ga
Value: GA1.2.1923792611.1611238157
.timetravelpromotion.com/ Name: __cfduid
Value: d82880210aafc87bfd5685c947810b5631611238155

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admailers.net
detailcount.world
fonts.googleapis.com
fonts.gstatic.com
quotes-expert.com
stackpath.bootstrapcdn.com
timetravelpromotion.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.google-analytics.com
2001:4de0:ac19::1:b:3b
2606:4700:3034::6815:6009
2606:4700:3034::ac43:c9f8
2606:4700:3034::ac43:d374
2606:4700:3037::ac43:aef7
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:81b::2003
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
14a7b30306b5232a48b4607dada1a6b0dce83e68434669bd5d964e2accc1db1a
27928daaa65919c4ef063b1d5cae432f9e6347b6c9d3e17e8d95c66964f0f73c
2ab2ee6c6698b57f2f3c79839a574a6808197ac57b7fbc6295b1be3ab8a4d279
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35c38e9c4fd4766f5cdd01074572f66a82c9257b0b27878e173fb7916f8b6744
35f4e4c388e3022d8f350a4c2310999fd8eac8a09f7b758ad073dbec3803bb8e
4714510710a33ec0987c0956538ae9d2c5c325bd3f76872900f355016f3e66f4
4fedc6f2f946b4a0ae5ded42c911cb48df042f97d6afd213ca8f61a69104d59c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d46b1f9503a0bbb44519116ce90acd85d2a882fc6daa864ffd840cea65d3e57
7557d3cc6f36141147002297c321bf3cb32bf64a722e3ab180dc4014352ccbbd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8a48135017c3eaf6f2f3a2465a62c44379a8bdf1608c45a2db7b7ce1c64ebc38
8d6603c97894269a8dc0c426361e0bc0f389e82ac9205799eef68de1f1a299c9
93def3e57ec9b220d2058b103c8dd2a987f2c171c1c727746567a0d80f9f60af
9916c70e0ae36860b18bd903b15a3f29dd5abf56e06b01c7ddf270309f33399f
a1385605bf9f983caa207e5a2f9801af078f2e0b7e8839ec552e6c027e1a54fe
aaad0733a008e41d88009fb2815bb95299e33c6dbb49c09cb4b9ec503d7d21cc
bef118cee6e3f0ef6ab9ee2a7e45738edd8b8eaa38576519c9c0d1b877258807
cd36a46541d9eed2d3db8832ef3af47d228d65fc887fc37e9f570bd6bf9e624f
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e640c80482247bcbe777c94c60e20c6e18015aa2c4b87df44efbc507c7deb34f
ee6000d4f1f68598ffce16ac5a380f8aa54f264044c827e84bd97aa0487d7cd8
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f883ac1ff4bb4a60ccf481ff2f9231b07dcb0bb82c64b8c6f96f5b91e152da9c