traffic-monetizer.com Open in urlscan Pro
213.252.246.142 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Submission: On February 27 via api (February 27th 2021, 7:08:59 am UTC) from BR

Summary HTTP 261 Redirects Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 45 domains to perform 261 HTTP transactions. The main IP is 213.252.246.142, located in Lithuania and belongs to IST-AS, LT. The main domain is traffic-monetizer.com.

This is the only time traffic-monetizer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	213.252.246.142 213.252.246.142	61272 (IST-AS) (IST-AS)
2 2	91.92.196.190 91.92.196.190	49882 (SKRILL) (SKRILL)
41	2606:4700::68... 2606:4700::6811:2b64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	184.86.103.199 184.86.103.199	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:20:... 2606:4700:20::681a:89b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	67.199.248.13 67.199.248.13	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1	104.108.33.242 104.108.33.242	16625 (AKAMAI-AS) (AKAMAI-AS)
1 20	52.5.162.87 52.5.162.87	14618 (AMAZON-AES) (AMAZON-AES)
2 28	162.13.152.237 162.13.152.237	15395 (RACKSPACE...) (RACKSPACE-LON)
12 37	198.185.159.177 198.185.159.177	53831 (SQUARESPACE) (SQUARESPACE)
14	2a02:26f0:170... 2a02:26f0:1700:19b::3a15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.225.80.5 13.225.80.5	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	54.163.155.157 54.163.155.157	14618 (AMAZON-AES) (AMAZON-AES)
8	45.33.2.97 45.33.2.97	63949 (LINODE-AP...) (LINODE-AP Linode)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	3.97.24.204 3.97.24.204	16509 (AMAZON-02) (AMAZON-02)
4	54.203.166.4 54.203.166.4	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
12	151.101.12.238 151.101.12.238	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.95.164.10 52.95.164.10	16509 (AMAZON-02) (AMAZON-02)
1	13.225.80.24 13.225.80.24	16509 (AMAZON-02) (AMAZON-02)
1	2607:f2d8:401... 2607:f2d8:4010:8::2	18450 (WEBNX) (WEBNX)
1	2606:4700:303... 2606:4700:3030::ac43:8e72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.195.11 13.224.195.11	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	178.250.0.147 178.250.0.147	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.195.104 13.224.195.104	16509 (AMAZON-02) (AMAZON-02)
1 7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	13.224.194.62 13.224.194.62	16509 (AMAZON-02) (AMAZON-02)
2	88.150.147.252 88.150.147.252	20860 (IOMART-AS) (IOMART-AS)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.195.10 13.224.195.10	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:285::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
261	57

1 213.252.246.142 (Lithuania)

ASN61272 (IST-AS, LT)
PTR: 7401-15047.bacloud.info

traffic-monetizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.92.196.190 (United Kingdom) 2 redirects

ASN49882 (SKRILL, GB)

wlmarathonbet.adsrv.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700::6811:2b64 (United States)

ASN13335 (CLOUDFLARENET, US)

www.marathonbet.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.86.103.199 (Frankfurt am Main, Germany) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-199.deploy.static.akamaitechnologies.com

www.deezer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:89b (United States)

ASN13335 (CLOUDFLARENET, US)

gestyy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.248.13 (United States) 2 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)

etsy.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.33.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-33-242.deploy.static.akamaitechnologies.com

www.etsy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.5.162.87 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-162-87.compute-1.amazonaws.com

www.picpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 162.13.152.237 (United Kingdom) 2 redirects

ASN15395 (RACKSPACE-LON, GB)

www.entireweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 198.185.159.177 (United States) 12 redirects

ASN53831 (SQUARESPACE, US)

vermontbiz.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:1700:19b::3a15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.entireweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.80.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-5.fra2.r.cloudfront.net

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.163.155.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-155-157.compute-1.amazonaws.com

widgets.entireweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.33.2.97 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)

affiliate.entireweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.97.24.204 (Montreal, Canada) 2 redirects

ASN16509 (AMAZON-02, US)

guestlistapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
guestlist.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.203.166.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)

www.adplugg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.12.238 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static1.1.sqspcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.164.10 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com

s3-sa-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-24.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f2d8:4010:8::2 (United States)

ASN18450 (WEBNX, US)

api64.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8e72 (United States)

ASN13335 (CLOUDFLARENET, US)

www.iplocate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-11.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.147 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-104.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (United States) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

8522863.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-62.fra2.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.150.147.252 (Bradford, United Kingdom)

ASN20860 (IOMART-AS, GB)

web-analytics0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (United States)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-10.fra2.r.cloudfront.net

pj.l.a8723.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:285::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	entireweb.com 2 redirects www.entireweb.com cdn.entireweb.com widgets.entireweb.com affiliate.entireweb.com	2 MB
41	marathonbet.co.uk www.marathonbet.co.uk	454 KB
37	squarespace.com 12 redirects vermontbiz.squarespace.com	861 KB
20	picpay.com 1 redirects www.picpay.com	325 KB
12	sqspcdn.com static1.1.sqspcdn.com	9 MB
9	youtube.com www.youtube.com	677 KB
9	doubleclick.net 2 redirects 8522863.fls.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	10 KB
9	googletagmanager.com www.googletagmanager.com	390 KB
8	yandex.ru 3 redirects mc.yandex.ru	47 KB
7	facebook.com 1 redirects www.facebook.com	2 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	388 KB
7	google.com 1 redirects www.google.com adservice.google.com	17 KB
7	google-analytics.com www.google-analytics.com	163 KB
6	facebook.net connect.facebook.net	256 KB
6	deezer.com 4 redirects www.deezer.com	7 KB
5	google.de 1 redirects adservice.google.de www.google.de	2 KB
4	bing.com bat.bing.com	17 KB
4	adplugg.com www.adplugg.com	130 KB
3	googleadservices.com www.googleadservices.com	26 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	typekit.com use.typekit.com	36 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	web-analytics0.com web-analytics0.com	5 KB
2	criteo.com dynamic.criteo.com gum.criteo.com	648 B
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	8 KB
2	guestlistapp.com 2 redirects guestlistapp.com	1 KB
2	braintreegateway.com js.braintreegateway.com	180 KB
2	etsy.me 2 redirects etsy.me	485 B
2	gestyy.com gestyy.com
2	eacdn.com 2 redirects wlmarathonbet.adsrv.eacdn.com	985 B
1	newrelic.com js-agent.newrelic.com	11 KB
1	ytimg.com i.ytimg.com	55 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	typekit.net p.typekit.net	182 B
1	criteo.net static.criteo.net	12 KB
1	a8723.com pj.l.a8723.com	2 KB
1	atdmt.com cx.atdmt.com	651 B
1	amplitude.com cdn.amplitude.com	19 KB
1	iplocate.io www.iplocate.io	1 KB
1	ipify.org api64.ipify.org	238 B
1	amazonaws.com s3-sa-east-1.amazonaws.com	516 B
1	googleoptimize.com www.googleoptimize.com	34 KB
1	guestlist.co guestlist.co	4 KB
1	etsy.com www.etsy.com	516 B
1	traffic-monetizer.com traffic-monetizer.com	1 KB
261	45

	Domain	Requested by
41	www.marathonbet.co.uk	traffic-monetizer.com www.marathonbet.co.uk
37	vermontbiz.squarespace.com	12 redirects traffic-monetizer.com vermontbiz.squarespace.com
28	www.entireweb.com	2 redirects traffic-monetizer.com www.entireweb.com
20	www.picpay.com	1 redirects traffic-monetizer.com www.picpay.com
14	cdn.entireweb.com	www.entireweb.com
12	static1.1.sqspcdn.com	vermontbiz.squarespace.com
9	www.youtube.com	vermontbiz.squarespace.com www.youtube.com
9	www.googletagmanager.com	www.entireweb.com www.picpay.com www.googletagmanager.com www.marathonbet.co.uk 8522863.fls.doubleclick.net
8	mc.yandex.ru	3 redirects www.marathonbet.co.uk
8	affiliate.entireweb.com	www.entireweb.com affiliate.entireweb.com
7	www.facebook.com	1 redirects www.picpay.com 8522863.fls.doubleclick.net traffic-monetizer.com
7	www.google-analytics.com	www.googletagmanager.com www.picpay.com www.google-analytics.com vermontbiz.squarespace.com
6	connect.facebook.net	www.picpay.com connect.facebook.net 8522863.fls.doubleclick.net
6	www.google.com	1 redirects www.marathonbet.co.uk www.picpay.com 8522863.fls.doubleclick.net www.youtube.com
6	www.deezer.com	4 redirects traffic-monetizer.com
5	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	www.google.de	www.picpay.com 8522863.fls.doubleclick.net
4	bat.bing.com	www.entireweb.com
4	www.adplugg.com	www.entireweb.com www.adplugg.com
4	widgets.entireweb.com	www.entireweb.com widgets.entireweb.com
3	8522863.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	use.typekit.com	vermontbiz.squarespace.com
2	bam-cell.nr-data.net	js-agent.newrelic.com www.picpay.com
2	web-analytics0.com	traffic-monetizer.com
2	www.gstatic.com	www.google.com www.youtube.com
2	guestlistapp.com	2 redirects
2	js.braintreegateway.com	www.entireweb.com
2	etsy.me	2 redirects
2	gestyy.com	traffic-monetizer.com
2	wlmarathonbet.adsrv.eacdn.com	2 redirects
1	js-agent.newrelic.com	www.picpay.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	p.typekit.net	vermontbiz.squarespace.com
1	gum.criteo.com	static.criteo.net
1	static.criteo.net	dynamic.criteo.com
1	pj.l.a8723.com	8522863.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	adservice.google.com	8522863.fls.doubleclick.net
1	cx.atdmt.com	www.picpay.com
1	cdn.amplitude.com	traffic-monetizer.com
1	vars.hotjar.com	static.hotjar.com
1	dynamic.criteo.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.iplocate.io	widgets.entireweb.com
1	api64.ipify.org	widgets.entireweb.com
1	static.hotjar.com	www.picpay.com
1	s3-sa-east-1.amazonaws.com	www.picpay.com
1	ajax.googleapis.com	vermontbiz.squarespace.com
1	www.googleoptimize.com	www.marathonbet.co.uk
1	fonts.googleapis.com	www.marathonbet.co.uk
1	guestlist.co	vermontbiz.squarespace.com
1	www.etsy.com	traffic-monetizer.com
1	traffic-monetizer.com
261	57

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
www.deezer.com R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
etsy.com DigiCert Secure Site ECC CA-1	`2020-08-02` - `2021-11-01`	a year	crt.sh
*.picpay.com Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
entireweb.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh
secured2.san1.raxcdn.com R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-08-07` - `2021-08-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
widgets.entireweb.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
guestlist.co Amazon	`2020-04-09` - `2021-05-09`	a year	crt.sh
www.adplugg.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-02` - `2021-06-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.s3-sa-east-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-27` - `2021-09-01`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
web-analytics0.com R3	`2021-02-07` - `2021-05-08`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-01-29` - `2021-04-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
pj.l.a8723.com Amazon	`2020-07-16` - `2021-08-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 17 frames:

Primary Page: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Frame ID: 5819330936B0BF94EA2D0959C634AF01
Requests: 1 HTTP requests in this frame

Frame: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Frame ID: 45E76BE56C47C431C4B6F394D64E2644
Requests: 60 HTTP requests in this frame

Frame: https://www.deezer.com/us/playlist/8487933382
Frame ID: D5E2A64BCB0D1EBD2C21A79AFBA9D081
Requests: 1 HTTP requests in this frame

Frame: https://www.deezer.com/us/playlist/8487933382
Frame ID: F41BD9E31C32CBC59D032F9F102E2208
Requests: 1 HTTP requests in this frame

Frame: http://gestyy.com/etMyW0
Frame ID: 3B744326F783255C0BF8CC5C68233827
Requests: 1 HTTP requests in this frame

Frame: https://www.etsy.com/shop/DivineDesignsByKrys
Frame ID: D0BE8E7C1B9D14F624275169166A0F8E
Requests: 1 HTTP requests in this frame

Frame: https://www.picpay.com/convite?G9DK9C
Frame ID: CF1FA653FD27183B783F6549CAAC00F8
Requests: 48 HTTP requests in this frame

Frame: http://gestyy.com/etMyW0
Frame ID: D265AD60BAE4A27B849F34D6C442613B
Requests: 1 HTTP requests in this frame

Frame: https://www.entireweb.com/free_submission/?a=walawala
Frame ID: 15A23EA0620061BB6DE0F611E41FE858
Requests: 35 HTTP requests in this frame

Frame: http://vermontbiz.squarespace.com/2019-bob-winners/
Frame ID: 0C986BDE03BB0D09F7F7C3E5B53B6618
Requests: 44 HTTP requests in this frame

Frame: https://www.entireweb.com/free_submission/?a=walawala
Frame ID: E5B6D064FBB14F600D95081687D74170
Requests: 33 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E305BEC0B98DD31FBBC79B9FB2FF3489
Requests: 1 HTTP requests in this frame

Frame: https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Frame ID: 90BC06934DDBB2EE5D850FFCC1D7EFC0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Frame ID: 31E3C7242FD3820E58D688419DA565A9
Requests: 1 HTTP requests in this frame

Frame: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Frame ID: 89BED85BF2BAD2BFB182898DC816A822
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=traffic-monetizer.com
Frame ID: C52C9B5ED2D6FBCA03C771A94E15383B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TDVUpLMqjoI
Frame ID: 990CA362E5D8C4C065B1FE0AF19AAE00
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

261
Requests

84 %
HTTPS

56 %
IPv6

45
Domains

57
Subdomains

57
IPs

8
Countries

15421 kB
Transfer

22323 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wlmarathonbet.adsrv.eacdn.com/C.ashx?btag=a_10312b_66c_&affid=7269&siteid=10312&adid=66&c= HTTP 302
http://wlmarathonbet.adsrv.eacdn.com/C.ashx?btag=a_10312b_66c_&affid=7269&siteid=10312&adid=66&c=&AutoR=1 HTTP 302
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Request Chain 1

http://www.deezer.com/playlist/8487933382 HTTP 301
https://www.deezer.com/playlist/8487933382 HTTP 302
https://www.deezer.com/us/playlist/8487933382

Request Chain 2

http://www.deezer.com/playlist/8487933382 HTTP 301
https://www.deezer.com/playlist/8487933382 HTTP 302
https://www.deezer.com/us/playlist/8487933382

Request Chain 4

http://etsy.me/37IFRbs HTTP 302
https://etsy.me/37IFRbs HTTP 301
https://www.etsy.com/shop/DivineDesignsByKrys

Request Chain 5

http://www.picpay.com/convite?G9DK9C HTTP 301
https://www.picpay.com/convite?G9DK9C

Request Chain 7

http://www.entireweb.com/free_submission/?a=walawala HTTP 301
https://www.entireweb.com/free_submission/?a=walawala

Request Chain 9

http://www.entireweb.com/free_submission/?a=walawala HTTP 301
https://www.entireweb.com/free_submission/?a=walawala

Request Chain 68

http://guestlistapp.com/javascripts/guestlist-embed.js HTTP 301
https://guestlistapp.com/javascripts/guestlist-embed.js HTTP 301
https://guestlist.co/javascripts/guestlist-embed.js

Request Chain 122

http://vermontbiz.squarespace.com/storage/BOB%20Logo-Color-FINAL-sm.png HTTP 302
http://static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/BOB+Logo-Color-FINAL-sm.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 180

https://8522863.fls.doubleclick.net/activityi;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312 HTTP 302
https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312

Request Chain 184

https://www.facebook.com/tr/?id=173199046367883&ev=PageView&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&if=true&ts=1614409718954&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614409718591&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=4528061348418889873&f=AYzhYLFOrl186_611gNhmu8eVL6LYMfCaKqyr4CnvKC3miJy20JJHHe1wwZQxJ07c2hJuhAAE_Im12ZBJXM-ycSq&id=173199046367883&l=3&v=0

Request Chain 185

https://mc.yandex.ru/watch/28361181?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A303688808186%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A916855014%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings HTTP 302
https://mc.yandex.ru/watch/28361181/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A303688808186%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A916855014%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings

Request Chain 186

https://mc.yandex.ru/watch/21139201?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A1497298881667%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A1018225097%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings HTTP 302
https://mc.yandex.ru/watch/21139201/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A1497298881667%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A1018225097%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings

Request Chain 187

https://mc.yandex.ru/watch/45714030?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A1595709577030%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A892871772%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings HTTP 302
https://mc.yandex.ru/watch/45714030/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A1595709577030%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A892871772%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings

Request Chain 192

https://adservice.google.de/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312 HTTP 302
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312

Request Chain 211

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&cid=CAQSKQCNIrLMe1CJ75XW7xYbAc69NGhL4wZfH7K7qOhNgkNmnurWSTlz2eab&random=708676933&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&cid=CAQSKQCNIrLMe1CJ75XW7xYbAc69NGhL4wZfH7K7qOhNgkNmnurWSTlz2eab&random=708676933&resp=GooglemKTybQhCsO&ipr=y

Request Chain 218

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 219

http://vermontbiz.squarespace.com/storage/sba/background.jpg HTTP 302
http://static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/background.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 220

http://vermontbiz.squarespace.com/storage/VBM.bluecrimson.jpg?__SQUARESPACE_CACHEVERSION=1610029688812 HTTP 302
http://static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/VBM.bluecrimson.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 221

http://vermontbiz.squarespace.com/storage/Vermont%20Awards%202018%20Logo.jpg?__SQUARESPACE_CACHEVERSION=1523031326156 HTTP 302
http://static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/Vermont+Awards+2018+Logo.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 222

http://vermontbiz.squarespace.com/storage/Third%20Generation%20Design-Black%20type%20no%20shadow-Logo.png?__SQUARESPACE_CACHEVERSION=1554135287506 HTTP 302
http://static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/Third+Generation+Design-Black+type+no+shadow-Logo.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 223

http://vermontbiz.squarespace.com/storage/BOB%20Logo-Color-FINAL.png?__SQUARESPACE_CACHEVERSION=1554410075916 HTTP 302
http://static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/BOB+Logo-Color-FINAL.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 242

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0397.jpg?pictureId=21858487 HTTP 302
http://static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/vbm+bob+awards_050719_0397.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 243

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0083.jpg?pictureId=21858387 HTTP 302
http://static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/vbm+bob+awards_050719_0083.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 244

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0095.jpg?pictureId=21858388 HTTP 302
http://static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/vbm+bob+awards_050719_0095.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 256

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0145.jpg?pictureId=21858389 HTTP 302
http://static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/vbm+bob+awards_050719_0145.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 257

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0150.jpg?pictureId=21858390 HTTP 302
http://static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/vbm+bob+awards_050719_0150.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

Request Chain 258

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0153.jpg?pictureId=21858391 HTTP 302
http://static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/vbm+bob+awards_050719_0153.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

261 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request cg.php Show response
traffic-monetizer.com/ 2 KB
1 KB 860ms
813ms Document
text/html 213.252.246.142
IST-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Protocol

HTTP/1.1

Server

213.252.246.142 , Lithuania, ASN61272 (IST-AS, LT),

Reverse DNS

7401-15047.bacloud.info

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16

Resource Hash

570cb7ef4ecb9410b4297f56d1a53fd54bb4246d62951f4c5e67388a5a2419a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Host: traffic-monetizer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:10:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: ALLOWALL
X-Content-Type-Options: nosniff
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 609
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2

200

welcome Show response
www.marathonbet.co.uk/landings/ Frame 45E7
Redirect Chain

http://wlmarathonbet.adsrv.eacdn.com/C.ashx?btag=a_10312b_66c_&affid=7269&siteid=10312&adid=66&c=
http://wlmarathonbet.adsrv.eacdn.com/C.ashx?btag=a_10312b_66c_&affid=7269&siteid=10312&adid=66&c=&AutoR=1
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

14 KB
4 KB

283ms
267ms

Document
text/html

2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Requested by

Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de4b2283ede55ceb23ed2327147479c3cc1abfe0b6076aa4277dcb0b870ec17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.marathonbet.co.uk
:scheme: https
:path: /landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d1864484d2ae1b2e8666b627bde077b7a1614409717; expires=Mon, 29-Mar-21 07:08:37 GMT; path=/; domain=.marathonbet.co.uk; HttpOnly; SameSite=Lax puid=rBAp3WA57/WrByL8A0Q7Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.marathonbet.co.uk; path=/
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
last-modified: Fri, 26 Feb 2021 08:20:01 GMT
cache-status: EXPIRED
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 0883ea6df0000024883d198000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6280135cb8972488-FRA
content-encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 27 Feb 2021 07:08:36 GMT
Connection: close
Content-Length: 214
Vary: Accept-Encoding

GET
H2

200

8487933382
www.deezer.com/us/playlist/ Frame D5E2
Redirect Chain

http://www.deezer.com/playlist/8487933382
https://www.deezer.com/playlist/8487933382
https://www.deezer.com/us/playlist/8487933382

0
0

123ms
122ms

Document
text/html

184.86.103.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deezer.com/us/playlist/8487933382

Requested by

Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-199.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.deezer.com
:scheme: https
:path: /us/playlist/8487933382
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sid=fr14291c04169d921748df1b465a53730e34524c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-frame-options: SAMEORIGIN
content-security-policy-report-only: upgrade-insecure-requests ; report-uri /csp-report block-all-mixed-content ; report-uri /csp-report
access-control-allow-origin: https://twitter.com
link: <https://e-cdns-files.dzcdn.net/cache/js/runtime.ec3ad2da6a5ddac3f72a.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/js/legacy.8f02eaccedfd961d02de.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/js/app-web.262ab55ced6ed5f85fdb.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/css/sass_c/app-web.5640e2c0bcc9affee6e0.css>; as="style"; rel="preload"; nopush
content-encoding: gzip
x-host: blm-web-78
x-ua-compatible: IE=edge,chrome=1,requiresActiveX=true
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
x-akamai-transformed: 9 - 0 pmb=mTOE,3
date: Sat, 27 Feb 2021 07:08:37 GMT
vary: Accept-Encoding
set-cookie: sid=fr14291c04169d921748df1b465a53730e34524c; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None dzr_uniq_id=dzr_uniq_id_fr7c97d9c32a57a58bbe13b74a35b4d0dcc5fc02; expires=Thu, 26-Aug-2021 07:08:37 GMT; Max-Age=15552000; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None ak_bmsc=44E411A5EDBC3518EDB526F860DDFA88B85666C783040000F5EF396052B6440E~plgbdWtulYYFmlT3KEX7hmNJjOsSqIvYi+M0H7wPfx9pmOD5wubQtm+hIUA6OaEZU/zMdKDrpr2hSR+XdfTtEkvq0F7lmGz5V64j1/hrrLcP8HR4oZUDw02cG9Do5vFLtW6MUUAtk8fEPH4vjY65bd2cjo69iBiwQWEMtfc4S+t7skQo/X81TLw6ZByBDUq+VfS3lMXwqociIhOw77WGPFeGiYv6EFwDW5BMykh0IrT/k=; expires=Sat, 27 Feb 2021 09:08:37 GMT; max-age=7200; path=/; domain=.deezer.com; HttpOnly bm_mi=D0322839470B198E58379AA3EE0FAF4D~wvMTzzTfjRrRjlY+CXh2MdMSFebM+mRxGjGPZjhmIBnFI3GtUa/fMH6LiUB3nuXVZ1wZaC0IbeiSN6JVm7MfRWjjzjftgbE449v2O/7Uqk4Uj4n2aHdIUvjibMqqVT5HbO3xiOpmO8AKMRqAKFZkg8uafTIqhG2wvZYDEaS5/5FzwrR9zSS9xmsP/djwdwTcZW1hg8n+eCCWCinYZojTDbTadwIp9styU6xtcI2iURDY4YmFcCMSZ1B6vilan1dJ; Domain=.deezer.com; Path=/; Max-Age=0; HttpOnly bm_sz=F30D39C85E01978504E0F0160B061460~YAAQx2ZWuN5zwbZ3AQAAXFZR4grEe7YKgk8gOGpUfgyiEmZoSjdpGn5niGng1//RQuhdQQW/t+I+spQdqBbAXgJ3DwUD6m8/O+Xuizc90UPi8PfBNEPmyiIQSS8PBYAuTEgqrussduzqI36JMoheauYIpbh9mgsZ3e/VfkbiGvTAke+pbm+5b+fMweEPaMc=; Domain=.deezer.com; Path=/; Expires=Sat, 27 Feb 2021 11:08:37 GMT; Max-Age=14400; HttpOnly _abck=19B0B172BC88A6B8F99F0162CB558144~-1~YAAQx2ZWuN9zwbZ3AQAAXFZR4gVLOnkyJuUy3nQfUV1Iy+AP/1NuB05Q5z5w8Lc8EeQRg8QriUfG3EbHHmmsDJTo61HofsUnfAVrRl38pkkTlgdKI/WcFGlWTXaVaBwvPspV/bG6JLk9NjpyfsZFm+dhQ+BE88Hgz8HD/GkgHgMmG9jtL0jHUZCy687SCD0XV4jYH3ujd47FffTZGUdlk0AebYQKC3EpL9LhGnJEFEHYrxnA/OhlKLLWkkLFQoMMBLMn3rCHJAg+Q6t4k2ITNM887W4aMkQyK+M7rAoeGlskuutJmmPxxNV+dWV4sgUecxHl28CGBnj51tKKzg18whIo3wD9v+29h3R+O+zBHtb4L99RGL0vA9MF0y0=~-1~-1~-1; Domain=.deezer.com; Path=/; Expires=Sun, 27 Feb 2022 07:08:37 GMT; Max-Age=31536000; Secure
x-org: FR

Redirect headers

server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-frame-options: SAMEORIGIN
location: /us/playlist/8487933382
x-host: blm-web-117
x-ua-compatible: IE=edge,chrome=1,requiresActiveX=true
x-content-type-options: nosniff
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 27 Feb 2021 07:08:37 GMT
set-cookie: sid=fr14291c04169d921748df1b465a53730e34524c; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None ak_bmsc=BA10DC18DBCC44BEBA9F9AC8F2166C90B85666C783040000F5EF39609D81752E~pl3pDMpAyeRuj/vu1nEdxbMV9fOQAPvzdprbAHfT0bs65dc4WuMhLVdlzntdbQJdPebpPo4QFR2Imb4S1q1NPZa6wtopQhK72VQu/9I3BxfDtQc09/CyM+5sKb4CeuQyCT23+nY6ne3ta2cBObVW6i9xuh8fp52ivB2+XLsga9T9C+kwh5+Ax2Q1bxMsPH9WzQw0UoAiGePtXRjLCIrJ/DvuJNo7t8KlZfYtMEoMTlHvc=; expires=Sat, 27 Feb 2021 09:08:37 GMT; max-age=7200; path=/; domain=.deezer.com; HttpOnly bm_sz=432BD663AAA16A01E6FCDC4D75BC4A90~YAAQx2ZWuNJzwbZ3AQAA61VR4gryXPWLMuOF76V1MGB3TljiNpy6mldOLz45qjSkgujGvlMnfLhZbVtqnQ+Yrxz63tSHYCPZILPirCrCmFRuBBCdUIjMiooh20LzyMd3tGULrAaHVPPjeXSJZX7bt8O13IBpJjjxiWKWWcstq+SBS8ocCrh86+MXDiqn7Hxz; Domain=.deezer.com; Path=/; Expires=Sat, 27 Feb 2021 11:08:37 GMT; Max-Age=14400; HttpOnly _abck=70AA28E2EF7CBC2FEE3A9BB6EE409733~-1~YAAQx2ZWuNNzwbZ3AQAA61VR4gXTSKed1i7psfv8qeekAcqxODEJht3X6ERw5hs9wFvBjc2x0x1FQ7RGDTmKSlDN6vGUoxIrAjQZQvieURo3dEWE8OxqcBdhFhRBlB+P2e8/Cw+/Do2Yt/dlKKE8niTnN04n7dnpjroi+87kR7pNAbzNsO1WrEmTHzaeu2kghz8fLC6gCRhtw5RaI5qgkoameMkrLkTEb8h8Bse6VzZcALEGdTiZ5BQwE6YSyS4eAI1FSFrmrScS3xYwf4aYbdMB1h3XEWowkYPqa4LDiX3p6JndfaZ3+GzgP0uTuGdsdLT5L2fSWMIs6MTkvu5eb/oGrP9jASsAJdFc/tktee62+VfuB9TnRJJ4ISY=~-1~-1~-1; Domain=.deezer.com; Path=/; Expires=Sun, 27 Feb 2022 07:08:37 GMT; Max-Age=31536000; Secure
x-org: FR

GET
H2

200

8487933382
www.deezer.com/us/playlist/ Frame F41B
Redirect Chain

http://www.deezer.com/playlist/8487933382
https://www.deezer.com/playlist/8487933382
https://www.deezer.com/us/playlist/8487933382

0
0

95ms
94ms

Document
text/html

184.86.103.199
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deezer.com/us/playlist/8487933382

Requested by

Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-199.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.deezer.com
:scheme: https
:path: /us/playlist/8487933382
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sid=frb99de62bf19daf10694a1abc2a90250cceade6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-frame-options: SAMEORIGIN
content-security-policy-report-only: upgrade-insecure-requests ; report-uri /csp-report block-all-mixed-content ; report-uri /csp-report
access-control-allow-origin: https://twitter.com
link: <https://e-cdns-files.dzcdn.net/cache/js/runtime.ec3ad2da6a5ddac3f72a.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/js/legacy.8f02eaccedfd961d02de.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/js/app-web.262ab55ced6ed5f85fdb.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/css/sass_c/app-web.5640e2c0bcc9affee6e0.css>; as="style"; rel="preload"; nopush
content-encoding: gzip
x-host: blm-web-84
x-ua-compatible: IE=edge,chrome=1,requiresActiveX=true
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
x-akamai-transformed: 9 - 0 pmb=mTOE,3
date: Sat, 27 Feb 2021 07:08:37 GMT
vary: Accept-Encoding
set-cookie: sid=frb99de62bf19daf10694a1abc2a90250cceade6; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None dzr_uniq_id=dzr_uniq_id_fr653c083b8687c7adce667d08a63268a04954b8; expires=Thu, 26-Aug-2021 07:08:37 GMT; Max-Age=15552000; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None ak_bmsc=9D38D35582803BEA35E2C632C9044484B85666C783040000F5EF396070E2767E~plS4rWWzrHR7ttOpDWXF3pUWkfzYlIwSfo40R5UE5DmEQm0fQgplcAZkdrwkMILphV6rxal+HAxXOgj58sAZ+m9BOxNMqeaCPPSHYWg14ToFQlGkLXZsQvKkLeZVy0IOwXHIOAMEB3XViOG3x3P0RK3+UR887eC+8PrjzVGM3QtAi7FLeerxxBNzrHRIkbKeQ6+0pprYcaTmyaU+05Ra3uQZQKeLiHETtjJgf1+TeCpms=; expires=Sat, 27 Feb 2021 09:08:37 GMT; max-age=7200; path=/; domain=.deezer.com; HttpOnly bm_mi=805EF228757C4E3CA435FC2E1E1A7F72~wvMTzzTfjRrRjlY+CXh2MVchipyAPUJz8ehePQMSWRNYcEzKEo0lUWOfja080fxUX1qTv8nxWN11hMA0VTUb/IepEfQZeNVeFYfU5gY7xCogsGrFKTM4U0DA5MXsxwLpFDpsyzHXxsrzObjTMmEtaS0gmBwb2iA9r5IttBnK2EXc5RgxR2/uSAapN5OX+4Pac21iY7dHdX4aKqhBJUSsXi1RxjzT1Bh8ktJto1sR5a2uT07b8Pz3f70HRUyr+GGQ; Domain=.deezer.com; Path=/; Max-Age=0; HttpOnly bm_sz=4449AB097CEBDE3052BB71E4F07FF7D9~YAAQx2ZWuNpzwbZ3AQAAQ1ZR4go9VJquUElkZd0CHi1HNZf/WkoniaJ1SPYVTXlSQo4mcnQMpamD3D/jb1G9iI6CTq5fx1GxqA/txlR+CNav/zaZtjF/GZOcKpyhZSbTnJ9bnAa1wSHbiCYTwtk3SQRzT9a5NyJqQdc3pdpjfbqd0NhySdSEk9BVeHv1Jrg=; Domain=.deezer.com; Path=/; Expires=Sat, 27 Feb 2021 11:08:37 GMT; Max-Age=14400; HttpOnly _abck=5CDF9A7004BADCF30BF64717C3592799~-1~YAAQx2ZWuNtzwbZ3AQAAQ1ZR4gUgcn2cDfpgd6JmAyOK44l2M3RxVPFHMDWEHDjYfJH6uFMJya5/pix0/aMGfPtl19yRuw+/eifWA4Sl3B1WWjMilrgEit1uvkQBNj2BD+PmgGb5/aQrd8OAjut9N8IteWtJ2rszXIzfgw7hVMtZBHC9lfp0eK9QnK9R13EuLoYQ83KpVh8EbChfGxoMpoGLH6dMUKnpXiX96Jt0wfzOGkHC9PJHTqIx5r+CBnwg4MatjiTjxY9A20QwHoA3T6Wf9ehIw996CsiIXdPN8WqPlnEP/acKll52tblCmJBeU8dkX7AqgFAzIjffD0ajSiIRYm/AOknr3LdjNGUi6ZOxMGGzMpjoIn51GrA=~-1~-1~-1; Domain=.deezer.com; Path=/; Expires=Sun, 27 Feb 2022 07:08:37 GMT; Max-Age=31536000; Secure
x-org: FR

Redirect headers

server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-frame-options: SAMEORIGIN
location: /us/playlist/8487933382
x-host: blm-web-49
x-ua-compatible: IE=edge,chrome=1,requiresActiveX=true
x-content-type-options: nosniff
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 27 Feb 2021 07:08:37 GMT
set-cookie: sid=frb99de62bf19daf10694a1abc2a90250cceade6; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None ak_bmsc=835F1E27EE857CF3E8428A99195736DEB85666C783040000F5EF3960D2147C7C~plinbYyE9uh/7xLXmDoGlj/Q40xT51Wnd9fgslGwALQFcaet9JECg4TOuccA1E1H3fpEFUVg1cR4+DTTFfdoCUCaB49EzQAdQcX0JfkAaXNXrMVVNs2j6vtP1SegB+heqNta4xFuHgpCyynmaXVRSQmlEUNUQIHqkF7/ivqv344U/lF4JClimp44fOVdir9t4s6H6BiQ4U0Touja1L18TJuazOHUYNDAJmvgvvbS98adU=; expires=Sat, 27 Feb 2021 09:08:37 GMT; max-age=7200; path=/; domain=.deezer.com; HttpOnly bm_sz=FCBF58F786C7BD360E0C5393C6C4BB27~YAAQx2ZWuM5zwbZ3AQAA5FVR4goSWVKnLN+Ng2Ajec4TmzZzmHgdx2ZW8L3Xpsdc0y0ZXTqNxb4+4tDtwI/J3Mmczj1i3aEQX98U2JZnmrCA6sR0H695149Om/71ttyc2zapsmbtMUAlBxdCWcUOVeV8ZOllLDxdK0egEVOfkTf8yEZfUW1lwwMKkmgmdrNA; Domain=.deezer.com; Path=/; Expires=Sat, 27 Feb 2021 11:08:37 GMT; Max-Age=14400; HttpOnly _abck=2131966375A6026DE1E9F98C164A0F19~-1~YAAQx2ZWuM9zwbZ3AQAA5FVR4gUWFEH0ddYPMPHClESDn/hTajbWrq0t4vXDwE83kHxidip3Ubp6ukjYiIu6adbGmXTR3Naah0XIrrvCJd4vYH8m47/wZd38QCnwiwNd5MabIK6lR7jQbytPMJvRXx+eiGhdmz0NCZxYdQRiZl4yhfFzW7sSH7kl4zGwEQ0+daSFsf+KZdfOG+60ek7wC1+KRLHsvYVP3NhN87CR51/0/D4hmh/llKUzdaQXnZfoDTqdKoUXi76xMzR7tlb41ojTgNSa4ySEjuxpQm8G8bOGlAMUe0P56YmUQYExLRxmsKPVpoGXCm2oCShRCbMsp0kNhElfH8jOuAMqshKyL12/GxpFkW0+DR8Nn08=~-1~-1~-1; Domain=.deezer.com; Path=/; Expires=Sun, 27 Feb 2022 07:08:37 GMT; Max-Age=31536000; Secure
x-org: FR

GET
H/1.1 200
OK Cookie set etMyW0
gestyy.com/ Frame 3B74 0
0 163ms
151ms Document
text/html 2606:4700:20::681a:89b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gestyy.com/etMyW0

Requested by

Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Protocol

HTTP/1.1

Server

2606:4700:20::681a:89b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40-0+deb8u13

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Host: gestyy.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

Date: Sat, 27 Feb 2021 07:08:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df134763eee4a9d2be549001697c578c31614409717; expires=Mon, 29-Mar-21 07:08:37 GMT; path=/; domain=.gestyy.com; HttpOnly; SameSite=Lax PHPSESSID=g6jgp6e3ckpa1akidgd10108c4; expires=Sat, 27-Feb-2021 08:08:37 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly hl=en; expires=Sun, 27-Feb-2022 07:08:37 GMT; Max-Age=31536000; path=/ referrer_url=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0; expires=Sun, 28-Feb-2021 07:08:37 GMT; Max-Age=86400; path=/; httponly cookies-enable=1; path=/; httponly
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40-0+deb8u13
Cache-Control: no-cache
X-Frame-Options: DENY
X-Server-ID: shn13
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
cf-request-id: 0883ea6d1e00004e68f338f000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DgFsBQVhXTq4OQg9b0BCQ1uwQXk2dz3jOz0Ssqe4hqBNrBU3pX0S6ZEnQo3i96MJHkwmr8U23DNhVZq8yHJwPjB5yiES8sfMt708Qk2kX220A3JOHbnx"}],"max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6280135b68364e68-FRA
Content-Encoding: gzip

GET
H2

429

DivineDesignsByKrys Show response
www.etsy.com/shop/ Frame D0BE
Redirect Chain

http://etsy.me/37IFRbs
https://etsy.me/37IFRbs
https://www.etsy.com/shop/DivineDesignsByKrys

0
516 B

282ms
204ms

Document
text/html

104.108.33.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.etsy.com/shop/DivineDesignsByKrys
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.33.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-33-242.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: www.etsy.com
:scheme: https
:path: /shop/DivineDesignsByKrys
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server: Apache
x-cloud-trace-context: 284dd1caf5f280cfb1970195a24e542d/16825229391293569383;o=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/html; charset=UTF-8
x-akamai-http2: True
date: Sat, 27 Feb 2021 07:08:37 GMT
set-cookie: uaid=IzK2xU_Fvw3bOKL3BRGKXD_jcpFjZACCBMv3X2F0tVJpYmaKkpWSRVFaoWtaYEqhuXFAfrBFQV5ZWJF3aYBpfm5FsVItAwA.; expires=Sun, 27-Feb-2022 07:08:37 GMT; Max-Age=31536000; path=/; domain=.etsy.com; secure; SameSite=None user_prefs=8omxj4vY7olSOnjCQqagxfiFBnBjZACCBMv3X2F0dF5pTo4OeUQsAwA.; expires=Sun, 27-Feb-2022 07:08:37 GMT; Max-Age=31536000; path=/; domain=.etsy.com

Redirect headers

cache-control: private, max-age=90
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sat, 27 Feb 2021 07:08:37 GMT
location: https://www.etsy.com/shop/DivineDesignsByKrys
referrer-policy: unsafe-url
server: nginx
set-cookie: _bit=l1r78B-0e09faa3c77e3696aa-00t; Domain=etsy.me; Expires=Thu, 26 Aug 2021 07:08:37 GMT
strict-transport-security: max-age=1209600
content-length: 132

GET
H2

200

convite Show response
www.picpay.com/ Frame CF1F
Redirect Chain

http://www.picpay.com/convite?G9DK9C
https://www.picpay.com/convite?G9DK9C

91 KB
24 KB

501ms
288ms

Document
text/html

52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picpay.com/convite?G9DK9C
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 / PHP/7.2.11
Resource Hash: 8a6a21ecbbcb8881fc6d52ce3724e0deec4e72be594d2041aa01ab8d37800260

Request headers

:method: GET
:authority: www.picpay.com
:scheme: https
:path: /convite?G9DK9C
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.12.2
x-powered-by: PHP/7.2.11
cache-control: no-cache, private
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

Server: awselb/2.0
Date: Sat, 27 Feb 2021 07:08:37 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://www.picpay.com:443/convite?G9DK9C

GET
H/1.1 200
OK Cookie set etMyW0
gestyy.com/ Frame D265 0
0 158ms
152ms Document
text/html 2606:4700:20::681a:89b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://gestyy.com/etMyW0

Requested by

Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Protocol

HTTP/1.1

Server

2606:4700:20::681a:89b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40-0+deb8u13

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Host: gestyy.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

Date: Sat, 27 Feb 2021 07:08:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dc2eb4f848a7ccc4595e01ed4e2a23dcb1614409717; expires=Mon, 29-Mar-21 07:08:37 GMT; path=/; domain=.gestyy.com; HttpOnly; SameSite=Lax PHPSESSID=c7dh9erlrhsj7pec46bkl4hjr2; expires=Sat, 27-Feb-2021 08:08:37 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly hl=en; expires=Sun, 27-Feb-2022 07:08:37 GMT; Max-Age=31536000; path=/ referrer_url=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0; expires=Sun, 28-Feb-2021 07:08:37 GMT; Max-Age=86400; path=/; httponly cookies-enable=1; path=/; httponly
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40-0+deb8u13
Cache-Control: no-cache
X-Frame-Options: DENY
X-Server-ID: shn06
X-UA-Compatible: IE=Edge
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
cf-request-id: 0883ea6d1d000005e4d304d000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ya7pNfj2oN7%2BGo19JFifmfMX49BmEKFlrxvwIqREDoXaf%2F4TAqO2DezBkW7%2Fm4LTXXxYNSd2R84NdvnN5ayiAbBs%2F861i9nfxwRDZSf0tIEw3GEgm4rc"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6280135b681c05e4-FRA
Content-Encoding: gzip

GET
H2

200

/ Show response
www.entireweb.com/free_submission/ Frame 15A2
Redirect Chain

http://www.entireweb.com/free_submission/?a=walawala
https://www.entireweb.com/free_submission/?a=walawala

17 KB
5 KB

124ms
43ms

Document
text/html

162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/?a=walawala
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PHP/7.3.27 PleskLin
Resource Hash: 9fb983c60584ed2f5a3e59d288666a46cf252621c0acd82870ed4910abdd0167

Request headers

:method: GET
:authority: www.entireweb.com
:scheme: https
:path: /free_submission/?a=walawala
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server: nginx
date: Sat, 27 Feb 2021 07:08:37 GMT
content-type: text/html; charset=UTF-8
content-length: 5140
x-powered-by: PHP/7.3.27 PleskLin
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 27 Feb 2021 07:08:37 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.entireweb.com/free_submission/?a=walawala

GET
H/1.1 200
OK Cookie set / Show response
vermontbiz.squarespace.com/2019-bob-winners/ Frame 0C98 485 KB
486 KB 267ms
240ms Document
text/html 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 8dc23d8b8bef5be2be8313bc6d8ab885209b0f3465cfea46567a8a64b37c3021

Request headers

Host: vermontbiz.squarespace.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

Content-Type: text/html;charset=UTF-8
Date: Sat, 27 Feb 2021 07:08:36 GMT
Server: Squarespace
Set-Cookie: JSESSIONID=3CD516541F85507334F390D60B76BF69.v5-web019; Path=/; HttpOnly
X-Contextid: cRXylrsX/0Ob6lUDU
Transfer-Encoding: chunked

GET
H2

200

/ Show response
www.entireweb.com/free_submission/ Frame E5B6
Redirect Chain

http://www.entireweb.com/free_submission/?a=walawala
https://www.entireweb.com/free_submission/?a=walawala

17 KB
5 KB

138ms
58ms

Document
text/html

162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/?a=walawala
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PHP/7.3.27 PleskLin
Resource Hash: 9fb983c60584ed2f5a3e59d288666a46cf252621c0acd82870ed4910abdd0167

Request headers

:method: GET
:authority: www.entireweb.com
:scheme: https
:path: /free_submission/?a=walawala
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: http://traffic-monetizer.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server: nginx
date: Sat, 27 Feb 2021 07:08:37 GMT
content-type: text/html; charset=UTF-8
content-length: 5140
x-powered-by: PHP/7.3.27 PleskLin
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 27 Feb 2021 07:08:37 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.entireweb.com/free_submission/?a=walawala

GET
H2 200 fa-brands-400.woff2
www.entireweb.com/include/webfonts/ Frame 15A2 73 KB
73 KB 46ms
44ms Font
font/woff2 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-brands-400.woff2
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
etag: "5c3c5631-12230"
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 74288

GET
H2 200 fa-brands-400.woff
www.entireweb.com/include/webfonts/ Frame 15A2 85 KB
85 KB 81ms
79ms Font
font/woff 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-brands-400.woff
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: eb098ff1725c8819ea67b54d857b6574d20ccfbb2cc451c1fab85fb4d968a62d

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
etag: "5c3c5631-15408"
content-type: font/woff
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 87048

GET
H2 200 fa-brands-400.ttf
www.entireweb.com/include/webfonts/ Frame 15A2 131 KB
131 KB 94ms
92ms Font
application/font-sfnt 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-brands-400.ttf
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b52e41923dfdc250e4f7914afab339390b49f6834e158e0294cddf71c8f6248b

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-20c10"
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 134160

GET
H2 200 fa-solid-900.woff2
www.entireweb.com/include/webfonts/ Frame 15A2 77 KB
77 KB 93ms
91ms Font
font/woff2 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-solid-900.woff2
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
etag: "5c3c5631-134fc"
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 79100

GET
H2 200 fa-solid-900.woff
www.entireweb.com/include/webfonts/ Frame 15A2 100 KB
100 KB 93ms
91ms Font
font/woff 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-solid-900.woff
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: e14bf8513c6848f983ed24852e9700dec95589b748e26bacd6b2ca7dc9bb2aee

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
etag: "5c3c5631-18f50"
content-type: font/woff
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 102224

GET
H2 200 fa-solid-900.ttf
www.entireweb.com/include/webfonts/ Frame 15A2 204 KB
204 KB 93ms
92ms Font
application/font-sfnt 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-solid-900.ttf
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2e9112db77640346bf93bc6031a2e2ede793324533273de02c61345d39b70d26

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-32f98"
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 208792

GET
H2 200 jquarymerge.min.js Show response
cdn.entireweb.com/include/js/ Frame 15A2 253 KB
79 KB 16ms
14ms Script
application/javascript 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.entireweb.com/include/js/jquarymerge.min.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c387866-3f4f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10368
content-length: 80832

GET
H2 200 font-awesome.css
cdn.entireweb.com/include/css/ Frame 15A2 26 KB
5 KB 144ms
12ms Stylesheet
text/css 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.entireweb.com/include/css/font-awesome.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2019 15:15:36 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c94fc18-681b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=7094
content-length: 5372

GET
H2 200 all.min.css
www.entireweb.com/include/css/ Frame 15A2 53 KB
11 KB 92ms
91ms Stylesheet
text/css 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/css/all.min.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8e94f635ea6201ba815e302c25cb450470f598c880c1a5abe9fe43716a0d310b

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Wed, 18 Dec 2019 14:18:48 GMT
server: nginx
etag: W/"5dfa3548-d23a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public

GET
H2 200 dropin.min.js Show response
js.braintreegateway.com/web/dropin/1.20.0/js/ Frame 15A2 351 KB
90 KB 193ms
51ms Script
application/javascript 13.225.80.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-5.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 50eb773d3595b8f6bde7493ea0a2f5641b4b39e5a00794521dd66182aeab95f0

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 04:48:20 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 21:50:36 GMT
server: nginx
age: 8417
etag: W/"603578ac-57ba8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 6Sx5h3Gr0zsdfhwCTekSRcV7TSYSDr4mpdTt0XRdQSnzIgI4h-jhMg==
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
expires: Sun, 28 Feb 2021 04:48:20 GMT

GET
H2 200 temp-style.css
cdn.entireweb.com/include/css/ Frame 15A2 37 KB
7 KB 151ms
20ms Stylesheet
text/css 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.entireweb.com/include/css/temp-style.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 153b9acda7f4103288cef31539fe07f09838f0867d72055145e4159eb08dc357

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Jan 2019 10:44:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c6815-9479"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=74092
content-length: 6832

GET
H2 200 ew.css
www.entireweb.com/free_submission/ Frame 15A2 41 KB
9 KB 92ms
91ms Stylesheet
text/css 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/ew.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2d78993263ae95bb823d1c9321ad49d09a7341bd291cca56f9a379b8479c15c2

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
etag: W/"5c387866-a40f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public

GET
H2 200 css.css
www.entireweb.com/free_submission/ Frame 15A2 12 KB
2 KB 92ms
91ms Stylesheet
text/css 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/css.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 982a7e02d9bc3463ea7470fcb2b83104b9134b0b6bd3dcf0998358e5aa0f4a0f

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
etag: W/"5c387866-301b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public

GET
H2 200 mobileburger.css
www.entireweb.com/free_submission/ Frame 15A2 4 KB
1 KB 92ms
91ms Stylesheet
text/css 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/mobileburger.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: e9dc680d1306408adb91dafb9214df61b5ded783b4976ced63731fc19c7e046d

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Tue, 22 Oct 2019 12:52:56 GMT
server: nginx
etag: W/"5daefba8-1008"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 15A2 98 KB
39 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-263233-10

Requested by

Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec20bde78d0a630c4755d188de6934dce2db9c29a688f5e975d85a9067573232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39436
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H/1.1 200
OK IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ Show response
widgets.entireweb.com/pixel/ Frame 15A2 77 KB
8 KB 364ms
132ms Script
application/javascript 54.163.155.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.163.155.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-155-157.compute-1.amazonaws.com
Software: Apache/2.4.43 (Unix) OpenSSL/1.1.1d / PHP/7.4.7
Resource Hash: 843a0e84fb001c79fb2b24c58279d267f17f4dde3923324dc16ca1852aef4637

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Content-Encoding: gzip
Server: Apache/2.4.43 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.7
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 8064
Expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 entireweb-web-search-engine-toplogo.png
cdn.entireweb.com/include/img/ Frame 15A2 10 KB
10 KB 16ms
14ms Image
image/png 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.entireweb.com/include/img/entireweb-web-search-engine-toplogo.png
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b62877eb46f9bb55b2b29b75105ea33e8ae5ac8f170f2d15982a728aca2fd902

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-26c9"
content-type: image/png
cache-control: public, max-age=223126
accept-ranges: bytes
content-length: 9929

GET
H2 200 820x574-intro-searchengines.png
cdn.entireweb.com/include/img/ Frame 15A2 275 KB
276 KB 16ms
14ms Image
image/png 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.entireweb.com/include/img/820x574-intro-searchengines.png
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: da98c5459e194aef5e59d5d91c86b855b0fbdaf045f0b01b6573191511fb9831

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-44b1e"
content-type: image/png
cache-control: public, max-age=225200
accept-ranges: bytes
content-length: 281374

GET
H2 200 jz06nf Show response
affiliate.entireweb.com/scripts/ Frame 15A2 31 KB
7 KB 578ms
263ms Script
application/javascript 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.entireweb.com/scripts/jz06nf
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 12:06:38 GMT
x-srv: 3
age: 65
etag: W/"7b51-5b5a24efbaf80"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (1.lb-app.pap.linode-us-tx)
cache-control: max-age=120
x-varnish: 217128648 217295504
accept-ranges: bytes
content-length: 7147
server: nginx
expires: Sat, 27 Feb 2021 07:09:32 GMT

GET
H2 200 jquarymerge.min.js Show response
www.entireweb.com/include/js/ Frame 15A2 253 KB
75 KB 67ms
64ms Script
application/javascript 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/js/jquarymerge.min.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
etag: W/"5c387866-3f4f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public

GET
H2 200 js.js Show response
www.entireweb.com/free_submission/ Frame 15A2 228 B
331 B 68ms
65ms Script
application/javascript 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/js.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1736659eb7e9d4ad2043a76bb4d23a5591677c4614c5dbf407ac30f303bb8a28

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
etag: W/"5c387866-e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public

GET
H2 200 fa-brands-400.woff2
www.entireweb.com/include/webfonts/ Frame E5B6 73 KB
73 KB 78ms
77ms Font
font/woff2 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-brands-400.woff2
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
etag: "5c3c5631-12230"
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 74288

GET
H2 200 fa-brands-400.woff
www.entireweb.com/include/webfonts/ Frame E5B6 85 KB
85 KB 78ms
77ms Font
font/woff 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-brands-400.woff
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: eb098ff1725c8819ea67b54d857b6574d20ccfbb2cc451c1fab85fb4d968a62d

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
etag: "5c3c5631-15408"
content-type: font/woff
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 87048

GET
H2 200 fa-brands-400.ttf
www.entireweb.com/include/webfonts/ Frame E5B6 131 KB
131 KB 78ms
77ms Font
application/font-sfnt 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-brands-400.ttf
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b52e41923dfdc250e4f7914afab339390b49f6834e158e0294cddf71c8f6248b

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-20c10"
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 134160

GET
H2 200 fa-solid-900.woff2
www.entireweb.com/include/webfonts/ Frame E5B6 77 KB
77 KB 77ms
76ms Font
font/woff2 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-solid-900.woff2
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
etag: "5c3c5631-134fc"
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 79100

GET
H2 200 fa-solid-900.woff
www.entireweb.com/include/webfonts/ Frame E5B6 100 KB
100 KB 77ms
76ms Font
font/woff 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-solid-900.woff
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: e14bf8513c6848f983ed24852e9700dec95589b748e26bacd6b2ca7dc9bb2aee

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
etag: "5c3c5631-18f50"
content-type: font/woff
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 102224

GET
H2 200 fa-solid-900.ttf
www.entireweb.com/include/webfonts/ Frame E5B6 204 KB
204 KB 115ms
113ms Font
application/font-sfnt 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/webfonts/fa-solid-900.ttf
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2e9112db77640346bf93bc6031a2e2ede793324533273de02c61345d39b70d26

Request headers

Origin: https://www.entireweb.com
Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-32f98"
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 208792

GET
H2 200 jquarymerge.min.js Show response
cdn.entireweb.com/include/js/ Frame E5B6 253 KB
79 KB 12ms
11ms Script
application/javascript 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.entireweb.com/include/js/jquarymerge.min.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c387866-3f4f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10368
content-length: 80832

GET
H2 200 font-awesome.css
cdn.entireweb.com/include/css/ Frame E5B6 26 KB
5 KB 128ms
13ms Stylesheet
text/css 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.entireweb.com/include/css/font-awesome.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2019 15:15:36 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c94fc18-681b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=7094
content-length: 5372

GET
H2 200 all.min.css
www.entireweb.com/include/css/ Frame E5B6 53 KB
11 KB 76ms
75ms Stylesheet
text/css 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/css/all.min.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8e94f635ea6201ba815e302c25cb450470f598c880c1a5abe9fe43716a0d310b

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Wed, 18 Dec 2019 14:18:48 GMT
server: nginx
etag: W/"5dfa3548-d23a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public

GET
H2 200 dropin.min.js Show response
js.braintreegateway.com/web/dropin/1.20.0/js/ Frame E5B6 351 KB
90 KB 196ms
51ms Script
application/javascript 13.225.80.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-5.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 50eb773d3595b8f6bde7493ea0a2f5641b4b39e5a00794521dd66182aeab95f0

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 04:48:20 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 21:50:36 GMT
server: nginx
age: 8417
etag: W/"603578ac-57ba8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tM25vtLAQhYdQgEOIATGb64PtVpX3Hv6uxxd7Mjb1pKTX2ueIb1Usg==
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
expires: Sun, 28 Feb 2021 04:48:20 GMT

GET
H2 200 temp-style.css
cdn.entireweb.com/include/css/ Frame E5B6 37 KB
7 KB 134ms
19ms Stylesheet
text/css 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.entireweb.com/include/css/temp-style.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 153b9acda7f4103288cef31539fe07f09838f0867d72055145e4159eb08dc357

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Mon, 14 Jan 2019 10:44:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c6815-9479"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=74092
content-length: 6832

GET
H2 200 ew.css
www.entireweb.com/free_submission/ Frame E5B6 41 KB
9 KB 76ms
75ms Stylesheet
text/css 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/ew.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2d78993263ae95bb823d1c9321ad49d09a7341bd291cca56f9a379b8479c15c2

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
etag: W/"5c387866-a40f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public

GET
H2 200 css.css
www.entireweb.com/free_submission/ Frame E5B6 12 KB
2 KB 76ms
75ms Stylesheet
text/css 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/css.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 982a7e02d9bc3463ea7470fcb2b83104b9134b0b6bd3dcf0998358e5aa0f4a0f

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
etag: W/"5c387866-301b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public

GET
H2 200 mobileburger.css
www.entireweb.com/free_submission/ Frame E5B6 4 KB
1 KB 76ms
75ms Stylesheet
text/css 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/mobileburger.css
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: e9dc680d1306408adb91dafb9214df61b5ded783b4976ced63731fc19c7e046d

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Tue, 22 Oct 2019 12:52:56 GMT
server: nginx
etag: W/"5daefba8-1008"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E5B6 98 KB
39 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-263233-10

Requested by

Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec20bde78d0a630c4755d188de6934dce2db9c29a688f5e975d85a9067573232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39436
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H/1.1 200
OK IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ Show response
widgets.entireweb.com/pixel/ Frame E5B6 77 KB
8 KB 371ms
134ms Script
application/javascript 54.163.155.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.163.155.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-155-157.compute-1.amazonaws.com
Software: Apache/2.4.43 (Unix) OpenSSL/1.1.1d / PHP/7.4.7
Resource Hash: 843a0e84fb001c79fb2b24c58279d267f17f4dde3923324dc16ca1852aef4637

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Content-Encoding: gzip
Server: Apache/2.4.43 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.7
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 8064
Expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 entireweb-web-search-engine-toplogo.png
cdn.entireweb.com/include/img/ Frame E5B6 10 KB
10 KB 19ms
18ms Image
image/png 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.entireweb.com/include/img/entireweb-web-search-engine-toplogo.png
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b62877eb46f9bb55b2b29b75105ea33e8ae5ac8f170f2d15982a728aca2fd902

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-26c9"
content-type: image/png
cache-control: public, max-age=223126
accept-ranges: bytes
content-length: 9929

GET
H2 200 820x574-intro-searchengines.png
cdn.entireweb.com/include/img/ Frame E5B6 275 KB
276 KB 19ms
18ms Image
image/png 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.entireweb.com/include/img/820x574-intro-searchengines.png
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: da98c5459e194aef5e59d5d91c86b855b0fbdaf045f0b01b6573191511fb9831

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-44b1e"
content-type: image/png
cache-control: public, max-age=225200
accept-ranges: bytes
content-length: 281374

GET
H2 200 jz06nf Show response
affiliate.entireweb.com/scripts/ Frame E5B6 31 KB
7 KB 586ms
266ms Script
application/javascript 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.entireweb.com/scripts/jz06nf
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 12:06:38 GMT
x-srv: 3
age: 65
etag: W/"7b51-5b5a24efbaf80"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (1.lb-app.pap.linode-us-tx)
cache-control: max-age=120
x-varnish: 215039740 217295504
accept-ranges: bytes
content-length: 7147
server: nginx
expires: Sat, 27 Feb 2021 07:09:32 GMT

GET
H2 200 jquarymerge.min.js Show response
www.entireweb.com/include/js/ Frame E5B6 253 KB
75 KB 56ms
54ms Script
application/javascript 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/include/js/jquarymerge.min.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
etag: W/"5c387866-3f4f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public

GET
H2 200 js.js Show response
www.entireweb.com/free_submission/ Frame E5B6 228 B
331 B 57ms
56ms Script
application/javascript 162.13.152.237
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.entireweb.com/free_submission/js.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1736659eb7e9d4ad2043a76bb4d23a5591677c4614c5dbf407ac30f303bb8a28

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
etag: W/"5c387866-e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public

GET
H/1.1 200
OK common.css
vermontbiz.squarespace.com/display/ Frame 0C98 49 KB
49 KB 264ms
245ms Stylesheet
text/css 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: dbcaf9499a3b75cc140484c09ca843e3e1507056d86385e2eee14dd2d6ddd2f6

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:36 GMT
Cache-Control: max-age=94608000, private
Server: Squarespace
X-Contextid: ujHGZBYw/BT8PNf1c
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK squarespace-gallery-slideshow.css
vermontbiz.squarespace.com/universal/styles/ Frame 0C98 4 KB
5 KB 243ms
224ms Stylesheet
text/css 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/styles/squarespace-gallery-slideshow.css?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: bf1a62c3dd9d41a6e07e7d8085d73a6d6f4da10f000578f69f8f31ec7689aaa7

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"4592-1614363396000"
Content-Type: text/css
X-Contextid: hebycWzT/OFd23dWv
Accept-Ranges: bytes
Content-Length: 4592

GET
H/1.1 200
OK yahoo-dom-event.js Show response
vermontbiz.squarespace.com/universal/yui/yahoo-dom-event/ Frame 0C98 36 KB
37 KB 231ms
211ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 6366210ee3e98e8dbeb12ddb208aa5bf84a0e550b1ee7bc108154bed17d5fd86

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"36989-1614363396000"
Content-Type: text/javascript
X-Contextid: pu9ePXLP/R4RNTgjv
Accept-Ranges: bytes
Content-Length: 36989

GET
H/1.1 200
OK connection_core-min.js Show response
vermontbiz.squarespace.com/universal/yui/connection/ Frame 0C98 7 KB
8 KB 233ms
213ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/yui/connection/connection_core-min.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: dc493b884b5c1dd9cc927347a08a650c23ac5db728c6e76f359ea5d44b465eab

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"7581-1614363396000"
Content-Type: text/javascript
X-Contextid: DzTXDahq/C2e9wQRQ
Accept-Ranges: bytes
Content-Length: 7581

GET
H/1.1 200
OK json-min.js Show response
vermontbiz.squarespace.com/universal/yui/json/ Frame 0C98 5 KB
5 KB 457ms
437ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/yui/json/json-min.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: e4778b5e74de16953704058db3fc86b02d8cbf4e18c48b86b17da13e66c08660

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"4890-1614363396000"
Content-Type: text/javascript
X-Contextid: LbTWBmI7/4YE8dENX
Accept-Ranges: bytes
Content-Length: 4890

GET
H/1.1 200
OK animation-min.js Show response
vermontbiz.squarespace.com/universal/yui/animation/ Frame 0C98 14 KB
14 KB 385ms
152ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/yui/animation/animation-min.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: a80737f8fdf73f43cf3f9e19ce5a248f4d324823a0b9fe3d5b183104c5f0f914

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"13827-1614363396000"
Content-Type: text/javascript
X-Contextid: DzTXDahq/wWn5d93b
Accept-Ranges: bytes
Content-Length: 13827

GET
H/1.1 200
OK selector.js Show response
vermontbiz.squarespace.com/universal/yui/selector/ Frame 0C98 21 KB
22 KB 365ms
121ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/yui/selector/selector.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: b9b49c94efe4f8c5376973cf127a967b31b0b0c5ff78270b4975afc51b23d02b

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"21705-1614363396000"
Content-Type: text/javascript
X-Contextid: hebycWzT/3HvfBR51
Accept-Ranges: bytes
Content-Length: 21705

GET
H/1.1 200
OK element.js Show response
vermontbiz.squarespace.com/universal/yui/element/ Frame 0C98 32 KB
33 KB 505ms
115ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/yui/element/element.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 3f781e1ec8ab4da1b5277fd277a4243d4ea9d2fa38990c507b989870b3e9e39a

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"33056-1614363396000"
Content-Type: text/javascript
X-Contextid: DzTXDahq/VbI44qZp
Accept-Ranges: bytes
Content-Length: 33056

GET
H/1.1 200
OK global.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 46 KB
46 KB 527ms
112ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/global.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 5163153f73bcb9d1a994adee45d155088ce2bfdcc760a3531a31e7e1057599e2

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:08 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"46629-1614364028000"
Content-Type: text/javascript
X-Contextid: pu9ePXLP/1G8NkdoP
Accept-Ranges: bytes
Content-Length: 46629

GET
H/1.1 200
OK lightbox.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 32 KB
32 KB 691ms
234ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/lightbox.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 141e453c0954d4d72869df1454692b1191eb1f3a14583dba6711f47505cfeb95

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:08 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"32767-1614364028000"
Content-Type: text/javascript
X-Contextid: LbTWBmI7/dN3xKiwD
Accept-Ranges: bytes
Content-Length: 32767

GET
H/1.1 200
OK api.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 7 KB
7 KB 580ms
116ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/api.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 966df6347e0edba690c2156333bdebb32c60f958538064654259678ddfdc4f21

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:06 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"6752-1614364026000"
Content-Type: text/javascript
X-Contextid: hebycWzT/1jBPRBJA
Accept-Ranges: bytes
Content-Length: 6752

GET
H/1.1 200
OK base64.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 2 KB
2 KB 578ms
112ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/base64.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: a275d31e71f53519347ba3027d094b0106d58856342b84f529a69a4cd3259d29

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:06 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"1642-1614364026000"
Content-Type: text/javascript
X-Contextid: cRXylrsX/jdZp71YY
Accept-Ranges: bytes
Content-Length: 1642

GET
H/1.1 200
OK census.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 543 B
942 B 639ms
173ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/census.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 3c46620115be1a968545f16eba340f39e28ea9a5ed4629948639dcb4226a49d1

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:06 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"543-1614364026000"
Content-Type: text/javascript
X-Contextid: ujHGZBYw/IPQZaEFz
Accept-Ranges: bytes
Content-Length: 543

GET
H/1.1 200
OK yui2-yui3-bridge.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 12 KB
12 KB 634ms
115ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/yui2-yui3-bridge.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 2f9ff181474313a332c97bbee9db56f7bcfdf5c0e02b8129e6d98e2892199588

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:08 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"12027-1614364028000"
Content-Type: text/javascript
X-Contextid: DzTXDahq/r5O8ieOT
Accept-Ranges: bytes
Content-Length: 12027

GET
H/1.1 200
OK squarespace-gallery-slideshow.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 21 KB
21 KB 661ms
119ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/squarespace-gallery-slideshow.js?CE=75
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 4d3c90227aea70a3733ff1d8c46f42f43323d763764232390d50a9643bdd15c1

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:08 GMT
Server: Squarespace
Cache-Control: private,max-age=94608000
Etag: W/"21566-1614364028000"
Content-Type: text/javascript
X-Contextid: pu9ePXLP/axblxr5p
Accept-Ranges: bytes
Content-Length: 21566

GET
H/1.1 200
OK cpk5jjj.js Show response
use.typekit.com/ Frame 0C98 17 KB
7 KB 280ms
246ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

http://use.typekit.com/cpk5jjj.js

Requested by

Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/

Protocol

HTTP/1.1

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

13cfd006a193767be58638649fb8404175db5e3fec29e83d5ba4e388f114732d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
Server: nginx
Date: Sat, 27 Feb 2021 07:08:37 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=600, stale-while-revalidate=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 6839

GET
H2

200

guestlist-embed.js Show response
guestlist.co/javascripts/ Frame 0C98
Redirect Chain

http://guestlistapp.com/javascripts/guestlist-embed.js
https://guestlistapp.com/javascripts/guestlist-embed.js
https://guestlist.co/javascripts/guestlist-embed.js

9 KB
4 KB

1652ms
1632ms

Script
application/x-javascript

3.97.24.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://guestlist.co/javascripts/guestlist-embed.js

Requested by

Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.97.24.204 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5f0e20dd09132e89d903765e5304653208e126eb7487d39395cc4e470bf0991e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
access-control-max-age: 0
cache-control: public, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubdomains
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-xss-protection: 1; mode=block

Redirect headers

date: Sat, 27 Feb 2021 07:08:37 GMT
x-content-type-options: nosniff
server: nginx
location: https://guestlist.co/javascripts/guestlist-embed.js
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type: text/html
access-control-allow-origin: *
access-control-max-age: 0
strict-transport-security: max-age=31536000; includeSubdomains
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 178
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK cookie-min.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 4 KB
5 KB 722ms
145ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/cookie-min.js
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 27c757e3c8fd36b0356cf4d8f889ebad92688c23338baaf3abae30736ce21feb

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:06 GMT
Server: Squarespace
Cache-Control: private,max-age=14400
Etag: W/"4401-1614364026000"
Content-Type: text/javascript
X-Contextid: cRXylrsX/jP1LnazN
Accept-Ranges: bytes
Content-Length: 4401

GET
H/1.1 200
OK eu-cookie-policy.js Show response
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98 2 KB
2 KB 701ms
121ms Script
text/javascript 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/universal/scripts/eu-cookie-policy.js
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: a291ec1d6fd94c27c3c163fcf50ea118d548c64b38f95bb203958091df19b03b

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified: Fri, 26 Feb 2021 18:27:06 GMT
Server: Squarespace
Cache-Control: private,max-age=14400
Etag: W/"1682-1614364026000"
Content-Type: text/javascript
X-Contextid: hebycWzT/BUSqhEIr
Accept-Ranges: bytes
Content-Length: 1682

GET
H/1.1 200
OK ad.js Show response
www.adplugg.com/serve/A48219153/js/1.1/ Frame E5B6 234 KB
65 KB 4232ms
3659ms Script
text/javascript 54.203.166.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adplugg.com/serve/A48219153/js/1.1/ad.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.166.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 7e11170a0f7ef5c6fc10bf5581bd2060988b5d6ede1bcd98d09c1abafcb9e904

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:38 GMT
Content-Encoding: gzip
Server: nginx/1.15.5
Age: 93
ETag: W/"2.87"
Vary
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
Via: 1.1 varnish-v4
Cache-Control: max-age=60, public
X-Varnish: 33258279 33343858
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65744

GET
H/1.1 200
OK ad.js Show response
www.adplugg.com/serve/A48219153/js/1.1/ Frame 15A2 234 KB
65 KB 4228ms
3658ms Script
text/javascript 54.203.166.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adplugg.com/serve/A48219153/js/1.1/ad.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.166.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 7e11170a0f7ef5c6fc10bf5581bd2060988b5d6ede1bcd98d09c1abafcb9e904

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:38 GMT
Content-Encoding: gzip
Server: nginx/1.15.5
Age: 0
ETag: W/"2.87"
Vary
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
Via: 1.1 varnish-v4
Cache-Control: max-age=60, public
X-Varnish: 33344004 33258280
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65744

GET
H2 200 50x180-feature-icons2.png
cdn.entireweb.com/include/img/ Frame E5B6 3 KB
3 KB 14ms
13ms Image
image/png 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.entireweb.com/include/img/50x180-feature-icons2.png
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/css.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 65a62cc0e7be1c2ddf719108c92cc51c4e94735bdbe8bd74e617d950baa1761d

Request headers

Referer: https://www.entireweb.com/free_submission/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-c46"
content-type: image/png
cache-control: public, max-age=45328
accept-ranges: bytes
content-length: 3142

GET
H2 200 950x90-selogos-bar.jpg
cdn.entireweb.com/include/img/ Frame E5B6 15 KB
15 KB 14ms
14ms Image
image/jpeg 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.entireweb.com/include/img/950x90-selogos-bar.jpg
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/css.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 59d521c7e1d5d1253714ccf0f586b7d6ae5e617f9975c9cf5ab64723002e5869

Request headers

Referer: https://www.entireweb.com/free_submission/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c387866-3ab9"
content-type: image/jpeg
cache-control: public, max-age=452694
accept-ranges: bytes
content-length: 15033

GET
H2 200 50x180-feature-icons2.png
cdn.entireweb.com/include/img/ Frame 15A2 3 KB
3 KB 11ms
10ms Image
image/png 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.entireweb.com/include/img/50x180-feature-icons2.png
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/css.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 65a62cc0e7be1c2ddf719108c92cc51c4e94735bdbe8bd74e617d950baa1761d

Request headers

Referer: https://www.entireweb.com/free_submission/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Mon, 14 Jan 2019 09:28:17 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c3c5631-c46"
content-type: image/png
cache-control: public, max-age=589898
accept-ranges: bytes
content-length: 3142

GET
H2 200 950x90-selogos-bar.jpg
cdn.entireweb.com/include/img/ Frame 15A2 15 KB
15 KB 11ms
11ms Image
image/jpeg 2a02:26f0:1700:19b::3a15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.entireweb.com/include/img/950x90-selogos-bar.jpg
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/css.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 59d521c7e1d5d1253714ccf0f586b7d6ae5e617f9975c9cf5ab64723002e5869

Request headers

Referer: https://www.entireweb.com/free_submission/css.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Fri, 11 Jan 2019 11:05:10 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c387866-3ab9"
content-type: image/jpeg
cache-control: public, max-age=452694
accept-ranges: bytes
content-length: 15033

GET
H2 200 trackjs.js Show response
affiliate.entireweb.com/scripts/ Frame E5B6 31 KB
7 KB 365ms
138ms Script
application/javascript 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.entireweb.com/scripts/trackjs.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 12:06:38 GMT
x-srv: 3
age: 65
etag: W/"7b51-5b5a24efbaf80"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (1.lb-app.pap.linode-us-tx)
cache-control: max-age=120
x-varnish: 213904191 217295504
accept-ranges: bytes
content-length: 7147
server: nginx
expires: Sat, 27 Feb 2021 07:09:32 GMT

GET
H2 200 trackjs.js Show response
affiliate.entireweb.com/scripts/ Frame 15A2 31 KB
7 KB 486ms
259ms Script
application/javascript 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.entireweb.com/scripts/trackjs.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
last-modified: Fri, 04 Dec 2020 12:06:38 GMT
x-srv: 3
age: 65
etag: W/"7b51-5b5a24efbaf80"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (1.lb-app.pap.linode-us-tx)
cache-control: max-age=120
x-varnish: 215939525 217295504
accept-ranges: bytes
content-length: 7147
server: nginx
expires: Sat, 27 Feb 2021 07:09:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E5B6 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-263233-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4880
date: Sat, 27 Feb 2021 05:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 27 Feb 2021 07:47:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 15A2 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-263233-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4880
date: Sat, 27 Feb 2021 05:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 27 Feb 2021 07:47:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 45E7 37 KB
2 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cdf5a442a3cc0f524587e271f499c9ba77ae0834e3a33b9b26b39e28b0d876b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 07:08:37 GMT
server: ESF
date: Sat, 27 Feb 2021 07:08:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 plugins.min.css
www.marathonbet.co.uk/landings/blocks/static/css/ Frame 45E7 395 KB
62 KB 239ms
236ms Stylesheet
text/css 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/css/plugins.min.css

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91745e5a6d4006d522494e45b4c9195ab890beadd03e770c68bfb6e86f64a946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:24:51 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a63-62d7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: no-cache, must-revalidate
cf-ray: 6280135eda892488-FRA
cf-request-id: 0883ea6f4c0000248815861000000001

GET
H2 200 site.global.css
www.marathonbet.co.uk/landings/assets/css/ Frame 45E7 40 KB
10 KB 155ms
152ms Stylesheet
text/css 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/css/site.global.css

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c43ca22960570d73fe186c57396733b8f8044f59b7b92b63dbdb92c0959e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:24:43 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a5b-a181"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: no-cache, must-revalidate
cf-ray: 6280135eda8b2488-FRA
cf-request-id: 0883ea6f4c0000248864060000000001

GET
H2 200 site.global.css
www.marathonbet.co.uk/landings/assets/css/custom/ Frame 45E7 8 KB
2 KB 118ms
116ms Stylesheet
text/css 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/css/custom/site.global.css

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7fe429ae4cdaf8105bb31a2491e076f127d005b2bc89110117980cf8740a4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:43:53 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127c9-21c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: no-cache, must-revalidate
cf-ray: 6280135eda8d2488-FRA
cf-request-id: 0883ea6f4c0000248804874000000001

GET
H2 200 site.global.js Show response
www.marathonbet.co.uk/landings/assets/js/ Frame 45E7 236 KB
85 KB 203ms
200ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/js/site.global.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c02e45096fe64f0737eb0575687264ee2365f6740876e618327d8b3209f02f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:43:53 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127c9-3b0e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 6280135eea922488-FRA
cf-request-id: 0883ea6f4d00002488fbb10000000001

GET
H2 200 site.global.js Show response
www.marathonbet.co.uk/landings/assets/js/custom/ Frame 45E7 19 KB
8 KB 150ms
147ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/js/custom/site.global.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb7402bb7dba8e1523e062ca0a063d3c4b660ad0871022d09d85e4e570e7295d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:24:44 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a5c-4df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 6280135eea932488-FRA
cf-request-id: 0883ea6f4d00002488a7998000000001

GET
H2 200 plugins.min.js Show response
www.marathonbet.co.uk/landings/blocks/static/js/ Frame 45E7 158 KB
53 KB 206ms
203ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/js/plugins.min.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de87c35f5b60ca8e83e0a971217b411932b3c12a949b16167de1dda88174875b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-27750"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 6280135eea952488-FRA
cf-request-id: 0883ea6f4d000024881f06b000000001

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 45E7 907 B
670 B 19ms
15ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=onScriptLoad

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

57aabc1104849fcdbe65cb780bfa6633228ec501258d2d60aa2a3d93a56dd48e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 1; mode=block
expires: Sat, 27 Feb 2021 07:08:38 GMT

GET
H2 200 header-14-01.min.css
www.marathonbet.co.uk/landings/blocks/static/css/ Frame 45E7 28 KB
5 KB 142ms
139ms Stylesheet
text/css 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/css/header-14-01.min.css

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4f7e14d0f68d619b155dadd78119d09711cb61f9bba866e801bf33a5c8f98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:02 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127d2-70bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: no-cache, must-revalidate
cf-ray: 6280135eda8e2488-FRA
cf-request-id: 0883ea6f4f00002488b82ac000000001

GET
H2 200 newpart-02-00.min.css
www.marathonbet.co.uk/landings/blocks/static/css/ Frame 45E7 24 KB
5 KB 137ms
135ms Stylesheet
text/css 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/css/newpart-02-00.min.css

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9386b3208ec6eebcd735a8319bf5705281d198783105692fe923b0719a43d745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:02 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127d2-6139"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: no-cache, must-revalidate
cf-ray: 6280135eda8f2488-FRA
cf-request-id: 0883ea6f4c000024880882c000000001

GET
H2 200 footer-11-00.min.css
www.marathonbet.co.uk/landings/blocks/static/css/ Frame 45E7 13 KB
3 KB 122ms
120ms Stylesheet
text/css 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/css/footer-11-00.min.css

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b34c93972705c7ddcc84706b83a71adcc22d663e176a2d03390a8210a2678733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:01 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127d1-357e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: no-cache, must-revalidate
cf-ray: 6280135eda902488-FRA
cf-request-id: 0883ea6f4c000024888a897000000001

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 45E7 88 KB
34 KB 41ms
20ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-PTD6KD6

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dd21475a14aaefef3a2c4616e12d0089b81ea970cd0526e5da978c4b53b3dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34846
x-xss-protection: 0
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 moment.min.js Show response
www.marathonbet.co.uk/landings/assets/js/ Frame 45E7 52 KB
19 KB 196ms
194ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/js/moment.min.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:24:44 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a5c-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 6280135eea992488-FRA
cf-request-id: 0883ea6f5000002488d0b19000000001

GET
H2 200 en-gb.js Show response
www.marathonbet.co.uk/landings/assets/js/moment-locale/ Frame 45E7 3 KB
1 KB 135ms
133ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/js/moment-locale/en-gb.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e86bfd873ce2ba61885faa9e0ba2ae1a510574f698d6a3aba7da49d1505eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:24:44 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a5c-a47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 6280135eea9a2488-FRA
cf-request-id: 0883ea6f5000002488eb2ef000000001

GET
H2 200 daterangepicker.js Show response
www.marathonbet.co.uk/landings/assets/js/ Frame 45E7 65 KB
15 KB 195ms
193ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/js/daterangepicker.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c256bcb9aa10ef7e6bab683a077aaedbbfdd6dad8deda4f1e7abf4f7fe104ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:43:53 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127c9-10301"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 6280135eea9c2488-FRA
cf-request-id: 0883ea6f50000024880dbfd000000001

GET
H2 200 daterangepicker.css
www.marathonbet.co.uk/landings/assets/css/ Frame 45E7 7 KB
2 KB 119ms
118ms Stylesheet
text/css 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/css/daterangepicker.css

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5ef4c7e64475909a9e32315f91f5cc5753af998f3076c7e61c1386752a6b9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:24:43 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a5b-1deb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: no-cache, must-revalidate
cf-ray: 6280135eda912488-FRA
cf-request-id: 0883ea6f4d00002488ff8c5000000001

GET
H2 200 marathon_logo_en.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/logo/ Frame 45E7 5 KB
2 KB 115ms
112ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/logo/marathon_logo_en.svg?date=1612257921

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e5cfe11b033ea87ba1fafe403a978b8ec663c977616919e3f8a4f6305f0da33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:32 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127f0-1456"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 62801366285d2488-FRA
cf-request-id: 0883ea73d600002488a79be000000001

GET
H2 200 mancity.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/ Frame 45E7 19 KB
8 KB 167ms
164ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/mancity.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5771db83014670269e981af8b2b68f4f4f54f5214874b41ea49a923605136454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:30 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8a-4b8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 62801366285e2488-FRA
cf-request-id: 0883ea73d60000248804049000000001

GET
H2 200 sevilla.png
www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/ Frame 45E7 71 KB
71 KB 184ms
180ms Image
image/png 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/sevilla.png?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4451dd6d0c9874b1cbd44fbbbad45f1c7688b65fba85652fe33c3bf9d1099475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: "601127fa-11a99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 62801366285f2488-FRA
content-length: 72345
cf-request-id: 0883ea73d600002488f8b8f000000001

GET
H2 200 zaragoza.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/ Frame 45E7 38 KB
15 KB 187ms
183ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/zaragoza.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876c47baba1d6b8feac5a06cd4b3bcdb6e98a65e63b17c41f1dc9a8f83eb71ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-97ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628602488-FRA
cf-request-id: 0883ea73d900002488f8b90000000001

GET
H2 200 visa-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 6 KB
2 KB 126ms
123ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/visa-white.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c37822d8b031ef6fcae40a2a5b2a183ac30769bd93b21fe9c2aa73337cec4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:30 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8a-16a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628612488-FRA
cf-request-id: 0883ea73d7000024889b914000000001

GET
H2 200 mastercard-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 29 KB
9 KB 158ms
154ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/mastercard-white.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b9ecc241b15446fd04b92ed5026c473a3986d680bc4f17bf363ed565044dc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:30 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8a-749f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628622488-FRA
cf-request-id: 0883ea73d700002488fbb36000000001

GET
H2 200 maestro-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 8 KB
3 KB 152ms
149ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/maestro-white.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e95d4a39a603845a5bd5fec2bd672a1e8a94cce0fc9fe5a8c36056d57573c342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-20e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628632488-FRA
cf-request-id: 0883ea73d70000248855a1e000000001

GET
H2 200 banktransfer-en.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 9 KB
3 KB 145ms
142ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/banktransfer-en.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7a8be46676d21b5058ba010b6549311a78a6b87c61953cb13d1668ecdc5988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:30 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8a-2473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628642488-FRA
cf-request-id: 0883ea73d7000024886ca5d000000001

GET
H2 200 skrill2.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 3 KB
1 KB 143ms
140ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/skrill2.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981b91a09857b33707e4784c2977f2a026b8b1a809940d4e230e23255dbbae09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-c08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628652488-FRA
cf-request-id: 0883ea73d70000248864089000000001

GET
H2 200 neteller-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 3 KB
1 KB 124ms
121ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/neteller-white.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd015e512f77c3bb8930ac78fc8e64a33a905e5aa1cadde379d20ddf0e4e4f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-c6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628662488-FRA
cf-request-id: 0883ea73d70000248802328000000001

GET
H2 200 paysafecard-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 14 KB
5 KB 144ms
141ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/paysafecard-white.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0236033b64827076dabee32636265f80c66147e6cded6bc6afffbc7eff28872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-372a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628672488-FRA
cf-request-id: 0883ea73d700002488ee339000000001

GET
H2 200 paypal-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 7 KB
3 KB 146ms
143ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/paypal-white.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01694614acbfdb7855af11b5c9d07aff0c1fe30ed4fdd60aaa0d39b864d0fd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-1b16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628682488-FRA
cf-request-id: 0883ea73d800002488c41bf000000001

GET
H2 200 trustly.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 10 KB
4 KB 152ms
149ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/trustly.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef858c9b1960e18ab571a1a8a898b2239ac0ccbab6ce84bd74594c36f1195dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:30 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8a-291e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 62801366286a2488-FRA
cf-request-id: 0883ea73da00002488d4a8b000000001

GET
H2 200 ecopayz-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7 4 KB
2 KB 152ms
150ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ecopayz-white.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbb446d29480abd8e0f4edcaef3598cba619b58c9f2d339bab5ec45fd1c6ff06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-109d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 62801366286b2488-FRA
cf-request-id: 0883ea73db000024887499b000000001

GET
H2 200 18_white_logo.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/ Frame 45E7 2 KB
1 KB 128ms
126ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/18_white_logo.svg?date=1612257930

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ae2d2029e982a3d20fa96647a74df968034aa9dd227aec99fb581a680bedaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:30 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8a-975"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 62801366286d2488-FRA
cf-request-id: 0883ea73db0000248881a95000000001

GET
H2 200 alderney-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/ Frame 45E7 101 KB
31 KB 234ms
232ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/alderney-white.svg?date=1612257931

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30ab10abd1ea2c940cb30a0a796c1ee8cb77fe33c31e3eb7468b2ef8808e2319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:31 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8b-1921e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 62801366286e2488-FRA
cf-request-id: 0883ea73db00002488f5b5b000000001

GET
H2 200 gamblingcommission-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/ Frame 45E7 21 KB
9 KB 168ms
166ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/gamblingcommission-white.svg?date=1612257931

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af03aec793c0abd11a472714bdc769668c3704d99192a27e1f8c6e6967c899d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:31 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8b-5279"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 62801366286f2488-FRA
cf-request-id: 0883ea73db000024885c34e000000001

GET
H2 200 begambleawareorg_white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/ Frame 45E7 6 KB
3 KB 132ms
130ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/begambleawareorg_white.svg?date=1612257931

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

249ffdc04156821f4d0d26a1252b5eb40a3ebd277de6be636fd5650d6e9a9eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:31 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8b-1824"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628702488-FRA
cf-request-id: 0883ea73db0000248826b97000000001

GET
H2 200 editor-js Show response
www.marathonbet.co.uk/landings/api/v1/site-edit/ Frame 45E7 2 KB
2 KB 82ms
82ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/api/v1/site-edit/editor-js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cde392786c19aa991f2e5501b39d4c502bde5d9cdcddf51af182d2973f519a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000
cf-ray: 628013649f172488-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-request-id: 0883ea72df00002488e8980000000001

GET
H2 200 header-14-01.min.js Show response
www.marathonbet.co.uk/landings/blocks/static/js/ Frame 45E7 382 B
393 B 116ms
116ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/js/header-14-01.min.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa4a67f196d515bc3927a9ba0ee3a22ad490f33db729b88db129520abb0d99a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:42 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127fa-17e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 628013657fc52488-FRA
cf-request-id: 0883ea7367000024887b368000000001

GET
H2 200 newpart-02-00.min.js Show response
www.marathonbet.co.uk/landings/blocks/static/js/ Frame 45E7 126 B
238 B 129ms
129ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/js/newpart-02-00.min.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e164731004bfedf6c2701b4718f017c808123097b8c4e80efd2b283aa99e6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:31 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a8b-7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 62801365b8072488-FRA
cf-request-id: 0883ea7394000024889b912000000001

GET
H2 200 footer-11-00.min.js Show response
www.marathonbet.co.uk/landings/blocks/static/js/ Frame 45E7 0
102 B 119ms
114ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/js/footer-11-00.min.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:25:31 GMT
server: cloudflare
cache-status: MISS
etag: "60191a8b-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 6280136628592488-FRA
content-length: 0
cf-request-id: 0883ea73d50000248808855000000001

GET
H2 200 get.js Show response
www.marathonbet.co.uk/landings/assets/js/custom/ Frame 45E7 2 KB
894 B 129ms
125ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/js/custom/get.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

903ac783f77eb0052416fc22e4c10de43e66873b25f7bd47b187b2fa294b0d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:43:53 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127c9-9e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 62801366285a2488-FRA
cf-request-id: 0883ea73d500002488cb176000000001

GET
H2 200 trackingEngine.js Show response
www.marathonbet.co.uk/landings/assets/js/custom/ Frame 45E7 4 KB
2 KB 144ms
140ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/js/custom/trackingEngine.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eead2bd37da6b8f6cb3184f01b5a7b6b63d73faec64bb6a2063ea150f7048db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:43:53 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127c9-113b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 62801366285b2488-FRA
cf-request-id: 0883ea73d50000248815888000000001

GET
H2 200 gaevents.js Show response
www.marathonbet.co.uk/landings/assets/js/custom/ Frame 45E7 1 KB
536 B 146ms
142ms Script
application/javascript 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marathonbet.co.uk/landings/assets/js/custom/gaevents.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c5be9fbb835bf61dc0a303926821391554760402b2368aa3a54cdb37f3a0686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:24:44 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a5c-4c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: no-cache, must-revalidate
cf-ray: 62801366285c2488-FRA
cf-request-id: 0883ea73d60000248893861000000001

GET
H/1.1

200
OK

BOB+Logo-Color-FINAL-sm.png
static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/storage/BOB%20Logo-Color-FINAL-sm.png
http://static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/BOB+Logo-Color-FINAL-sm.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

72 KB
73 KB

403ms
384ms

Image
image/png

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/BOB+Logo-Color-FINAL-sm.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: adbfbe079d701272c73777c548eb5c8e372c6f0965a4678b28080c900c7fd8bb

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:40 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 65984
X-Cache: HIT, MISS
X-Contextid: BlB0PMdJ/xbHzy1ip
Connection: keep-alive
Content-Length: 74026
X-Served-By: cache-dfw18630-DFW, cache-fra19125-FRA
Last-Modified: Wed, 14 Dec 2016 21:58:11 GMT
Server: Squarespace
X-Timer: S1614409720.329288,VS0,VE343
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/BOB+Logo-Color-FINAL-sm.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:39 GMT
X-Contextid: cRXylrsX/HOXFYixH
Server: Squarespace
Content-Length: 0
Content-Type: image/png;charset=UTF-8

GET
H/1.1 200
OK webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 0C98 13 KB
6 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 13:52:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 62170
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 5437
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 26 Feb 2022 13:52:30 GMT

GET
H2 200 amigos.png
www.picpay.com/static/images/bullets/ Frame CF1F 73 KB
73 KB 120ms
119ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/bullets/amigos.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 37e74d4af1424a182692cffb376f0709e63282de5823327201baf6857770c545

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-12396"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 74646
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 boleto.png
www.picpay.com/static/images/bullets/ Frame CF1F 23 KB
23 KB 202ms
201ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/bullets/boleto.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 45aeb5dec3a47816633be3ba20ce80a5bbbe8e5052bb8030d47adab89b645b2d

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-5b79"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 23417
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 estacionamentos.png
www.picpay.com/static/images/bullets/ Frame CF1F 20 KB
20 KB 2248ms
2243ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/bullets/estacionamentos.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: bbce4c1901cf6498a4d53796c5630e81db3596202fd40e41b51bc7ea8e3af55f

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-5079"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 20601
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 jogos.png
www.picpay.com/static/images/bullets/ Frame CF1F 13 KB
13 KB 2247ms
2243ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/bullets/jogos.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e784f44417a9910398028653c4396e17eeb7bf9e7ccd33b63b9aa1a20c2b911c

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-332e"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 13102
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 store.png
www.picpay.com/static/images/bullets/ Frame CF1F 7 KB
7 KB 2247ms
2243ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/bullets/store.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: f0206f16ebcbf0a28ed2f332fb034d50456df8105a0ccda7df95d989bde929d3

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-1a71"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 6769
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 recarga.png
www.picpay.com/static/images/bullets/ Frame CF1F 31 KB
31 KB 241ms
236ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/bullets/recarga.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 2ddac7f61adecfacf650352168831c0479ac0afbb82da79c1fee4a4a05906720

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-7a6b"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 31339
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 badge-google-play-big.png
www.picpay.com/static/images/ Frame CF1F 13 KB
13 KB 2246ms
2242ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/badge-google-play-big.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 332c353346fa34ba648c1896f0a03034a8171a203c765ececcb1d9b47d5a8678

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-3395"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 13205
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 badge-app-store-big.png
www.picpay.com/static/images/ Frame CF1F 10 KB
10 KB 2247ms
2243ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/badge-app-store-big.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: febf102a9b0661ed75e2d34a0a4da79ee48e9c3c6aec16bee9c17e6fd16c351a

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-27fc"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 10236
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 ico-fb.png
www.picpay.com/static/images/ Frame CF1F 16 KB
16 KB 2247ms
2243ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/ico-fb.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: c9f6eb9585d10d1acd6ff05d522445aaf470be7f914a3ba1b858416e3577f3b6

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-3fdb"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 16347
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 ico-tt.png
www.picpay.com/static/images/ Frame CF1F 16 KB
17 KB 2247ms
2243ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/ico-tt.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: cb2e91d152b816c43a54ed6a9c8fdcb92e7c40a6f8c8a46ffc7ee57c5b382dfb

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-413d"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 16701
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 ico-ig.png
www.picpay.com/static/images/ Frame CF1F 17 KB
17 KB 2248ms
2244ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/ico-ig.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 17c26c15a38e5ee8092fef893dd8beec647604a743307ba4644ef284fd97aef7

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-427e"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 17022
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 ico-youtube.png
www.picpay.com/static/images/ Frame CF1F 2 KB
2 KB 2247ms
2244ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/ico-youtube.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 2811b20b11c559060536ad04de1cdc1c6ff288fda0e8d1c878d2636a503ddc27

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-7f8"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2040
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 ico-linkedin.png
www.picpay.com/static/images/ Frame CF1F 2 KB
3 KB 2247ms
2244ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/ico-linkedin.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: c085344c5498e00798127f57d4f1013f4c761f270c93d3eef19055fca6a525ef

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-9ba"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2490
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 ico-tiktok.png
www.picpay.com/static/images/ Frame CF1F 2 KB
2 KB 2248ms
2245ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/ico-tiktok.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 7c95abe781ebf06979ce7ed8a8e221f61935e43603b29bdc0bb10c4003155c9d

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-875"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2165
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 badge-google-play.png
www.picpay.com/static/images/ Frame CF1F 6 KB
7 KB 2247ms
2244ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/badge-google-play.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 8e0b05f528819fb06beaa15a7bf33a3d2ff5a3bf635ddabadc60fb6a40bd8bcb

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-1974"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 6516
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 badge-app-store.png
www.picpay.com/static/images/ Frame CF1F 3 KB
3 KB 2248ms
2245ms Image
image/png 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.picpay.com/static/images/badge-app-store.png
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 97ea5d4ced240b8018eebde8e8d314a5ab1914fa921d073d02407f12d559aca5

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:24 GMT
server: nginx/1.12.2
etag: "603812b8-b17"
content-type: image/png
cache-control: max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2839
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame CF1F 98 KB
39 KB 49ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-855209381

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e135e3cf061067667ea655b872b3a6f7d772fea510cfa70496a97d7bbd649db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39436
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame CF1F 98 KB
38 KB 51ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49595033-2

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

511993a43b26b3d09e98b76bafe9b8ce00dd0c214221e398fad42ac9c739b941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39391
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame CF1F 91 KB
24 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: LO1xTAnvz8tAkwkrUOCk4H+O+eINhnD/T+aUplHZcy7CHtAHyeWIE1WEaLDYfRhwQEFQG5WTgH+Cg08AF/BjlQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 27 Feb 2021 07:08:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ Frame CF1F 0
516 B 4340ms
239ms Image
image/png 52.95.164.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=PICP&x-r=http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.164.10 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-sa-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:42 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id: 8E9D46FD34A84681
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: pwIdJY6ngM4ud116E2x1u6qrU19jr5onK3P+0zByazTBFWy4fNEg0B90HiSiklBQ0OTn9eVH/6k=

GET
H2 200 hotjar-1397873.js Show response
static.hotjar.com/c/ Frame CF1F 3 KB
2 KB 135ms
66ms Script
application/javascript 13.225.80.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1397873.js?sv=6

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-24.fra2.r.cloudfront.net

Software

Resource Hash

5d51f7c03341f9c212aba23759ef0b2eab000a24ff3182dde9acbcdce1272cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/0084e4d05a00a760d99fb6c5c5ec73c9
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1577
via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-id: exLkeZ_jjeA8fEYcBaWlC82A9S4x9VFlo7JeZl56dh8iA-X46Q90Kw==

GET
H2 200 ppayreg.woff2
www.picpay.com/static/styles/webfont/ Frame CF1F 21 KB
22 KB 2245ms
2245ms Font
application/octet-stream 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picpay.com/static/styles/webfont/ppayreg.woff2
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 2f126200b438f6261d02167703c0a49ce51062efcf7d99309098c5e86578be06

Request headers

Origin: https://www.picpay.com
Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:25 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "603812b9-559c"
content-length: 21916
content-type: application/octet-stream

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame CF1F 46 KB
19 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4880
date: Sat, 27 Feb 2021 05:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 27 Feb 2021 07:47:17 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame CF1F 147 KB
50 KB 49ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5CPZW2

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52c989b150b6949b3e65363abb4fa1d1eabc75be7e93f8428a2af9746522bc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51115
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:37 GMT

GET
H2 200 ppaybld.woff2
www.picpay.com/static/styles/webfont/ Frame CF1F 22 KB
22 KB 2241ms
2241ms Font
application/octet-stream 52.5.162.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.picpay.com/static/styles/webfont/ppaybld.woff2
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-162-87.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 7c027781127b6fad344a068f0ccc8dcaa6b20ec5cd98db56310849409fdd0412

Request headers

Origin: https://www.picpay.com
Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:37 GMT
last-modified: Thu, 25 Feb 2021 21:12:25 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "603812b9-5634"
content-length: 22068
content-type: application/octet-stream

GET
H/1.1 200
OK pixel.css
widgets.entireweb.com/themes/altum/assets/css/ Frame 15A2 36 KB
5 KB 108ms
107ms Stylesheet
text/css 54.163.155.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.entireweb.com/themes/altum/assets/css/pixel.css
Requested by: Host: widgets.entireweb.com
URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.163.155.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-155-157.compute-1.amazonaws.com
Software: Apache/2.4.43 (Unix) OpenSSL/1.1.1d /
Resource Hash: 34ef26f2dc337d09f7d7f0bd1a10f27ff9f3222484e68d5f5e0ea7eb81631595

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 11:50:07 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.1.1d
ETag: "9091-5ad257d14c8c2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4336

GET
H/1.1 200
OK / Show response
api64.ipify.org/ Frame 15A2 20 B
238 B 417ms
138ms XHR
text/plain 2607:f2d8:4010:8::2
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api64.ipify.org/
Requested by: Host: widgets.entireweb.com
URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f2d8:4010:8::2 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software: nginx/1.19.7 /
Resource Hash: 88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.entireweb.com
Date: Sat, 27 Feb 2021 07:08:38 GMT
Server: nginx/1.19.7
Connection: keep-alive
Content-Length: 20
Vary: Origin
Content-Type: text/plain

GET
H2 200 2a01:4f8:192:5414::2 Show response
www.iplocate.io/api/lookup/ Frame 15A2 288 B
1 KB 202ms
186ms XHR
application/json 2606:4700:3030::ac43:8e72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iplocate.io/api/lookup/2a01:4f8:192:5414::2

Requested by

Host: widgets.entireweb.com
URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8e72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8135274119acee82aafaee8ad4133b16c3b4081dffa052bcd9b3699b1e9ea77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 628013633cdcd6dd-FRA
x-ratelimit-limit: 1000
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a9aed3f4-997a-4b2e-8cd7-d84a55af8e63
x-runtime: 0.009180
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e8135274119acee82aafaee8ad4133b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KjdKoou4RBg%2B5ThGlW6qb9lhc9IILJmQAh7hvN85PpNzbNvNgx4tb98M6zdhGoH9D15veoMmKRctWs%2F56mFs1mdXg2knp9nJ7B0D4FiJnN1HLuYTGXh3q9dw3r0%3D"}],"max_age":604800,"group":"cf-nel"}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-reset, x-ratelimit-remaining
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 2021-02-28 00:00:00 +0000
x-ratelimit-remaining: 999
cf-request-id: 0883ea72030000d6ddef2a4000000001
content-type: application/json; charset=utf-8
x-ratelimit-client-id: 2a01:4f8:192:5414::2

GET
H/1.1 200
OK pixel.css
widgets.entireweb.com/themes/altum/assets/css/ Frame E5B6 36 KB
5 KB 1639ms
1638ms Stylesheet
text/css 54.163.155.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.entireweb.com/themes/altum/assets/css/pixel.css
Requested by: Host: widgets.entireweb.com
URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.163.155.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-155-157.compute-1.amazonaws.com
Software: Apache/2.4.43 (Unix) OpenSSL/1.1.1d /
Resource Hash: 34ef26f2dc337d09f7d7f0bd1a10f27ff9f3222484e68d5f5e0ea7eb81631595

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 11:50:07 GMT
Server: Apache/2.4.43 (Unix) OpenSSL/1.1.1d
ETag: "9091-5ad257d14c8c2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4336

GET
H2 200 track.php Show response
affiliate.entireweb.com/scripts/ Frame E5B6 66 B
443 B 1647ms
1647ms Script
application/x-javascript 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.entireweb.com/scripts/track.php?accountId=default1&url=S_www.entireweb.com%2Ffree_submission%2F&referrer=H_traffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&isInIframe=true&getParams=%3Fa%3Dwalawala&anchor=
Requested by: Host: affiliate.entireweb.com
URL: https://affiliate.entireweb.com/scripts/trackjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef294a26b7bc4bb108953b59f9fd804031aa0176921188e5a0b1912e6bd5bba1

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-type: application/octet-stream, application/x-javascript
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track.php Show response
affiliate.entireweb.com/scripts/ Frame 15A2 66 B
443 B 1646ms
1646ms Script
application/x-javascript 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.entireweb.com/scripts/track.php?accountId=default1&url=S_www.entireweb.com%2Ffree_submission%2F&referrer=H_traffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&isInIframe=true&getParams=%3Fa%3Dwalawala&anchor=
Requested by: Host: affiliate.entireweb.com
URL: https://affiliate.entireweb.com/scripts/trackjs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: a76fad1fc33625662745f003219d8403e765dc0c412f59e889b993908dfa819d

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-type: application/octet-stream, application/x-javascript
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track.php Show response
affiliate.entireweb.com/scripts/ Frame E5B6 66 B
447 B 1645ms
1645ms Script
application/x-javascript 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.entireweb.com/scripts/track.php?accountId=default1&url=S_www.entireweb.com%2Ffree_submission%2F&referrer=H_traffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&isInIframe=true&getParams=%3Fa%3Dwalawala&anchor=
Requested by: Host: affiliate.entireweb.com
URL: https://affiliate.entireweb.com/scripts/jz06nf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: f164b0f7c34cc10d90a770c81b95d80e13932ec33598926cd158c20702dc0e5a

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-type: application/octet-stream, application/x-javascript
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame E5B6 28 KB
9 KB 44ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 01:12:13 GMT
x-msedge-ref: Ref A: C87F93F734914FAD828579F8F81D8991 Ref B: FRAEDGE1307 Ref C: 2021-02-27T07:08:38Z
etag: "8014993f13bd71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8512

GET
H2 200 track.php Show response
affiliate.entireweb.com/scripts/ Frame 15A2 66 B
447 B 1591ms
1591ms Script
application/x-javascript 45.33.2.97
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.entireweb.com/scripts/track.php?accountId=default1&url=S_www.entireweb.com%2Ffree_submission%2F&referrer=H_traffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&isInIframe=true&getParams=%3Fa%3Dwalawala&anchor=
Requested by: Host: affiliate.entireweb.com
URL: https://affiliate.entireweb.com/scripts/jz06nf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: ab221b6a08cf7afd686405d9ccde09f5980db42495fe870a9fc27274afa856ac

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-type: application/octet-stream, application/x-javascript
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 15A2 28 KB
9 KB 28ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 01:12:13 GMT
x-msedge-ref: Ref A: 462C001DF2E3475589CB061734248696 Ref B: FRAEDGE1307 Ref C: 2021-02-27T07:08:38Z
etag: "8014993f13bd71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8512

GET
H2 200 537191696950466 Show response
connect.facebook.net/signals/config/ Frame CF1F 240 KB
70 KB 51ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/537191696950466?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23ce5a3a01cba8e49310fa2810483542cd8e3832e19eeb0fed049571d5895cd4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: uAiNsR7MiYkAlqFM0VEXvQ7XwWKXlFxtu0fhanGVs6JadVxH2c5ME994ByQ6nnvQpBl0LATYu8/F3e2deY1h5g==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 27 Feb 2021 07:08:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.dbbd0f16dca02537aef0.js Show response
script.hotjar.com/ Frame CF1F 217 KB
58 KB 2547ms
58ms Script
application/javascript 13.224.195.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.dbbd0f16dca02537aef0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1397873.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.195.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-195-11.fra2.r.cloudfront.net

Software

Resource Hash

3206338c1b9937821c2817da1ca9d71c9caab3f29ddbed6051cc37137736eee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 14:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147285
x-cache: Hit from cloudfront
content-length: 58514
access-control-allow-origin: *
last-modified: Thu, 25 Feb 2021 14:10:45 GMT
etag: "343f2857df680c77e0648b393f21a333"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: WzuWUztUxDWxBHS2i-fmk4-LRoFeWx7uOe5ig9F3grEe6pDkbb1tyA==

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame CF1F 98 KB
39 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-855209381&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49595033-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3acf0e811ad466a869d3a076bafcde05cab0d7ba5c828cb92f410ea27c6aaf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39430
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:38 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame CF1F 31 KB
13 KB 2098ms
43ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-855209381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12348
x-xss-protection: 0
server: cafe
etag: 7672817363517198860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 07:08:40 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ Frame CF1F 86 KB
34 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-WXX3LPG&t=gtm12&cid=1810950490.1614409719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a37eaa5f2ae1d7a44c39acbd581946022f57f919b7ab8f58e608d8883edbed7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34886
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:38 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ Frame CF1F 423 B
498 B 2479ms
40ms Script
application/javascript 178.250.0.147
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dynamic.criteo.com/js/ld/ld.js?a=72397
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPZW2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: 2b212d5fbb0d807d8dc09d3dcfd1af6428182cb75479505e227946e841332738

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/javascript
cache-control: public, max-age=10800
timing-allow-origin: *
content-length: 310
expires: Sat, 27 Feb 2021 10:08:41 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ Frame CF1F 95 KB
37 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-N2X6V7Q&t=gtag_UA_49595033_2&cid=1810950490.1614409719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf8cde21125e1fbd0dc21e1c0d0025037aa687659fca67d6f6864b40a0cd3cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37770
x-xss-protection: 0
expires: Sat, 27 Feb 2021 07:08:38 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame 45E7 68 KB
27 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLQHKZ

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea284c0ffda5c38bf42c2628f79d87ad0314ec9bca4bf232fd0ad15d60b632e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27911
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:38 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame 45E7 321 KB
81 KB 38ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSGGT2L

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83445fe1673a12bbbcd316d3b62813be302d651be5e661de110e411314ad6d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82946
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:38 GMT

GET
H2 200 white-ray.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/header/ Frame 45E7 239 B
410 B 127ms
126ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/header/white-ray.svg

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/blocks/static/css/header-14-01.min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c62d867ca7c721b7572ab056103ce73f728c036311b4c9989726fabd82e279d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/blocks/static/css/header-14-01.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 02 Feb 2021 09:24:53 GMT
server: cloudflare
cache-status: MISS
etag: W/"60191a65-ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628712488-FRA
cf-request-id: 0883ea73dc00002488d0b42000000001

GET
H2 200 red-ray.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/footer/ Frame 45E7 240 B
424 B 142ms
141ms Image
image/svg+xml 2606:4700::6811:2b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marathonbet.co.uk/landings/blocks/static/img/assets/footer/red-ray.svg

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/blocks/static/css/footer-11-00.min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0096ee0be1f29c3d06fbe0748e6c34433ed65015916d1005abc004a4ea58cafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/blocks/static/css/footer-11-00.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Wed, 27 Jan 2021 08:44:05 GMT
server: cloudflare
cache-status: MISS
etag: W/"601127d5-f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: no-cache, must-revalidate
cf-ray: 6280136628722488-FRA
cf-request-id: 0883ea73dc000024884d190000000001

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 45E7 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.marathonbet.co.uk
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 09:18:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:47 GMT
server: sffe
age: 78584
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10996
x-xss-protection: 0
expires: Sat, 26 Feb 2022 09:18:54 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 45E7 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.marathonbet.co.uk
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 07:56:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:42 GMT
server: sffe
age: 83504
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10968
x-xss-protection: 0
expires: Sat, 26 Feb 2022 07:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 45E7 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.marathonbet.co.uk
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 96179
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:39 GMT

GET
H3-Q050 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 45E7 11 KB
11 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.marathonbet.co.uk
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 15:31:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:35 GMT
server: sffe
age: 488258
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11052
x-xss-protection: 0
expires: Mon, 21 Feb 2022 15:31:00 GMT

GET
H2 204 0
bat.bing.com/action/ Frame E5B6 0
149 B 39ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5118086&Ver=2&mid=5b10d88f-4c25-460f-a5b9-e53974c07965&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Search%20Engine%20Submission&kw=free%20search%20engine%20submission,%20google%20submission,%20submit%20url,%20url%20submission&p=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&r=&lt=1527&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=756194
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 27 Feb 2021 07:08:38 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: A34EF31C869F4EEF9DA79BA52DAFD2DE Ref B: FRAEDGE1307 Ref C: 2021-02-27T07:08:38Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
vars.hotjar.com/ Frame E305 2 KB
1 KB 1368ms
32ms Document
text/html 13.224.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1397873.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-104.fra2.r.cloudfront.net
Software: /
Resource Hash: 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.picpay.com/convite?G9DK9C
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.picpay.com/convite?G9DK9C

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: BRsTs_hv1OzM77cScseNC2CF4YEjrq1A7txR9wwdU7w93CBo95lC_A==
age: 8258857

GET
H2 204 0
bat.bing.com/action/ Frame 15A2 0
93 B 51ms
51ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5118086&Ver=2&mid=cb00538f-1b69-47a1-9468-9f6fd02d285a&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Search%20Engine%20Submission&kw=free%20search%20engine%20submission,%20google%20submission,%20submit%20url,%20url%20submission&p=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&r=&lt=1573&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=879989
Requested by: Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 27 Feb 2021 07:08:38 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 253EB95144D5447CB3F3DBFB274D651A Ref B: FRAEDGE1307 Ref C: 2021-02-27T07:08:38Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 173199046367883 Show response
connect.facebook.net/signals/config/ Frame CF1F 241 KB
69 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/173199046367883?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40ec7baa953be90c457cb87ec4d73885b92033564ae375a971924eb5a808e70d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: TndiJ6XMbuoK6w9Kqxm5IhZ7D0uqj6X4NtWsC1vGzZpLHqZ7yntpqd6BtsHgMPM3KcWDEDSlTWK51jhsKdwZ/w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 27 Feb 2021 07:08:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame CF1F 44 B
408 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=537191696950466&ev=PageView&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&if=true&ts=1614409718821&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614409718591&coo=false&rqm=GET

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 27 Feb 2021 07:08:38 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 45E7 331 KB
332 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onScriptLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.marathonbet.co.uk
Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:45:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 03:04:57 GMT
server: sffe
age: 1413
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339250
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:45:05 GMT

GET
H3-Q050

200

activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26a... Show response
8522863.fls.doubleclick.net/ Frame 90BC
Redirect Chain

https://8522863.fls.doubleclick.net/activityi;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%2...
https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%...

530 B
1013 B

121ms
70ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSGGT2L

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

1841f5e66d0bdd2899a245be7979d5bbf5e6a4b4fd7ea58743fd7329fdef3b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8522863.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Feb 2021 07:08:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 412
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 27-Feb-2021 07:23:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Feb 2021 07:08:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amplitude-5.8.0-min.gz.js Show response
cdn.amplitude.com/libs/ Frame 45E7 57 KB
19 KB 1381ms
40ms Script
application/javascript 13.224.194.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.8.0-min.gz.js
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-62.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54234dbc5f94f0c00e43abfab5b835783474b7259ab5ba5ba4024e0ef212e181

Request headers

Origin: https://www.marathonbet.co.uk
Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 04:10:42 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 5885879
x-cache: Hit from cloudfront
content-length: 18497
access-control-allow-origin: *
last-modified: Fri, 06 Dec 2019 21:57:52 GMT
server: AmazonS3
etag: "208999c2bfaa80353f3f37c256fd3a3d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: JayGW0K7hcKEk8hUb5nZ1QRH3tobN7O9
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 1oZWxxsLTDx1pEkBOpW19vfvAycqL_EhSY4Ij-aQPe6dRALgzokS-Q==

GET
H/1.1 200
OK divolte.js Show response
web-analytics0.com/ Frame 45E7 9 KB
4 KB 1395ms
41ms Script
application/javascript 88.150.147.252
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://web-analytics0.com/divolte.js
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.150.147.252 Bradford, United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5bddaf4345c25f095b25c6346e271d6e6874d8c2abd9da72f321503bd6160ee8

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:40 GMT
Content-Encoding: gzip
ETag: "gz+W92vQ0XCXwlbJcY0bicdbmh02MKr2dpy8yFQO9YWDug="
Server: nginx
Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 4109
Expires: Sat, 27 Feb 2021 08:08:40 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 45E7 122 KB
43 KB 133ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3eee3b037e3951c286d8baa2d4e436090bc58602786f73803d6901effe2875ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:39 GMT
content-encoding: br
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "60310dc3-a99f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 43423
expires: Sat, 27 Feb 2021 08:08:39 GMT

GET
H2

200

/
cx.atdmt.com/ Frame CF1F
Redirect Chain

https://www.facebook.com/tr/?id=173199046367883&ev=PageView&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&...
https://cx.atdmt.com/?c=4528061348418889873&f=AYzhYLFOrl186_611gNhmu8eVL6LYMfCaKqyr4CnvKC3miJy20JJHHe1wwZQxJ07c2hJuhAAE_Im12ZBJXM-ycSq&id=173199046367883&l=3&v=0

43 B
651 B

45ms
32ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=4528061348418889873&f=AYzhYLFOrl186_611gNhmu8eVL6LYMfCaKqyr4CnvKC3miJy20JJHHe1wwZQxJ07c2hJuhAAE_Im12ZBJXM-ycSq&id=173199046367883&l=3&v=0

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: 3jT6hrsN2IrbhFZHT8dfW+MVeLkRA0JMCYwkMD/QwPxxuSLmLAZekqUgTn+XsvetyXkCPN1+SLVw8YzguYTnhA==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 26 Feb 2021 23:08:38 PST
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
expires: Fri, 26 Feb 2021 23:08:38 PST

Redirect headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:38 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=4528061348418889873&f=AYzhYLFOrl186_611gNhmu8eVL6LYMfCaKqyr4CnvKC3miJy20JJHHe1wwZQxJ07c2hJuhAAE_Im12ZBJXM-ycSq&id=173199046367883&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/28361181/ Frame 45E7
Redirect Chain

https://mc.yandex.ru/watch/28361181?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-mo...
https://mc.yandex.ru/watch/28361181/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-...

167 B
249 B

44ms
44ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/28361181/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A303688808186%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A916855014%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a6adcd09f9bb22a3320b63f1a4da02e9c4ade2498488f197b308323373c2e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:39 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Feb-2021 07:08:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.marathonbet.co.uk
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 27-Feb-2021 07:08:39 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:39 GMT
last-modified: Sat, 27-Feb-2021 07:08:39 GMT
location: /watch/28361181/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A303688808186%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A916855014%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.marathonbet.co.uk
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 27-Feb-2021 07:08:39 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/21139201/ Frame 45E7
Redirect Chain

https://mc.yandex.ru/watch/21139201?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-mo...
https://mc.yandex.ru/watch/21139201/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-...

167 B
198 B

47ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/21139201/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A1497298881667%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A1018225097%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6553cabbaa824a89a0f697489afdb9df53fd7c905bf0d375cd72744b13004933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:39 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Feb-2021 07:08:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.marathonbet.co.uk
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 27-Feb-2021 07:08:39 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:39 GMT
last-modified: Sat, 27-Feb-2021 07:08:39 GMT
location: /watch/21139201/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A1497298881667%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A1018225097%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.marathonbet.co.uk
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 27-Feb-2021 07:08:39 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/45714030/ Frame 45E7
Redirect Chain

https://mc.yandex.ru/watch/45714030?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-mo...
https://mc.yandex.ru/watch/45714030/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-...

186 B
221 B

44ms
44ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/45714030/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A1595709577030%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A892871772%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

061a8d44210c7c20d445333504e226b1e10beb4cbd8e8fc7e3bde50f36991bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:39 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Feb-2021 07:08:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.marathonbet.co.uk
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Sat, 27-Feb-2021 07:08:39 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:39 GMT
last-modified: Sat, 27-Feb-2021 07:08:39 GMT
location: /watch/45714030/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A1595709577030%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A892871772%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.marathonbet.co.uk
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 27-Feb-2021 07:08:39 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 45E7 43 B
244 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:39 GMT
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "60310dc3-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 27 Feb 2021 08:08:39 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame CF1F 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=537191696950466&ev=Microdata&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&if=true&ts=1614409719324&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Envie%20e%20receba%20dinheiro%20pelo%20PicPay%20%20%22%2C%22meta%3Adescription%22%3A%22Crie%20sua%20conta%20com%20meu%20c%C3%B3digo%20e%20ganhe%20de%20volta%20os%20R%2410%20que%20gastar.%22%2C%22meta%3Akeywords%22%3A%22pagamento%20mobile%2C%20pagamento%20smartphone%2C%20smartphone%2C%20mobile%20payment%2C%20pagamento%20via%20celular%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Envie%20e%20receba%20dinheiro%20pelo%20PicPay%22%2C%22og%3Adescription%22%3A%22Crie%20sua%20conta%20com%20meu%20c%C3%B3digo%20e%20ganhe%20de%20volta%20os%20R%2410%20que%20gastar.%22%2C%22og%3Aimage%22%3A%22%2Fstatic%2Fimages%2Fp2p-og-image.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614409718591&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 27 Feb 2021 07:08:39 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame CF1F 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173199046367883&ev=Microdata&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&if=true&ts=1614409719457&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Envie%20e%20receba%20dinheiro%20pelo%20PicPay%20%20%22%2C%22meta%3Adescription%22%3A%22Crie%20sua%20conta%20com%20meu%20c%C3%B3digo%20e%20ganhe%20de%20volta%20os%20R%2410%20que%20gastar.%22%2C%22meta%3Akeywords%22%3A%22pagamento%20mobile%2C%20pagamento%20smartphone%2C%20smartphone%2C%20mobile%20payment%2C%20pagamento%20via%20celular%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Envie%20e%20receba%20dinheiro%20pelo%20PicPay%22%2C%22og%3Adescription%22%3A%22Crie%20sua%20conta%20com%20meu%20c%C3%B3digo%20e%20ganhe%20de%20volta%20os%20R%2410%20que%20gastar.%22%2C%22og%3Aimage%22%3A%22%2Fstatic%2Fimages%2Fp2p-og-image.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614409718591&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 27 Feb 2021 07:08:39 GMT

GET
H2 200 dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D726... Show response
adservice.google.com/ddm/fls/i/ Frame 31E3 529 B
628 B 41ms
41ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312

Requested by

Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e1706c85a166c1e2e0db3acf9a850d46f3f32e3744c07002d4eda2b8cb078f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Feb 2021 07:08:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 411
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D726... Show response
8522863.fls.doubleclick.net/ddm/fls/r/ Frame 89BE
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcom...
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%...

2 KB
1 KB

59ms
59ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

aeddf724c04fc63f51a85069b6ad5db87a68a92348e304942b587de9d9c845ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8522863.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Feb 2021 07:08:40 GMT
expires: Sat, 27 Feb 2021 07:08:40 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 27-Feb-2021 07:23:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Feb 2021 07:08:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 89BE 98 KB
39 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-986535033

Requested by

Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d58b6bfed13181253c29252ef30a9ca8190e5c5ff8901aea0f2f7820a98e98c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39437
x-xss-protection: 0
last-modified: Sat, 27 Feb 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Feb 2021 07:08:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 89BE 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: LO1xTAnvz8tAkwkrUOCk4H+O+eINhnD/T+aUplHZcy7CHtAHyeWIE1WEaLDYfRhwQEFQG5WTgH+Cg08AF/BjlQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 27 Feb 2021 07:08:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 admtracker.lib.min.js Show response
pj.l.a8723.com/ Frame 89BE 5 KB
2 KB 110ms
32ms Script
application/javascript 13.224.195.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pj.l.a8723.com/admtracker.lib.min.js
Requested by: Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-10.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:01:57 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 14:10:14 GMT
server: AmazonS3
age: 404
etag: W/"5a420213029638ecea775a40089898aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: public,max-age=900
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: buyOsPEHVdTzmDw_M0lmuCJMKBbkUX_0qev_3eqHZbfOJ_IwGB8_yQ==

GET
H2 200 789511627817132 Show response
connect.facebook.net/signals/config/ Frame 89BE 241 KB
70 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/789511627817132?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ebe297e3c1ec1106923efa62ef7c9f76cf6b8c37019512eaa0ae360769686ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70815
x-fb-rlafr: 0
pragma: public
x-fb-debug: LRPI1RGqX7q8XqgSjDDefGyEcES7ZMOUI+pPQ/w02N0PMPs2ACIYEKGBBzEJlE4RCYdl3qTu3PrNADf2kxKa/w==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 27 Feb 2021 07:08:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 89BE 31 KB
12 KB 123ms
50ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-986535033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12348
x-xss-protection: 0
server: cafe
etag: 7672817363517198860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 07:08:40 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 89BE 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=789511627817132&ev=PageView&dl=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&rl=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&if=true&ts=1614409720650&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614409720611&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 27 Feb 2021 07:08:40 GMT

GET
H2 200 error
connect.facebook.net//log/ Frame 89BE 0
0 35ms
34ms Image
text/html 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.33&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20C%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F789511627817132%3Fv%3D2.9.33%26r%3Dstable%3A25%3A5431)%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F789511627817132%3Fv%3D2.9.33%26r%3Dstable%3A25%3A5786)%0A%20%20%20%20at%20H%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F789511627817132%3Fv%3D2.9.33%26r%3Dstable%3A25%3A6228)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F789511627817132%3Fv%3D2.9.33%26r%3Dstable%3A25%3A6905)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A65139)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9349)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9985)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A8768)&ue=0&rs=stable&rqm=FGET
Requested by: Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ Frame 89BE 44 B
212 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=789511627817132&ev=CompleteRegistration&dl=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&rl=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&if=true&ts=1614409720656&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614409720611&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 27 Feb 2021 07:08:40 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/855209381/ Frame CF1F 2 KB
1 KB 74ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855209381/?random=1614409720770&cv=9&fst=1614409720770&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a44948b4c6d4dcc30672bce5197c1190d911a0ba8465bf1cc0d431f3d11456ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/855209381/ Frame CF1F 2 KB
1 KB 73ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855209381/?random=1614409720772&cv=9&fst=1614409720772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd69550e2e182092a182d5c5b8dc86563bba25f4f93d18fec75773f1d835b6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986535033/ Frame 89BE 3 KB
2 KB 71ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986535033/?random=1614409720773&cv=9&fst=1614409720773&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

588b1b5e35bf5ff5c59654ddfc9e5f923b7c038d1d9ddeb1e153bccc884e25f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1214
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/986535033/ Frame 89BE 2 KB
2 KB 98ms
58ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/986535033/?random=1614409720774&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3046f5dfe01b98c22d6030e982161c03c4ef4bf0468dc804ba3b8f76be7daf24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/855209381/ Frame CF1F 42 B
321 B 21ms
20ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/855209381/?random=1614409720770&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&async=1&fmt=3&is_vtc=1&random=2302237353&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/855209381/ Frame CF1F 42 B
552 B 43ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/855209381/?random=1614409720770&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&async=1&fmt=3&is_vtc=1&random=2302237353&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/986535033/ Frame 89BE 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986535033/?random=1614409720773&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&async=1&fmt=3&is_vtc=1&random=3099588750&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/986535033/ Frame 89BE 42 B
108 B 46ms
23ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/986535033/?random=1614409720773&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&async=1&fmt=3&is_vtc=1&random=3099588750&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/855209381/ Frame CF1F 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/855209381/?random=1614409720772&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&async=1&fmt=3&is_vtc=1&random=3109552176&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/855209381/ Frame CF1F 42 B
108 B 42ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/855209381/?random=1614409720772&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&async=1&fmt=3&is_vtc=1&random=3109552176&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/986535033/ Frame 89BE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
530 B

48ms
35ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&cid=CAQSKQCNIrLMe1CJ75XW7xYbAc69NGhL4wZfH7K7qOhNgkNmnurWSTlz2eab&random=708676933&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&cid=CAQSKQCNIrLMe1CJ75XW7xYbAc69NGhL4wZfH7K7qOhNgkNmnurWSTlz2eab&random=708676933&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 45E7 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSGGT2L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4884
date: Sat, 27 Feb 2021 05:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 27 Feb 2021 07:47:17 GMT

GET
H/1.1 200
OK csc-event
web-analytics0.com/ Frame 45E7 37 B
333 B 43ms
42ms Image
image/gif 88.150.147.252
IOMART-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-analytics0.com/csc-event?p=0%3Aklndv4kc%3AGQzjkcVQ0FjS02qg48OYGvihEis_YKu9&s=0%3Aklndv4kc%3Al5EUUoBhVMyGRA2lqniuHwFOS_vtiEXx&v=0%3Acgpfj5pghViwNs1NC5s_JNMsV2rklw_g&e=0%3Acgpfj5pghViwNs1NC5s_JNMsV2rklw_g0&c=klndv55p&n=t&f=t&l=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&r=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&i=18g&j=xc&k=1&w=1&h=1&t=pageView&u=(sprojectId!LANDINGS!ssub_projectId!ALDERNEY!sloginId!undefined!sreport!true!spage_hostname!www.marathonbet.co.uk!spage_path!%2Flandings%2Fwelcome!stime_start!1614409718728!stime_load!1614409721051!stime_server!undefined!sreferer_landing!undefined!spref!undefined!scurrencySymbol!undefined!slocaleLanguage!undefined!slocale_name!undefined!soddsType!undefined!ssiteStyle!undefined!sdivolte_test_mode!false!sappBuildNumber!undefined!sappVersion!undefined!sdeviceBrand!undefined!sdeviceModelName!undefined!sdeviceName!undefined!sdeviceOs!undefined!sdeviceOsVersion!undefined!sfingerprint!undefined!stiming!%7B%22navigationStart%22%3A1614409716993%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1614409717214%2C%22domainLookupStart%22%3A1614409717215%2C%22domainLookupEnd%22%3A1614409717216%2C%22connectStart%22%3A1614409717216%2C%22connectEnd%22%3A1614409717230%2C%22secureConnectionStart%22%3A1614409717221%2C%22requestStart%22%3A1614409717231%2C%22responseStart%22%3A1614409717498%2C%22responseEnd%22%3A1614409717498%2C%22domLoading%22%3A1614409717514%2C%22domInteractive%22%3A1614409718915%2C%22domContentLoadedEventStart%22%3A1614409718915%2C%22domContentLoadedEventEnd%22%3A1614409718927%2C%22domComplete%22%3A1614409721036%2C%22loadEventStart%22%3A1614409721036%2C%22loadEventEnd%22%3A1614409721037%2C%22firstPaint%22%3A0%2C%22loadTime%22%3A3823%2C%22domReadyTime%22%3A2121%2C%22readyStart%22%3A221%2C%22redirectTime%22%3A0%2C%22appcacheTime%22%3A1%2C%22unloadEventTime%22%3A0%2C%22lookupDomainTime%22%3A1%2C%22connectTime%22%3A14%2C%22requestTime%22%3A267%2C%22initDomTreeTime%22%3A1417%2C%22loadEventTime%22%3A1%7D!sloadTime!3823!)&x=u8x30p
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.150.147.252 Bradford, United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 07:08:41 GMT
Server: nginx
ETag: "6b3edc43-20ec-4078-bc47-e965dd76b88a"
Content-Type: image/gif
Cache-Control: private, no-cache, proxy-revalidate
Connection: keep-alive
Content-Length: 37
Expires: Fri, 14 Apr 1995 11:30:00 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame CF1F 36 KB
12 KB 43ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=72397
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:41 GMT
content-encoding: gzip
last-modified: Mon, 14 Sep 2020 13:03:43 GMT
server: nginx
etag: W/"5f5f6a2f-90a2"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 28 Feb 2021 07:08:41 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C52C 0
150 B 45ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=traffic-monetizer.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=traffic-monetizer.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.picpay.com/convite?G9DK9C
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.picpay.com/convite?G9DK9C

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1756
date: Sat, 27 Feb 2021 07:08:40 GMT
content-length: 0

GET
H/1.1 200
OK jsonp.js Show response
www.adplugg.com/apusers/autoins/A48219153/js/1.0/ Frame 15A2 49 B
409 B 200ms
200ms Script
application/javascript 54.203.166.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adplugg.com/apusers/autoins/A48219153/js/1.0/jsonp.js?hn=www.entireweb.com&bu=%2Ffree_submission%2F%3Fa%3Dwalawala
Requested by: Host: www.adplugg.com
URL: https://www.adplugg.com/serve/A48219153/js/1.1/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.166.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 6d2d9912610844ca937ac8fbcf67b04c53f085675d37ac833a62d12bddd2b7b1

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:41 GMT
Via: 1.1 varnish-v4
Server: nginx/1.15.5
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-cache
X-Varnish: 87118023
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 67
Expires: Sat, 1 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK jsonp.js Show response
www.adplugg.com/apusers/autoins/A48219153/js/1.0/ Frame E5B6 49 B
433 B 191ms
191ms Script
application/javascript 54.203.166.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adplugg.com/apusers/autoins/A48219153/js/1.0/jsonp.js?hn=www.entireweb.com&bu=%2Ffree_submission%2F%3Fa%3Dwalawala
Requested by: Host: www.adplugg.com
URL: https://www.adplugg.com/serve/A48219153/js/1.1/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.166.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.15.5 /
Resource Hash: 6d2d9912610844ca937ac8fbcf67b04c53f085675d37ac833a62d12bddd2b7b1

Request headers

Referer: https://www.entireweb.com/free_submission/?a=walawala
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:41 GMT
Via: 1.1 varnish-v4
Server: nginx/1.15.5
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript;charset=UTF-8
Cache-Control: no-cache
transfer-encoding: chunked
X-Varnish: 89719500
Connection: keep-alive
Content-Encoding: gzip
Expires: Sat, 1 Jan 2000 00:00:00 GMT

GET
H3-Q050

200

ga.js Show response
www.google-analytics.com/ Frame 0C98
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 92
date: Sat, 27 Feb 2021 07:07:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 27 Feb 2021 09:07:09 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

background.jpg
static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/storage/sba/background.jpg
http://static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/background.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

371 B
933 B

287ms
269ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/background.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 7ffa48348dd0725b440c54a32288b4d24ad7f480d1c84b1a61723e31aa015faf

Request headers

Referer: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:42 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 75893
X-Cache: HIT, MISS
X-Contextid: 48SiXvA7/PcTiQkdc
Connection: keep-alive
Content-Length: 371
X-Served-By: cache-dfw18621-DFW, cache-fra19145-FRA
Last-Modified: Thu, 03 Jun 2010 20:05:18 GMT
Server: Squarespace
X-Timer: S1614409722.050209,VS0,VE228
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/background.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: LbTWBmI7/Z8uupdd9
Server: Squarespace
Content-Length: 0
Content-Type: image/jpeg;charset=UTF-8

GET
H/1.1

200
OK

VBM.bluecrimson.jpg
static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/storage/VBM.bluecrimson.jpg?__SQUARESPACE_CACHEVERSION=1610029688812
http://static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/VBM.bluecrimson.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

45 KB
46 KB

312ms
294ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/VBM.bluecrimson.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 10dc6500d19c91233e31b0cac4a2de57adc7da32a76e23f4c046131d2713d2e7

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:42 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 57245
X-Cache: HIT, MISS
X-Contextid: 8xWPkYlO/HmmU8y9Z
Connection: keep-alive
Content-Length: 46304
X-Served-By: cache-dfw18636-DFW, cache-fra19162-FRA
Last-Modified: Thu, 14 Jul 2011 14:16:48 GMT
Server: Squarespace
X-Timer: S1614409722.032294,VS0,VE253
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/VBM.bluecrimson.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: cRXylrsX/MpBlkmST
Server: Squarespace
Content-Length: 0
Content-Type: image/jpeg;charset=UTF-8

GET
H/1.1

200
OK

Vermont+Awards+2018+Logo.jpg
static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/storage/Vermont%20Awards%202018%20Logo.jpg?__SQUARESPACE_CACHEVERSION=1523031326156
http://static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/Vermont+Awards+2018+Logo.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

299 KB
299 KB

514ms
514ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/Vermont+Awards+2018+Logo.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 31d94232adf4795cbc3d5f85ce2a864b4d2b7049965c5065a2d98c9f1b652aa0

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:42 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 45857
X-Cache: HIT, MISS
X-Contextid: FSr0yYAF/kOyT4yRe
Connection: keep-alive
Content-Length: 305916
X-Served-By: cache-dfw18626-DFW, cache-fra19125-FRA
Last-Modified: Fri, 06 Apr 2018 16:15:10 GMT
Server: Squarespace
X-Timer: S1614409722.975688,VS0,VE484
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/Vermont+Awards+2018+Logo.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: hebycWzT/HyYg7upP
Server: Squarespace
Content-Length: 0
Content-Type: image/jpeg;charset=UTF-8

GET
H/1.1

200
OK

Third+Generation+Design-Black+type+no+shadow-Logo.png
static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/storage/Third%20Generation%20Design-Black%20type%20no%20shadow-Logo.png?__SQUARESPACE_CACHEVERSION=1554135287506
http://static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/Third+Generation+Design-Black+type+no+shadow-Logo.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

6 MB
6 MB

1681ms
1664ms

Image
image/png

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/Third+Generation+Design-Black+type+no+shadow-Logo.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: e3ecbd46b869e710dd55f5aeabcccea2b6c11f0b762e1facd3bf8f451697ea37

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:43 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 45522
X-Cache: HIT, MISS
X-Contextid: uOqgOUTC/7E6Fhbyc
Connection: keep-alive
Content-Length: 6345234
X-Served-By: cache-dfw18637-DFW, cache-fra19171-FRA
Last-Modified: Tue, 19 Apr 2016 17:18:19 GMT
Server: Squarespace
X-Timer: S1614409722.005552,VS0,VE1622
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/Third+Generation+Design-Black+type+no+shadow-Logo.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: pu9ePXLP/IShKRBHf
Server: Squarespace
Content-Length: 0
Content-Type: image/png;charset=UTF-8

GET
H/1.1

200
OK

BOB+Logo-Color-FINAL.png
static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/storage/BOB%20Logo-Color-FINAL.png?__SQUARESPACE_CACHEVERSION=1554410075916
http://static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/BOB+Logo-Color-FINAL.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

300 KB
301 KB

542ms
524ms

Image
image/png

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/BOB+Logo-Color-FINAL.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 56113ab7f7e0d98b25a2768f146d13e82ebfbcb90579d0dca2223c14aaa60547

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:42 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 60543
X-Cache: HIT, MISS
X-Contextid: dfro4PPn/BtOUpCWe
Connection: keep-alive
Content-Length: 307694
X-Served-By: cache-dfw18648-DFW, cache-fra19162-FRA
Last-Modified: Thu, 04 Apr 2019 20:34:27 GMT
Server: Squarespace
X-Timer: S1614409722.006182,VS0,VE483
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/BOB+Logo-Color-FINAL.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: ujHGZBYw/zslo0vSw
Server: Squarespace
Content-Length: 0
Content-Type: image/png;charset=UTF-8

GET
H/1.1 200
OK folder-expand.png
vermontbiz.squarespace.com/universal/images/core-resources/icons/dark/ Frame 0C98 4 KB
4 KB 116ms
116ms Image
image/png 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vermontbiz.squarespace.com/universal/images/core-resources/icons/dark/folder-expand.png
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: cbb9d4200fd7355d626dc2b4015bf5b6548bd69b864f69d06c85d7bae3b61837

Request headers

Referer: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:41 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=14400
Etag: W/"3632-1614363396000"
Content-Type: image/png
X-Contextid: DzTXDahq/ktFEMLHd
Accept-Ranges: bytes
Content-Length: 3632

GET
H2 200 TDVUpLMqjoI Show response
www.youtube.com/embed/ Frame 990C 51 KB
22 KB 85ms
66ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TDVUpLMqjoI

Requested by

Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed4a22fa5fa6e72b0a340a1fc47e89cee4075ea35c049ca5c4a376a6efed0b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/TDVUpLMqjoI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://vermontbiz.squarespace.com/2019-bob-winners/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://vermontbiz.squarespace.com/2019-bob-winners/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 27 Feb 2021 07:08:41 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Z5TGyCz7Zog; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=v1mhBfwPKG4; Domain=.youtube.com; Expires=Thu, 26-Aug-2021 07:08:41 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+148; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK GetSlideshow Show response
vermontbiz.squarespace.com/display/ Frame 0C98 56 KB
57 KB 246ms
179ms XHR
text/html 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/display/GetSlideshow?configId=5e0fb1f7bf03a69b267c79f6&filterActive=true
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/universal/yui/connection/connection_core-min.js?CE=75
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 6b7470762b1b505b6115adafe23c23ead5a2fac211c9d9b384028e754d2aff3e

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: DzTXDahq/dxsemdCY
Server: Squarespace
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK folder-contract.png
vermontbiz.squarespace.com/universal/images/core-resources/icons/dark/ Frame 0C98 4 KB
4 KB 115ms
114ms Image
image/png 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vermontbiz.squarespace.com/universal/images/core-resources/icons/dark/folder-contract.png
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 393696c3f40cea157859e274083672a4d5468536f156d282724b0d5c110c3e61

Request headers

Referer: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:41 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=14400
Etag: W/"3627-1614363396000"
Content-Type: image/png
X-Contextid: DzTXDahq/xxbbsmmK
Accept-Ranges: bytes
Content-Length: 3627

GET
H/1.1 200
OK RecordHit Show response
vermontbiz.squarespace.com/process/ Frame 0C98 5 B
605 B 177ms
147ms XHR
text/html 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: http://vermontbiz.squarespace.com/process/RecordHit?url=%2F2019-bob-winners%2F&title=Vermont%20Business%20Magazine%20-%202019%20BOB%20Winners&viewportInnerHeight=1&viewportInnerWidth=1&screenHeight=1200&screenWidth=1600&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&referrer=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&pixelRatio=1&event=View
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/universal/yui/connection/connection_core-min.js?CE=75
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 88561e211e862344bd3cc71c03f8ab25d8a79b9bdbaa1e083af7e0603f30f689

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: hebycWzT/x53GiXhC
Server: Squarespace
Content-Length: 5
Content-Type: text/html;charset=UTF-8

GET
H2 200 l
use.typekit.com/af/f6d549/00000000000000000000e7fe/27/ Frame 0C98 14 KB
14 KB 34ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.com/af/f6d549/00000000000000000000e7fe/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: aa176a8bd17c4fc51d9bd94d49d35a1b7faedf2093b0ff8bf3d53ad7bfc1fc7a

Request headers

Origin: http://vermontbiz.squarespace.com
Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:41 GMT
server: nginx
etag: "8eedbe65e55a09b665fc2ac71105002b1b779413"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 14348

GET
H2 200 l
use.typekit.com/af/e48613/00000000000000000000ec0b/27/ Frame 0C98 14 KB
15 KB 39ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.com/af/e48613/00000000000000000000ec0b/27/l?subset_id=2&fvd=n8&v=3
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1f1ac05dd6e98d339d2e7804a3e2115d088224f41d3053856131ecf1ceb6967b

Request headers

Origin: http://vermontbiz.squarespace.com
Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:41 GMT
server: nginx
etag: "5709ee773a99344a9017cbfd7d88d6392d76ba62"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 14844

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4fe52f49/ Frame 990C 340 KB
51 KB 35ms
22ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 138164
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52149
x-xss-protection: 0
expires: Fri, 25 Feb 2022 16:45:58 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/ Frame 990C 157 KB
57 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 02:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 17198
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58416
x-xss-protection: 0
expires: Sun, 27 Feb 2022 02:22:04 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 990C 2 MB
502 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 138018
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 513497
x-xss-protection: 0
expires: Fri, 25 Feb 2022 16:48:23 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/ Frame 990C 8 KB
3 KB 42ms
29ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 05:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 7398
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Sun, 27 Feb 2022 05:05:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 990C 10 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 96183
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:38 GMT

GET
H2 200 p.gif
p.typekit.net/ Frame 0C98 35 B
182 B 23ms
7ms Image
image/gif 2a02:26f0:6c00:285::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=cpk5jjj&ht=tk&h=vermontbiz.squarespace.com&f=2005.2036&a=178424&js=1.20.0&app=typekit&e=js&_=1614409721978
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:285::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:41 GMT
last-modified: Wed, 02 Sep 2020 00:55:11 GMT
server: nginx
etag: "5f4eed6f-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 990C 113 B
308 B 39ms
39ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e0ab3ae4b15a7d8157a8d01ff8a73b0a7dcf90a49e30d10f33c7218f42fccea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 990C 29 B
407 B 25ms
5ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 705
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sat, 27 Feb 2021 07:11:57 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 990C 96 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 137863
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32547
x-xss-protection: 0
expires: Fri, 25 Feb 2022 16:50:59 GMT

GET
H3-Q050 200 xyig1h48Wfhb-WSTbhZIN9qGmA_8ATQnSYNalvpEyzo.js Show response
www.google.com/js/th/ Frame 990C 33 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/xyig1h48Wfhb-WSTbhZIN9qGmA_8ATQnSYNalvpEyzo.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c728a0d61e3c59f85bf964936e164837da86980ffc01342749835a96fa44cb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 08:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 428098
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14208
x-xss-protection: 0
expires: Tue, 22 Feb 2022 08:13:44 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 990C 29 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 138017
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9681
x-xss-protection: 0
expires: Fri, 25 Feb 2022 16:48:25 GMT

GET
H/1.1

200
OK

vbm+bob+awards_050719_0397.jpg
static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0397.jpg?pictureId=21858487
http://static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/vbm+bob+awards_050719_0397.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

329 KB
329 KB

520ms
519ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/vbm+bob+awards_050719_0397.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 97d948a989c3928a8830e77fd363f0f264f546d414d73d973fb58e7fd68f04a3

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:42 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1796
X-Cache: HIT, MISS
X-Contextid: VbFAjkAz/nQEZwcgf
Connection: keep-alive
Content-Length: 336448
X-Served-By: cache-dfw18651-DFW, cache-fra19162-FRA
Last-Modified: Tue, 14 May 2019 14:32:06 GMT
Server: Squarespace
X-Timer: S1614409722.468470,VS0,VE490
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/vbm+bob+awards_050719_0397.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: DzTXDahq/gJ3JZHL5
Server: Squarespace
Content-Length: 0

GET
H/1.1

200
OK

vbm+bob+awards_050719_0083.jpg
static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0083.jpg?pictureId=21858387
http://static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/vbm+bob+awards_050719_0083.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

337 KB
337 KB

525ms
524ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/vbm+bob+awards_050719_0083.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 3b764225c6794206505b8ab236d26404cd9f8545255afe31fd71802256c37410

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:42 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 129524
X-Cache: HIT, MISS
X-Contextid: FL76uatz/JEwMFK2S
Connection: keep-alive
Content-Length: 344825
X-Served-By: cache-dfw18647-DFW, cache-fra19145-FRA
Last-Modified: Tue, 14 May 2019 14:25:22 GMT
Server: Squarespace
X-Timer: S1614409722.469653,VS0,VE495
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/vbm+bob+awards_050719_0083.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:42 GMT
X-Contextid: hebycWzT/52jqnz0R
Server: Squarespace
Content-Length: 0

GET
H/1.1

200
OK

vbm+bob+awards_050719_0095.jpg
static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0095.jpg?pictureId=21858388
http://static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/vbm+bob+awards_050719_0095.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

263 KB
263 KB

504ms
504ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/vbm+bob+awards_050719_0095.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: d9a126d7c679187a220b743352760c8104ce3a9c412490c99767d4734fe8cbb0

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:43 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 140478
X-Cache: HIT, MISS
X-Contextid: 8g4jvDHK/V8kPYP3f
Connection: keep-alive
Content-Length: 269172
X-Served-By: cache-dfw18623-DFW, cache-fra19125-FRA
Last-Modified: Tue, 14 May 2019 14:25:23 GMT
Server: Squarespace
X-Timer: S1614409723.596065,VS0,VE474
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/vbm+bob+awards_050719_0095.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid: LbTWBmI7/pkfL6sXp
Server: Squarespace
Content-Length: 0

GET
H/1.1 200
OK previous-button.png
vermontbiz.squarespace.com/universal/images/slideshow/ Frame 0C98 1 KB
2 KB 173ms
173ms Image
image/png 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vermontbiz.squarespace.com/universal/images/slideshow/previous-button.png
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 9a6117df8db18e0f332dac159a456d654a59494d8f670befc70fa06e61bf4f8c

Request headers

Referer: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:41 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=14400
Etag: W/"1457-1614363396000"
Content-Type: image/png
X-Contextid: hebycWzT/IMqb8KQK
Accept-Ranges: bytes
Content-Length: 1457

GET
H/1.1 200
OK next-button.png
vermontbiz.squarespace.com/universal/images/slideshow/ Frame 0C98 1 KB
2 KB 216ms
216ms Image
image/png 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vermontbiz.squarespace.com/universal/images/slideshow/next-button.png
Requested by: Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: d7bf8a434f62b76439d0e6d681868c6d1d7e00d6f0a011a564e67b779105834b

Request headers

Referer: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:41 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=14400
Etag: W/"1457-1614363396000"
Content-Type: image/png
X-Contextid: LbTWBmI7/n5JkbR3N
Accept-Ranges: bytes
Content-Length: 1457

GET
DATA 200
OK truncated
/ Frame 990C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnho2hzPmZva6K2NonYZH22r-lDzCqzvvNQIxw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 990C 1 KB
2 KB 39ms
19ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnho2hzPmZva6K2NonYZH22r-lDzCqzvvNQIxw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7c210dc98f7ab51ed91389d823e0f7f86b3dda9d282b0d8200634b0dfadd037c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:42 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1405
x-xss-protection: 0
expires: Sun, 28 Feb 2021 07:08:42 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/TDVUpLMqjoI/ Frame 990C 55 KB
55 KB 74ms
54ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/TDVUpLMqjoI/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42fd17a199026f5bfe906cadb39e5df6468b1132ff68e982dc9ed180f5a05cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:42 GMT
x-content-type-options: nosniff
server: sffe
etag: "1583942494"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56228
x-xss-protection: 0
expires: Sat, 27 Feb 2021 09:08:42 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 89BE 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=789511627817132&ev=Microdata&dl=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&rl=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&if=true&ts=1614409722232&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614409720611&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 27 Feb 2021 07:08:42 GMT

GET
H2 200 nr-1198.min.js Show response
js-agent.newrelic.com/ Frame CF1F 27 KB
11 KB 93ms
32ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1198.min.js
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:42 GMT
content-encoding: gzip
x-amz-request-id: 8FBF058EA70ADB98
x-cache: HIT
content-length: 10682
x-amz-id-2: dCyln7OIf+i76Bn+clBUl8tM3pNPIGXfyNRvPHz5ZLwhdSBkIMjzducUvcecQ4BFCTB8K4VSAVo=
x-served-by: cache-fra19163-FRA
last-modified: Fri, 29 Jan 2021 19:19:08 GMT
server: AmazonS3
x-timer: S1614409722.310801,VS0,VE0
etag: "59c98195ba35e0b45cbe2e5beebd1ac8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11878

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 990C 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Sat, 27 Feb 2021 07:08:42 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 990C 0
38 B 6ms
5ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?z-nOew
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:08:42 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK bb6a6594eb Show response
bam-cell.nr-data.net/1/ Frame CF1F 57 B
647 B 638ms
599ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/bb6a6594eb?a=406048464&v=1198.fe6ec20&to=bl0HNhYAX0tTV0daXFcXJhcXFV5VHXVDQ29xTBESOCJeVkZGXF9fXEoWPjIIVE9xW11HQVZUCQcWIVZdRmdbUkFcaAQFAQ%3D%3D&rst=5456&ck=1&ref=https://www.picpay.com/convite&ap=84&be=762&fe=5225&dc=779&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1614409717007,%22n%22:0,%22f%22:249,%22dn%22:249,%22dne%22:249,%22c%22:249,%22s%22:266,%22ce%22:462,%22rq%22:462,%22rp%22:750,%22rpe%22:754,%22dl%22:757,%22di%22:779,%22ds%22:779,%22de%22:779,%22dc%22:5225,%22l%22:5225,%22le%22:5228%7D,%22navigation%22:%7B%7D%7D&fp=831&fcp=831&at=QhoEQF4aTEU%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 6280137db85bd8a9-CPH
cf-request-id: 0883ea82920000d8a990a5a000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK loading.gif
vermontbiz.squarespace.com/universal/images/manager/ Frame 0C98 1 KB
2 KB 227ms
227ms Image
image/gif 198.185.159.177
SQUARESPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vermontbiz.squarespace.com/universal/images/manager/loading.gif
Requested by: Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol: HTTP/1.1
Server: 198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 3ef4d4bdf2429f59661ebad5645f104dd285c84d35dfa265715662d08bb13bfc

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Sat, 27 Feb 2021 07:08:43 GMT
Last-Modified: Fri, 26 Feb 2021 18:16:36 GMT
Server: Squarespace
Cache-Control: private,max-age=14400
Etag: W/"1248-1614363396000"
Content-Type: image/gif
X-Contextid: LbTWBmI7/VFMR0nVO
Accept-Ranges: bytes
Content-Length: 1248

GET
H/1.1

200
OK

vbm+bob+awards_050719_0145.jpg
static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0145.jpg?pictureId=21858389
http://static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/vbm+bob+awards_050719_0145.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

359 KB
360 KB

268ms
267ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/vbm+bob+awards_050719_0145.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 2c7f7e1dd2c41c70262ef73b91e4d6532aa3bfd4b9fed59a4cfa3e6cbb51b752

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:46 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 345947
X-Cache: HIT, MISS
X-Contextid: YA1DUWgQ/roXVq666
Connection: keep-alive
Content-Length: 367737
X-Served-By: cache-dfw18650-DFW, cache-fra19171-FRA
Last-Modified: Tue, 14 May 2019 14:25:23 GMT
Server: Squarespace
X-Timer: S1614409726.983292,VS0,VE238
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/vbm+bob+awards_050719_0145.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:45 GMT
X-Contextid: LbTWBmI7/RV87kNt8
Server: Squarespace
Content-Length: 0

GET
H/1.1

200
OK

vbm+bob+awards_050719_0150.jpg
static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0150.jpg?pictureId=21858390
http://static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/vbm+bob+awards_050719_0150.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

319 KB
319 KB

519ms
518ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/vbm+bob+awards_050719_0150.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 1dc8e64fd2504aa0238daa08b2b6d3915b0a95a0245050461ebb913c1925ce1d

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:49 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 345947
X-Cache: HIT, MISS
X-Contextid: Nc2Cci3w/2yNupRbF
Connection: keep-alive
Content-Length: 326594
X-Served-By: cache-dfw18644-DFW, cache-fra19171-FRA
Last-Modified: Tue, 14 May 2019 14:25:24 GMT
Server: Squarespace
X-Timer: S1614409729.965912,VS0,VE489
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/vbm+bob+awards_050719_0150.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:48 GMT
X-Contextid: LbTWBmI7/IDfriuu8
Server: Squarespace
Content-Length: 0

GET
H/1.1

200
OK

vbm+bob+awards_050719_0153.jpg
static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/ Frame 0C98
Redirect Chain

http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0153.jpg?pictureId=21858391
http://static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/vbm+bob+awards_050719_0153.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

311 KB
312 KB

517ms
516ms

Image
image/jpeg

151.101.12.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/vbm+bob+awards_050719_0153.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Protocol: HTTP/1.1
Server: 151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Squarespace /
Resource Hash: b7a988372eceaf82ef3b50610b05aa8bf32f200820271946ad0f4be02f4c1ca5

Request headers

Referer: http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 07:08:52 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 152902
X-Cache: HIT, MISS
X-Contextid: 5llPgbtJ/1vPwwgR4
Connection: keep-alive
Content-Length: 318712
X-Served-By: cache-dfw18628-DFW, cache-fra19171-FRA
Last-Modified: Tue, 14 May 2019 14:25:24 GMT
Server: Squarespace
X-Timer: S1614409732.989930,VS0,VE487
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
X-Cache-Hits: 1, 0

Redirect headers

Location: http://static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/vbm+bob+awards_050719_0153.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date: Sat, 27 Feb 2021 07:08:51 GMT
X-Contextid: LbTWBmI7/6oieEkUf
Server: Squarespace
Content-Length: 0

POST
H/1.1 200
OK bb6a6594eb Show response
bam-cell.nr-data.net/events/1/ Frame CF1F 24 B
490 B 611ms
611ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/bb6a6594eb?a=406048464&v=1198.fe6ec20&to=bl0HNhYAX0tTV0daXFcXJhcXFV5VHXVDQ29xTBESOCJeVkZGXF9fXEoWPjIIVE9xW11HQVZUCQcWIVZdRmdbUkFcaAQFAQ%3D%3D&rst=15456&ck=1&ref=https://www.picpay.com/convite
Requested by: Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.picpay.com/convite?G9DK9C
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 27 Feb 2021 07:08:53 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.picpay.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 628013bbfe22d8a9-CPH
Content-Length: 24
cf-request-id: 0883eaa97a0000d8a9a981e000000001

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 990C 28 B
305 B 23ms
23ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/TDVUpLMqjoI
X-YouTube-Client-Version: 1.20210224.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt2MW1oQmZ3UEtHNCj53-eBBg%3D%3D
X-YouTube-Ad-Signals: dt=1614409722026&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKo6oycP3RhppMY6ouswE-CEnDEr-9eOE6dFMAL7_TupjzdN2CmB1H4YwLHbSXAoYfc7SA4gG8PRtT4afbXMhxxXtM9Kcw

Response headers

date: Sat, 27 Feb 2021 07:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 27 Feb 2021 07:08:52 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 20:46:01	Name: VISITOR_INFO1_LIVE Value: v1mhBfwPKG4
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Z5TGyCz7Zog
.doubleclick.net/	1970-01-20 01:48:25	Name: IDE Value: AHWqTUle21f0ws0X9oFEiVjkUSPI_pTMTQUy6SbUYANSobf9VxdWfq2JgbDcfDBm

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312(Line 150) Message: root = https://landing-builder.marathonbet.com
console-api	warning	URL: https://www.marathonbet.co.uk/landings/assets/js/site.global.js(Line 6) Message: You must bind Parsley on an existing element.
console-api	log	URL: https://www.marathonbet.co.uk/landings/blocks/static/js/plugins.min.js(Line 2) Message: Trying to start timer when countdown already at 0
console-api	log	URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js(Line 233) Message: reCAPTCHA couldn't find user-provided function: onScriptLoad

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8522863.fls.doubleclick.net
adservice.google.com
adservice.google.de
affiliate.entireweb.com
ajax.googleapis.com
api64.ipify.org
bam-cell.nr-data.net
bat.bing.com
cdn.amplitude.com
cdn.entireweb.com
connect.facebook.net
cx.atdmt.com
dynamic.criteo.com
etsy.me
fonts.googleapis.com
fonts.gstatic.com
gestyy.com
googleads.g.doubleclick.net
guestlist.co
guestlistapp.com
gum.criteo.com
i.ytimg.com
js-agent.newrelic.com
js.braintreegateway.com
mc.yandex.ru
p.typekit.net
pj.l.a8723.com
s3-sa-east-1.amazonaws.com
script.hotjar.com
static.criteo.net
static.doubleclick.net
static.hotjar.com
static1.1.sqspcdn.com
traffic-monetizer.com
use.typekit.com
vars.hotjar.com
vermontbiz.squarespace.com
web-analytics0.com
widgets.entireweb.com
wlmarathonbet.adsrv.eacdn.com
www.adplugg.com
www.deezer.com
www.entireweb.com
www.etsy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.iplocate.io
www.marathonbet.co.uk
www.picpay.com
www.youtube.com
yt3.ggpht.com
104.108.33.242
13.224.194.62
13.224.195.10
13.224.195.104
13.224.195.11
13.225.80.24
13.225.80.5
142.250.185.162
142.250.185.70
151.101.12.238
151.101.14.110
162.13.152.237
162.247.243.146
178.250.0.147
184.86.103.199
198.185.159.177
213.252.246.142
2606:4700:20::681a:89b
2606:4700:3030::ac43:8e72
2606:4700::6811:2b64
2607:f2d8:4010:8::2
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2016
2a00:1450:4001:813::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:1700:19b::3a15
2a02:26f0:6c00:285::19fd
2a02:26f0:6c00::210:ba2a
2a02:6b8::1:119
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.97.24.204
45.33.2.97
52.5.162.87
52.95.164.10
54.163.155.157
54.203.166.4
67.199.248.13
88.150.147.252
91.92.196.190
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
0096ee0be1f29c3d06fbe0748e6c34433ed65015916d1005abc004a4ea58cafa
00c43ca22960570d73fe186c57396733b8f8044f59b7b92b63dbdb92c0959e8b
01694614acbfdb7855af11b5c9d07aff0c1fe30ed4fdd60aaa0d39b864d0fd6b
061a8d44210c7c20d445333504e226b1e10beb4cbd8e8fc7e3bde50f36991bcf
0a7a8be46676d21b5058ba010b6549311a78a6b87c61953cb13d1668ecdc5988
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e0ab3ae4b15a7d8157a8d01ff8a73b0a7dcf90a49e30d10f33c7218f42fccea
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10dc6500d19c91233e31b0cac4a2de57adc7da32a76e23f4c046131d2713d2e7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13cfd006a193767be58638649fb8404175db5e3fec29e83d5ba4e388f114732d
141e453c0954d4d72869df1454692b1191eb1f3a14583dba6711f47505cfeb95
153b9acda7f4103288cef31539fe07f09838f0867d72055145e4159eb08dc357
1736659eb7e9d4ad2043a76bb4d23a5591677c4614c5dbf407ac30f303bb8a28
17c26c15a38e5ee8092fef893dd8beec647604a743307ba4644ef284fd97aef7
1841f5e66d0bdd2899a245be7979d5bbf5e6a4b4fd7ea58743fd7329fdef3b92
1b4f7e14d0f68d619b155dadd78119d09711cb61f9bba866e801bf33a5c8f98e
1c5be9fbb835bf61dc0a303926821391554760402b2368aa3a54cdb37f3a0686
1dc8e64fd2504aa0238daa08b2b6d3915b0a95a0245050461ebb913c1925ce1d
1f1ac05dd6e98d339d2e7804a3e2115d088224f41d3053856131ecf1ceb6967b
23ce5a3a01cba8e49310fa2810483542cd8e3832e19eeb0fed049571d5895cd4
249ffdc04156821f4d0d26a1252b5eb40a3ebd277de6be636fd5650d6e9a9eab
27c757e3c8fd36b0356cf4d8f889ebad92688c23338baaf3abae30736ce21feb
2811b20b11c559060536ad04de1cdc1c6ff288fda0e8d1c878d2636a503ddc27
295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2
2b212d5fbb0d807d8dc09d3dcfd1af6428182cb75479505e227946e841332738
2c7f7e1dd2c41c70262ef73b91e4d6532aa3bfd4b9fed59a4cfa3e6cbb51b752
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
2d78993263ae95bb823d1c9321ad49d09a7341bd291cca56f9a379b8479c15c2
2ddac7f61adecfacf650352168831c0479ac0afbb82da79c1fee4a4a05906720
2e9112db77640346bf93bc6031a2e2ede793324533273de02c61345d39b70d26
2f126200b438f6261d02167703c0a49ce51062efcf7d99309098c5e86578be06
2f9ff181474313a332c97bbee9db56f7bcfdf5c0e02b8129e6d98e2892199588
3046f5dfe01b98c22d6030e982161c03c4ef4bf0468dc804ba3b8f76be7daf24
30ab10abd1ea2c940cb30a0a796c1ee8cb77fe33c31e3eb7468b2ef8808e2319
31d94232adf4795cbc3d5f85ce2a864b4d2b7049965c5065a2d98c9f1b652aa0
3206338c1b9937821c2817da1ca9d71c9caab3f29ddbed6051cc37137736eee4
332c353346fa34ba648c1896f0a03034a8171a203c765ececcb1d9b47d5a8678
34ef26f2dc337d09f7d7f0bd1a10f27ff9f3222484e68d5f5e0ea7eb81631595
37e74d4af1424a182692cffb376f0709e63282de5823327201baf6857770c545
393696c3f40cea157859e274083672a4d5468536f156d282724b0d5c110c3e61
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3acf0e811ad466a869d3a076bafcde05cab0d7ba5c828cb92f410ea27c6aaf6f
3b764225c6794206505b8ab236d26404cd9f8545255afe31fd71802256c37410
3b9ecc241b15446fd04b92ed5026c473a3986d680bc4f17bf363ed565044dc57
3c46620115be1a968545f16eba340f39e28ea9a5ed4629948639dcb4226a49d1
3eee3b037e3951c286d8baa2d4e436090bc58602786f73803d6901effe2875ab
3ef4d4bdf2429f59661ebad5645f104dd285c84d35dfa265715662d08bb13bfc
3f781e1ec8ab4da1b5277fd277a4243d4ea9d2fa38990c507b989870b3e9e39a
40ec7baa953be90c457cb87ec4d73885b92033564ae375a971924eb5a808e70d
412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4451dd6d0c9874b1cbd44fbbbad45f1c7688b65fba85652fe33c3bf9d1099475
45aeb5dec3a47816633be3ba20ce80a5bbbe8e5052bb8030d47adab89b645b2d
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
46e86bfd873ce2ba61885faa9e0ba2ae1a510574f698d6a3aba7da49d1505eb9
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4cdf5a442a3cc0f524587e271f499c9ba77ae0834e3a33b9b26b39e28b0d876b
4d3c90227aea70a3733ff1d8c46f42f43323d763764232390d50a9643bdd15c1
4e1706c85a166c1e2e0db3acf9a850d46f3f32e3744c07002d4eda2b8cb078f6
4e5cfe11b033ea87ba1fafe403a978b8ec663c977616919e3f8a4f6305f0da33
4ebe297e3c1ec1106923efa62ef7c9f76cf6b8c37019512eaa0ae360769686ba
50eb773d3595b8f6bde7493ea0a2f5641b4b39e5a00794521dd66182aeab95f0
511993a43b26b3d09e98b76bafe9b8ce00dd0c214221e398fad42ac9c739b941
5163153f73bcb9d1a994adee45d155088ce2bfdcc760a3531a31e7e1057599e2
52c989b150b6949b3e65363abb4fa1d1eabc75be7e93f8428a2af9746522bc23
54234dbc5f94f0c00e43abfab5b835783474b7259ab5ba5ba4024e0ef212e181
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56113ab7f7e0d98b25a2768f146d13e82ebfbcb90579d0dca2223c14aaa60547
570cb7ef4ecb9410b4297f56d1a53fd54bb4246d62951f4c5e67388a5a2419a0
5771db83014670269e981af8b2b68f4f4f54f5214874b41ea49a923605136454
57aabc1104849fcdbe65cb780bfa6633228ec501258d2d60aa2a3d93a56dd48e
588b1b5e35bf5ff5c59654ddfc9e5f923b7c038d1d9ddeb1e153bccc884e25f0
59d521c7e1d5d1253714ccf0f586b7d6ae5e617f9975c9cf5ab64723002e5869
5bddaf4345c25f095b25c6346e271d6e6874d8c2abd9da72f321503bd6160ee8
5c62d867ca7c721b7572ab056103ce73f728c036311b4c9989726fabd82e279d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d51f7c03341f9c212aba23759ef0b2eab000a24ff3182dde9acbcdce1272cd1
5dd21475a14aaefef3a2c4616e12d0089b81ea970cd0526e5da978c4b53b3dc2
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5f0e20dd09132e89d903765e5304653208e126eb7487d39395cc4e470bf0991e
6366210ee3e98e8dbeb12ddb208aa5bf84a0e550b1ee7bc108154bed17d5fd86
64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5
6553cabbaa824a89a0f697489afdb9df53fd7c905bf0d375cd72744b13004933
65a62cc0e7be1c2ddf719108c92cc51c4e94735bdbe8bd74e617d950baa1761d
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b7470762b1b505b6115adafe23c23ead5a2fac211c9d9b384028e754d2aff3e
6d2d9912610844ca937ac8fbcf67b04c53f085675d37ac833a62d12bddd2b7b1
6de4b2283ede55ceb23ed2327147479c3cc1abfe0b6076aa4277dcb0b870ec17
7c027781127b6fad344a068f0ccc8dcaa6b20ec5cd98db56310849409fdd0412
7c210dc98f7ab51ed91389d823e0f7f86b3dda9d282b0d8200634b0dfadd037c
7c95abe781ebf06979ce7ed8a8e221f61935e43603b29bdc0bb10c4003155c9d
7e11170a0f7ef5c6fc10bf5581bd2060988b5d6ede1bcd98d09c1abafcb9e904
7e164731004bfedf6c2701b4718f017c808123097b8c4e80efd2b283aa99e6e4
7ffa48348dd0725b440c54a32288b4d24ad7f480d1c84b1a61723e31aa015faf
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83445fe1673a12bbbcd316d3b62813be302d651be5e661de110e411314ad6d4e
843a0e84fb001c79fb2b24c58279d267f17f4dde3923324dc16ca1852aef4637
876c47baba1d6b8feac5a06cd4b3bcdb6e98a65e63b17c41f1dc9a8f83eb71ed
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
88561e211e862344bd3cc71c03f8ab25d8a79b9bdbaa1e083af7e0603f30f689
88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
8a6a21ecbbcb8881fc6d52ce3724e0deec4e72be594d2041aa01ab8d37800260
8dc23d8b8bef5be2be8313bc6d8ab885209b0f3465cfea46567a8a64b37c3021
8e0b05f528819fb06beaa15a7bf33a3d2ff5a3bf635ddabadc60fb6a40bd8bcb
8e94f635ea6201ba815e302c25cb450470f598c880c1a5abe9fe43716a0d310b
903ac783f77eb0052416fc22e4c10de43e66873b25f7bd47b187b2fa294b0d12
91745e5a6d4006d522494e45b4c9195ab890beadd03e770c68bfb6e86f64a946
9386b3208ec6eebcd735a8319bf5705281d198783105692fe923b0719a43d745
966df6347e0edba690c2156333bdebb32c60f958538064654259678ddfdc4f21
97d948a989c3928a8830e77fd363f0f264f546d414d73d973fb58e7fd68f04a3
97ea5d4ced240b8018eebde8e8d314a5ab1914fa921d073d02407f12d559aca5
981b91a09857b33707e4784c2977f2a026b8b1a809940d4e230e23255dbbae09
982a7e02d9bc3463ea7470fcb2b83104b9134b0b6bd3dcf0998358e5aa0f4a0f
98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a
9a6117df8db18e0f332dac159a456d654a59494d8f670befc70fa06e61bf4f8c
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c256bcb9aa10ef7e6bab683a077aaedbbfdd6dad8deda4f1e7abf4f7fe104ec
9c37822d8b031ef6fcae40a2a5b2a183ac30769bd93b21fe9c2aa73337cec4b1
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9fb983c60584ed2f5a3e59d288666a46cf252621c0acd82870ed4910abdd0167
a275d31e71f53519347ba3027d094b0106d58856342b84f529a69a4cd3259d29
a291ec1d6fd94c27c3c163fcf50ea118d548c64b38f95bb203958091df19b03b
a37eaa5f2ae1d7a44c39acbd581946022f57f919b7ab8f58e608d8883edbed7e
a42fd17a199026f5bfe906cadb39e5df6468b1132ff68e982dc9ed180f5a05cf
a44948b4c6d4dcc30672bce5197c1190d911a0ba8465bf1cc0d431f3d11456ec
a6adcd09f9bb22a3320b63f1a4da02e9c4ade2498488f197b308323373c2e955
a76fad1fc33625662745f003219d8403e765dc0c412f59e889b993908dfa819d
a80737f8fdf73f43cf3f9e19ce5a248f4d324823a0b9fe3d5b183104c5f0f914
aa176a8bd17c4fc51d9bd94d49d35a1b7faedf2093b0ff8bf3d53ad7bfc1fc7a
ab221b6a08cf7afd686405d9ccde09f5980db42495fe870a9fc27274afa856ac
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
adbfbe079d701272c73777c548eb5c8e372c6f0965a4678b28080c900c7fd8bb
aeddf724c04fc63f51a85069b6ad5db87a68a92348e304942b587de9d9c845ab
af03aec793c0abd11a472714bdc769668c3704d99192a27e1f8c6e6967c899d3
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
b34c93972705c7ddcc84706b83a71adcc22d663e176a2d03390a8210a2678733
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
b52e41923dfdc250e4f7914afab339390b49f6834e158e0294cddf71c8f6248b
b62877eb46f9bb55b2b29b75105ea33e8ae5ac8f170f2d15982a728aca2fd902
b7a988372eceaf82ef3b50610b05aa8bf32f200820271946ad0f4be02f4c1ca5
b9b49c94efe4f8c5376973cf127a967b31b0b0c5ff78270b4975afc51b23d02b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbce4c1901cf6498a4d53796c5630e81db3596202fd40e41b51bc7ea8e3af55f
bf1a62c3dd9d41a6e07e7d8085d73a6d6f4da10f000578f69f8f31ec7689aaa7
c02e45096fe64f0737eb0575687264ee2365f6740876e618327d8b3209f02f54
c085344c5498e00798127f57d4f1013f4c761f270c93d3eef19055fca6a525ef
c4ae2d2029e982a3d20fa96647a74df968034aa9dd227aec99fb581a680bedaf
c728a0d61e3c59f85bf964936e164837da86980ffc01342749835a96fa44cb3a
c9f6eb9585d10d1acd6ff05d522445aaf470be7f914a3ba1b858416e3577f3b6
cb2e91d152b816c43a54ed6a9c8fdcb92e7c40a6f8c8a46ffc7ee57c5b382dfb
cbb446d29480abd8e0f4edcaef3598cba619b58c9f2d339bab5ec45fd1c6ff06
cbb9d4200fd7355d626dc2b4015bf5b6548bd69b864f69d06c85d7bae3b61837
cde392786c19aa991f2e5501b39d4c502bde5d9cdcddf51af182d2973f519a34
cf8cde21125e1fbd0dc21e1c0d0025037aa687659fca67d6f6864b40a0cd3cda
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
d58b6bfed13181253c29252ef30a9ca8190e5c5ff8901aea0f2f7820a98e98c2
d7bf8a434f62b76439d0e6d681868c6d1d7e00d6f0a011a564e67b779105834b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9a126d7c679187a220b743352760c8104ce3a9c412490c99767d4734fe8cbb0
da98c5459e194aef5e59d5d91c86b855b0fbdaf045f0b01b6573191511fb9831
dbcaf9499a3b75cc140484c09ca843e3e1507056d86385e2eee14dd2d6ddd2f6
dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd
dc493b884b5c1dd9cc927347a08a650c23ac5db728c6e76f359ea5d44b465eab
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de87c35f5b60ca8e83e0a971217b411932b3c12a949b16167de1dda88174875b
e135e3cf061067667ea655b872b3a6f7d772fea510cfa70496a97d7bbd649db6
e14bf8513c6848f983ed24852e9700dec95589b748e26bacd6b2ca7dc9bb2aee
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ecbd46b869e710dd55f5aeabcccea2b6c11f0b762e1facd3bf8f451697ea37
e4778b5e74de16953704058db3fc86b02d8cbf4e18c48b86b17da13e66c08660
e784f44417a9910398028653c4396e17eeb7bf9e7ccd33b63b9aa1a20c2b911c
e7fe429ae4cdaf8105bb31a2491e076f127d005b2bc89110117980cf8740a4bc
e8135274119acee82aafaee8ad4133b16c3b4081dffa052bcd9b3699b1e9ea77
e95d4a39a603845a5bd5fec2bd672a1e8a94cce0fc9fe5a8c36056d57573c342
e9dc680d1306408adb91dafb9214df61b5ded783b4976ced63731fc19c7e046d
ea284c0ffda5c38bf42c2628f79d87ad0314ec9bca4bf232fd0ad15d60b632e5
eb098ff1725c8819ea67b54d857b6574d20ccfbb2cc451c1fab85fb4d968a62d
ec20bde78d0a630c4755d188de6934dce2db9c29a688f5e975d85a9067573232
ed4a22fa5fa6e72b0a340a1fc47e89cee4075ea35c049ca5c4a376a6efed0b03
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eead2bd37da6b8f6cb3184f01b5a7b6b63d73faec64bb6a2063ea150f7048db6
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef294a26b7bc4bb108953b59f9fd804031aa0176921188e5a0b1912e6bd5bba1
ef858c9b1960e18ab571a1a8a898b2239ac0ccbab6ce84bd74594c36f1195dfc
f0206f16ebcbf0a28ed2f332fb034d50456df8105a0ccda7df95d989bde929d3
f0236033b64827076dabee32636265f80c66147e6cded6bc6afffbc7eff28872
f164b0f7c34cc10d90a770c81b95d80e13932ec33598926cd158c20702dc0e5a
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f5ef4c7e64475909a9e32315f91f5cc5753af998f3076c7e61c1386752a6b9a8
fa4a67f196d515bc3927a9ba0ee3a22ad490f33db729b88db129520abb0d99a6
fb7402bb7dba8e1523e062ca0a063d3c4b660ad0871022d09d85e4e570e7295d
fd015e512f77c3bb8930ac78fc8e64a33a905e5aa1cadde379d20ddf0e4e4f93
fd69550e2e182092a182d5c5b8dc86563bba25f4f93d18fec75773f1d835b6a9
febf102a9b0661ed75e2d34a0a4da79ee48e9c3c6aec16bee9c17e6fd16c351a

traffic-monetizer.com Open in urlscan Pro 213.252.246.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

261 Requests

84 %HTTPS

56 %IPv6

45 Domains

57 Subdomains

57 IPs

8 Countries

15421 kBTransfer

22323 kBSize

3 Cookies

0 Outgoing links

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

traffic-monetizer.com Open in urlscan Pro
213.252.246.142 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

84 %
HTTPS

56 %
IPv6

45
Domains

57
Subdomains

57
IPs

8
Countries

15421 kB
Transfer

22323 kB
Size

3
Cookies

261 HTTP transactions
1 data transactions