URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Submission: On February 27 via api from BR

Summary

This website contacted 57 IPs in 8 countries across 45 domains to perform 261 HTTP transactions. The main IP is 213.252.246.142, located in Lithuania and belongs to IST-AS, LT. The main domain is traffic-monetizer.com.
This is the only time traffic-monetizer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 213.252.246.142 61272 (IST-AS)
2 2 91.92.196.190 49882 (SKRILL)
41 2606:4700::68... 13335 (CLOUDFLAR...)
4 6 184.86.103.199 20940 (AKAMAI-ASN1)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 67.199.248.13 396982 (GOOGLE-PR...)
1 104.108.33.242 16625 (AKAMAI-AS)
1 20 52.5.162.87 14618 (AMAZON-AES)
2 28 162.13.152.237 15395 (RACKSPACE...)
12 37 198.185.159.177 53831 (SQUARESPACE)
14 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 13.225.80.5 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 54.163.155.157 14618 (AMAZON-AES)
8 45.33.2.97 63949 (LINODE-AP...)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 3 3.97.24.204 16509 (AMAZON-02)
4 54.203.166.4 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 151.101.12.238 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 52.95.164.10 16509 (AMAZON-02)
1 13.225.80.24 16509 (AMAZON-02)
1 2607:f2d8:401... 18450 (WEBNX)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.224.195.11 16509 (AMAZON-02)
3 142.250.185.162 15169 (GOOGLE)
1 178.250.0.147 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.195.104 16509 (AMAZON-02)
1 7 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 142.250.185.70 15169 (GOOGLE)
1 13.224.194.62 16509 (AMAZON-02)
2 88.150.147.252 20860 (IOMART-AS)
3 8 2a02:6b8::1:119 13238 (YANDEX)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.195.10 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
2 162.247.243.146 13335 (CLOUDFLAR...)
261 57
Apex Domain
Subdomains
Transfer
54 entireweb.com
www.entireweb.com
cdn.entireweb.com
widgets.entireweb.com
affiliate.entireweb.com
2 MB
41 marathonbet.co.uk
www.marathonbet.co.uk
454 KB
37 squarespace.com
vermontbiz.squarespace.com
861 KB
20 picpay.com
www.picpay.com
325 KB
12 sqspcdn.com
static1.1.sqspcdn.com
9 MB
9 youtube.com
www.youtube.com
677 KB
9 doubleclick.net
8522863.fls.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
10 KB
9 googletagmanager.com
www.googletagmanager.com
390 KB
8 yandex.ru
mc.yandex.ru
47 KB
7 facebook.com
www.facebook.com
2 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
388 KB
7 google.com
www.google.com
adservice.google.com
17 KB
7 google-analytics.com
www.google-analytics.com
163 KB
6 facebook.net
connect.facebook.net
256 KB
6 deezer.com
www.deezer.com
7 KB
5 google.de
adservice.google.de
www.google.de
2 KB
4 bing.com
bat.bing.com
17 KB
4 adplugg.com
www.adplugg.com
130 KB
3 googleadservices.com
www.googleadservices.com
26 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
61 KB
3 typekit.com
use.typekit.com
36 KB
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 web-analytics0.com
web-analytics0.com
5 KB
2 criteo.com
dynamic.criteo.com
gum.criteo.com
648 B
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
8 KB
2 guestlistapp.com
guestlistapp.com
1 KB
2 braintreegateway.com
js.braintreegateway.com
180 KB
2 etsy.me
etsy.me
485 B
2 gestyy.com
gestyy.com
2 eacdn.com
wlmarathonbet.adsrv.eacdn.com
985 B
1 newrelic.com
js-agent.newrelic.com
11 KB
1 ytimg.com
i.ytimg.com
55 KB
1 ggpht.com
yt3.ggpht.com
2 KB
1 typekit.net
p.typekit.net
182 B
1 criteo.net
static.criteo.net
12 KB
1 a8723.com
pj.l.a8723.com
2 KB
1 atdmt.com
cx.atdmt.com
651 B
1 amplitude.com
cdn.amplitude.com
19 KB
1 iplocate.io
www.iplocate.io
1 KB
1 ipify.org
api64.ipify.org
238 B
1 amazonaws.com
s3-sa-east-1.amazonaws.com
516 B
1 googleoptimize.com
www.googleoptimize.com
34 KB
1 guestlist.co
guestlist.co
4 KB
1 etsy.com
www.etsy.com
516 B
1 traffic-monetizer.com
traffic-monetizer.com
1 KB
261 45
Domain Requested by
41 www.marathonbet.co.uk traffic-monetizer.com
www.marathonbet.co.uk
37 vermontbiz.squarespace.com 12 redirects traffic-monetizer.com
vermontbiz.squarespace.com
28 www.entireweb.com 2 redirects traffic-monetizer.com
www.entireweb.com
20 www.picpay.com 1 redirects traffic-monetizer.com
www.picpay.com
14 cdn.entireweb.com www.entireweb.com
12 static1.1.sqspcdn.com vermontbiz.squarespace.com
9 www.youtube.com vermontbiz.squarespace.com
www.youtube.com
9 www.googletagmanager.com www.entireweb.com
www.picpay.com
www.googletagmanager.com
www.marathonbet.co.uk
8522863.fls.doubleclick.net
8 mc.yandex.ru 3 redirects www.marathonbet.co.uk
8 affiliate.entireweb.com www.entireweb.com
affiliate.entireweb.com
7 www.facebook.com 1 redirects www.picpay.com
8522863.fls.doubleclick.net
traffic-monetizer.com
7 www.google-analytics.com www.googletagmanager.com
www.picpay.com
www.google-analytics.com
vermontbiz.squarespace.com
6 connect.facebook.net www.picpay.com
connect.facebook.net
8522863.fls.doubleclick.net
6 www.google.com 1 redirects www.marathonbet.co.uk
www.picpay.com
8522863.fls.doubleclick.net
www.youtube.com
6 www.deezer.com 4 redirects traffic-monetizer.com
5 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 www.google.de www.picpay.com
8522863.fls.doubleclick.net
4 bat.bing.com www.entireweb.com
4 www.adplugg.com www.entireweb.com
www.adplugg.com
4 widgets.entireweb.com www.entireweb.com
widgets.entireweb.com
3 8522863.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
3 use.typekit.com vermontbiz.squarespace.com
2 bam-cell.nr-data.net js-agent.newrelic.com
www.picpay.com
2 web-analytics0.com traffic-monetizer.com
2 www.gstatic.com www.google.com
www.youtube.com
2 guestlistapp.com 2 redirects
2 js.braintreegateway.com www.entireweb.com
2 etsy.me 2 redirects
2 gestyy.com traffic-monetizer.com
2 wlmarathonbet.adsrv.eacdn.com 2 redirects
1 js-agent.newrelic.com www.picpay.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 p.typekit.net vermontbiz.squarespace.com
1 gum.criteo.com static.criteo.net
1 static.criteo.net dynamic.criteo.com
1 pj.l.a8723.com 8522863.fls.doubleclick.net
1 adservice.google.de 1 redirects
1 adservice.google.com 8522863.fls.doubleclick.net
1 cx.atdmt.com www.picpay.com
1 cdn.amplitude.com traffic-monetizer.com
1 vars.hotjar.com static.hotjar.com
1 dynamic.criteo.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 www.iplocate.io widgets.entireweb.com
1 api64.ipify.org widgets.entireweb.com
1 static.hotjar.com www.picpay.com
1 s3-sa-east-1.amazonaws.com www.picpay.com
1 ajax.googleapis.com vermontbiz.squarespace.com
1 www.googleoptimize.com www.marathonbet.co.uk
1 fonts.googleapis.com www.marathonbet.co.uk
1 guestlist.co vermontbiz.squarespace.com
1 www.etsy.com traffic-monetizer.com
1 traffic-monetizer.com
261 57

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-05 -
2021-08-05
a year crt.sh
www.deezer.com
R3
2021-02-09 -
2021-05-10
3 months crt.sh
etsy.com
DigiCert Secure Site ECC CA-1
2020-08-02 -
2021-11-01
a year crt.sh
*.picpay.com
Amazon
2020-11-13 -
2021-12-12
a year crt.sh
entireweb.com
R3
2020-12-26 -
2021-03-26
3 months crt.sh
secured2.san1.raxcdn.com
R3
2021-01-28 -
2021-04-28
3 months crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-08-07 -
2021-08-12
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
widgets.entireweb.com
R3
2021-02-16 -
2021-05-17
3 months crt.sh
guestlist.co
Amazon
2020-04-09 -
2021-05-09
a year crt.sh
www.adplugg.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-02 -
2021-06-16
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
*.s3-sa-east-1.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-08-27 -
2021-09-01
a year crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA
2021-01-19 -
2022-02-19
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-01-19 -
2021-07-19
6 months crt.sh
www.googleadservices.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
cdn.amplitude.com
Amazon
2020-11-18 -
2021-12-17
a year crt.sh
web-analytics0.com
R3
2021-02-07 -
2021-05-08
3 months crt.sh
mc.yandex.ru
Yandex CA
2020-09-29 -
2021-03-11
5 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2021-01-29 -
2021-04-28
3 months crt.sh
*.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
pj.l.a8723.com
Amazon
2020-07-16 -
2021-08-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
www.google.de
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.google.de
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA
2020-01-28 -
2022-02-01
2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
*.googleusercontent.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
edgestatic.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-12-28 -
2021-05-07
4 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh

This page contains 17 frames:

Primary Page: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Frame ID: 5819330936B0BF94EA2D0959C634AF01
Requests: 1 HTTP requests in this frame

Frame: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Frame ID: 45E76BE56C47C431C4B6F394D64E2644
Requests: 60 HTTP requests in this frame

Frame: https://www.deezer.com/us/playlist/8487933382
Frame ID: D5E2A64BCB0D1EBD2C21A79AFBA9D081
Requests: 1 HTTP requests in this frame

Frame: https://www.deezer.com/us/playlist/8487933382
Frame ID: F41BD9E31C32CBC59D032F9F102E2208
Requests: 1 HTTP requests in this frame

Frame: http://gestyy.com/etMyW0
Frame ID: 3B744326F783255C0BF8CC5C68233827
Requests: 1 HTTP requests in this frame

Frame: https://www.etsy.com/shop/DivineDesignsByKrys
Frame ID: D0BE8E7C1B9D14F624275169166A0F8E
Requests: 1 HTTP requests in this frame

Frame: https://www.picpay.com/convite?G9DK9C
Frame ID: CF1FA653FD27183B783F6549CAAC00F8
Requests: 48 HTTP requests in this frame

Frame: http://gestyy.com/etMyW0
Frame ID: D265AD60BAE4A27B849F34D6C442613B
Requests: 1 HTTP requests in this frame

Frame: https://www.entireweb.com/free_submission/?a=walawala
Frame ID: 15A23EA0620061BB6DE0F611E41FE858
Requests: 35 HTTP requests in this frame

Frame: http://vermontbiz.squarespace.com/2019-bob-winners/
Frame ID: 0C986BDE03BB0D09F7F7C3E5B53B6618
Requests: 44 HTTP requests in this frame

Frame: https://www.entireweb.com/free_submission/?a=walawala
Frame ID: E5B6D064FBB14F600D95081687D74170
Requests: 33 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E305BEC0B98DD31FBBC79B9FB2FF3489
Requests: 1 HTTP requests in this frame

Frame: https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Frame ID: 90BC06934DDBB2EE5D850FFCC1D7EFC0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Frame ID: 31E3C7242FD3820E58D688419DA565A9
Requests: 1 HTTP requests in this frame

Frame: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Frame ID: 89BED85BF2BAD2BFB182898DC816A822
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=traffic-monetizer.com
Frame ID: C52C9B5ED2D6FBCA03C771A94E15383B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TDVUpLMqjoI
Frame ID: 990CA362E5D8C4C065B1FE0AF19AAE00
Requests: 17 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
  • headers server /php\/?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i

Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

261
Requests

84 %
HTTPS

56 %
IPv6

45
Domains

57
Subdomains

57
IPs

8
Countries

15421 kB
Transfer

22323 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wlmarathonbet.adsrv.eacdn.com/C.ashx?btag=a_10312b_66c_&affid=7269&siteid=10312&adid=66&c= HTTP 302
  • http://wlmarathonbet.adsrv.eacdn.com/C.ashx?btag=a_10312b_66c_&affid=7269&siteid=10312&adid=66&c=&AutoR=1 HTTP 302
  • https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Request Chain 1
  • http://www.deezer.com/playlist/8487933382 HTTP 301
  • https://www.deezer.com/playlist/8487933382 HTTP 302
  • https://www.deezer.com/us/playlist/8487933382
Request Chain 2
  • http://www.deezer.com/playlist/8487933382 HTTP 301
  • https://www.deezer.com/playlist/8487933382 HTTP 302
  • https://www.deezer.com/us/playlist/8487933382
Request Chain 4
  • http://etsy.me/37IFRbs HTTP 302
  • https://etsy.me/37IFRbs HTTP 301
  • https://www.etsy.com/shop/DivineDesignsByKrys
Request Chain 5
  • http://www.picpay.com/convite?G9DK9C HTTP 301
  • https://www.picpay.com/convite?G9DK9C
Request Chain 7
  • http://www.entireweb.com/free_submission/?a=walawala HTTP 301
  • https://www.entireweb.com/free_submission/?a=walawala
Request Chain 9
  • http://www.entireweb.com/free_submission/?a=walawala HTTP 301
  • https://www.entireweb.com/free_submission/?a=walawala
Request Chain 68
  • http://guestlistapp.com/javascripts/guestlist-embed.js HTTP 301
  • https://guestlistapp.com/javascripts/guestlist-embed.js HTTP 301
  • https://guestlist.co/javascripts/guestlist-embed.js
Request Chain 122
  • http://vermontbiz.squarespace.com/storage/BOB%20Logo-Color-FINAL-sm.png HTTP 302
  • http://static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/BOB+Logo-Color-FINAL-sm.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 180
  • https://8522863.fls.doubleclick.net/activityi;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312 HTTP 302
  • https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Request Chain 184
  • https://www.facebook.com/tr/?id=173199046367883&ev=PageView&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&if=true&ts=1614409718954&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614409718591&coo=false&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=4528061348418889873&f=AYzhYLFOrl186_611gNhmu8eVL6LYMfCaKqyr4CnvKC3miJy20JJHHe1wwZQxJ07c2hJuhAAE_Im12ZBJXM-ycSq&id=173199046367883&l=3&v=0
Request Chain 185
  • https://mc.yandex.ru/watch/28361181?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A303688808186%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A916855014%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings HTTP 302
  • https://mc.yandex.ru/watch/28361181/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A303688808186%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A916855014%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
Request Chain 186
  • https://mc.yandex.ru/watch/21139201?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A1497298881667%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A1018225097%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings HTTP 302
  • https://mc.yandex.ru/watch/21139201/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A1497298881667%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A1018225097%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
Request Chain 187
  • https://mc.yandex.ru/watch/45714030?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A1595709577030%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A892871772%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings HTTP 302
  • https://mc.yandex.ru/watch/45714030/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A1595709577030%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A892871772%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
Request Chain 192
  • https://adservice.google.de/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312 HTTP 302
  • https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Request Chain 211
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&cid=CAQSKQCNIrLMe1CJ75XW7xYbAc69NGhL4wZfH7K7qOhNgkNmnurWSTlz2eab&random=708676933&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&cid=CAQSKQCNIrLMe1CJ75XW7xYbAc69NGhL4wZfH7K7qOhNgkNmnurWSTlz2eab&random=708676933&resp=GooglemKTybQhCsO&ipr=y
Request Chain 218
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 219
  • http://vermontbiz.squarespace.com/storage/sba/background.jpg HTTP 302
  • http://static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/background.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 220
  • http://vermontbiz.squarespace.com/storage/VBM.bluecrimson.jpg?__SQUARESPACE_CACHEVERSION=1610029688812 HTTP 302
  • http://static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/VBM.bluecrimson.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 221
  • http://vermontbiz.squarespace.com/storage/Vermont%20Awards%202018%20Logo.jpg?__SQUARESPACE_CACHEVERSION=1523031326156 HTTP 302
  • http://static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/Vermont+Awards+2018+Logo.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 222
  • http://vermontbiz.squarespace.com/storage/Third%20Generation%20Design-Black%20type%20no%20shadow-Logo.png?__SQUARESPACE_CACHEVERSION=1554135287506 HTTP 302
  • http://static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/Third+Generation+Design-Black+type+no+shadow-Logo.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 223
  • http://vermontbiz.squarespace.com/storage/BOB%20Logo-Color-FINAL.png?__SQUARESPACE_CACHEVERSION=1554410075916 HTTP 302
  • http://static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/BOB+Logo-Color-FINAL.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 242
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0397.jpg?pictureId=21858487 HTTP 302
  • http://static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/vbm+bob+awards_050719_0397.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 243
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0083.jpg?pictureId=21858387 HTTP 302
  • http://static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/vbm+bob+awards_050719_0083.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 244
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0095.jpg?pictureId=21858388 HTTP 302
  • http://static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/vbm+bob+awards_050719_0095.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 256
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0145.jpg?pictureId=21858389 HTTP 302
  • http://static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/vbm+bob+awards_050719_0145.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 257
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0150.jpg?pictureId=21858390 HTTP 302
  • http://static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/vbm+bob+awards_050719_0150.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Request Chain 258
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0153.jpg?pictureId=21858391 HTTP 302
  • http://static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/vbm+bob+awards_050719_0153.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D

261 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request cg.php
traffic-monetizer.com/
2 KB
1 KB
Document
General
Full URL
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
HTTP/1.1
Server
213.252.246.142 , Lithuania, ASN61272 (IST-AS, LT),
Reverse DNS
7401-15047.bacloud.info
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
570cb7ef4ecb9410b4297f56d1a53fd54bb4246d62951f4c5e67388a5a2419a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Host
traffic-monetizer.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:10:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Frame-Options
ALLOWALL
X-Content-Type-Options
nosniff
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
609
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
welcome
www.marathonbet.co.uk/landings/ Frame 45E7
Redirect Chain
  • http://wlmarathonbet.adsrv.eacdn.com/C.ashx?btag=a_10312b_66c_&affid=7269&siteid=10312&adid=66&c=
  • http://wlmarathonbet.adsrv.eacdn.com/C.ashx?btag=a_10312b_66c_&affid=7269&siteid=10312&adid=66&c=&AutoR=1
  • https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
14 KB
4 KB
Document
General
Full URL
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de4b2283ede55ceb23ed2327147479c3cc1abfe0b6076aa4277dcb0b870ec17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.marathonbet.co.uk
:scheme
https
:path
/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d1864484d2ae1b2e8666b627bde077b7a1614409717; expires=Mon, 29-Mar-21 07:08:37 GMT; path=/; domain=.marathonbet.co.uk; HttpOnly; SameSite=Lax puid=rBAp3WA57/WrByL8A0Q7Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.marathonbet.co.uk; path=/
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
last-modified
Fri, 26 Feb 2021 08:20:01 GMT
cache-status
EXPIRED
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0883ea6df0000024883d198000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6280135cb8972488-FRA
content-encoding
gzip

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Server
Microsoft-IIS/10.0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
X-AspNet-Version
4.0.30319
Set-Cookie
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
X-Powered-By
ASP.NET
Date
Sat, 27 Feb 2021 07:08:36 GMT
Connection
close
Content-Length
214
Vary
Accept-Encoding
8487933382
www.deezer.com/us/playlist/ Frame D5E2
Redirect Chain
  • http://www.deezer.com/playlist/8487933382
  • https://www.deezer.com/playlist/8487933382
  • https://www.deezer.com/us/playlist/8487933382
0
0
Document
General
Full URL
https://www.deezer.com/us/playlist/8487933382
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.deezer.com
:scheme
https
:path
/us/playlist/8487933382
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sid=fr14291c04169d921748df1b465a53730e34524c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
p3p
policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-frame-options
SAMEORIGIN
content-security-policy-report-only
upgrade-insecure-requests ; report-uri /csp-report block-all-mixed-content ; report-uri /csp-report
access-control-allow-origin
https://twitter.com
link
<https://e-cdns-files.dzcdn.net/cache/js/runtime.ec3ad2da6a5ddac3f72a.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/js/legacy.8f02eaccedfd961d02de.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/js/app-web.262ab55ced6ed5f85fdb.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/css/sass_c/app-web.5640e2c0bcc9affee6e0.css>; as="style"; rel="preload"; nopush
content-encoding
gzip
x-host
blm-web-78
x-ua-compatible
IE=edge,chrome=1,requiresActiveX=true
x-content-type-options
nosniff
content-type
text/html; charset=utf-8
x-akamai-transformed
9 - 0 pmb=mTOE,3
date
Sat, 27 Feb 2021 07:08:37 GMT
vary
Accept-Encoding
set-cookie
sid=fr14291c04169d921748df1b465a53730e34524c; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None dzr_uniq_id=dzr_uniq_id_fr7c97d9c32a57a58bbe13b74a35b4d0dcc5fc02; expires=Thu, 26-Aug-2021 07:08:37 GMT; Max-Age=15552000; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None ak_bmsc=44E411A5EDBC3518EDB526F860DDFA88B85666C783040000F5EF396052B6440E~plgbdWtulYYFmlT3KEX7hmNJjOsSqIvYi+M0H7wPfx9pmOD5wubQtm+hIUA6OaEZU/zMdKDrpr2hSR+XdfTtEkvq0F7lmGz5V64j1/hrrLcP8HR4oZUDw02cG9Do5vFLtW6MUUAtk8fEPH4vjY65bd2cjo69iBiwQWEMtfc4S+t7skQo/X81TLw6ZByBDUq+VfS3lMXwqociIhOw77WGPFeGiYv6EFwDW5BMykh0IrT/k=; expires=Sat, 27 Feb 2021 09:08:37 GMT; max-age=7200; path=/; domain=.deezer.com; HttpOnly bm_mi=D0322839470B198E58379AA3EE0FAF4D~wvMTzzTfjRrRjlY+CXh2MdMSFebM+mRxGjGPZjhmIBnFI3GtUa/fMH6LiUB3nuXVZ1wZaC0IbeiSN6JVm7MfRWjjzjftgbE449v2O/7Uqk4Uj4n2aHdIUvjibMqqVT5HbO3xiOpmO8AKMRqAKFZkg8uafTIqhG2wvZYDEaS5/5FzwrR9zSS9xmsP/djwdwTcZW1hg8n+eCCWCinYZojTDbTadwIp9styU6xtcI2iURDY4YmFcCMSZ1B6vilan1dJ; Domain=.deezer.com; Path=/; Max-Age=0; HttpOnly bm_sz=F30D39C85E01978504E0F0160B061460~YAAQx2ZWuN5zwbZ3AQAAXFZR4grEe7YKgk8gOGpUfgyiEmZoSjdpGn5niGng1//RQuhdQQW/t+I+spQdqBbAXgJ3DwUD6m8/O+Xuizc90UPi8PfBNEPmyiIQSS8PBYAuTEgqrussduzqI36JMoheauYIpbh9mgsZ3e/VfkbiGvTAke+pbm+5b+fMweEPaMc=; Domain=.deezer.com; Path=/; Expires=Sat, 27 Feb 2021 11:08:37 GMT; Max-Age=14400; HttpOnly _abck=19B0B172BC88A6B8F99F0162CB558144~-1~YAAQx2ZWuN9zwbZ3AQAAXFZR4gVLOnkyJuUy3nQfUV1Iy+AP/1NuB05Q5z5w8Lc8EeQRg8QriUfG3EbHHmmsDJTo61HofsUnfAVrRl38pkkTlgdKI/WcFGlWTXaVaBwvPspV/bG6JLk9NjpyfsZFm+dhQ+BE88Hgz8HD/GkgHgMmG9jtL0jHUZCy687SCD0XV4jYH3ujd47FffTZGUdlk0AebYQKC3EpL9LhGnJEFEHYrxnA/OhlKLLWkkLFQoMMBLMn3rCHJAg+Q6t4k2ITNM887W4aMkQyK+M7rAoeGlskuutJmmPxxNV+dWV4sgUecxHl28CGBnj51tKKzg18whIo3wD9v+29h3R+O+zBHtb4L99RGL0vA9MF0y0=~-1~-1~-1; Domain=.deezer.com; Path=/; Expires=Sun, 27 Feb 2022 07:08:37 GMT; Max-Age=31536000; Secure
x-org
FR

Redirect headers

server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
p3p
policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-frame-options
SAMEORIGIN
location
/us/playlist/8487933382
x-host
blm-web-117
x-ua-compatible
IE=edge,chrome=1,requiresActiveX=true
x-content-type-options
nosniff
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 27 Feb 2021 07:08:37 GMT
set-cookie
sid=fr14291c04169d921748df1b465a53730e34524c; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None ak_bmsc=BA10DC18DBCC44BEBA9F9AC8F2166C90B85666C783040000F5EF39609D81752E~pl3pDMpAyeRuj/vu1nEdxbMV9fOQAPvzdprbAHfT0bs65dc4WuMhLVdlzntdbQJdPebpPo4QFR2Imb4S1q1NPZa6wtopQhK72VQu/9I3BxfDtQc09/CyM+5sKb4CeuQyCT23+nY6ne3ta2cBObVW6i9xuh8fp52ivB2+XLsga9T9C+kwh5+Ax2Q1bxMsPH9WzQw0UoAiGePtXRjLCIrJ/DvuJNo7t8KlZfYtMEoMTlHvc=; expires=Sat, 27 Feb 2021 09:08:37 GMT; max-age=7200; path=/; domain=.deezer.com; HttpOnly bm_sz=432BD663AAA16A01E6FCDC4D75BC4A90~YAAQx2ZWuNJzwbZ3AQAA61VR4gryXPWLMuOF76V1MGB3TljiNpy6mldOLz45qjSkgujGvlMnfLhZbVtqnQ+Yrxz63tSHYCPZILPirCrCmFRuBBCdUIjMiooh20LzyMd3tGULrAaHVPPjeXSJZX7bt8O13IBpJjjxiWKWWcstq+SBS8ocCrh86+MXDiqn7Hxz; Domain=.deezer.com; Path=/; Expires=Sat, 27 Feb 2021 11:08:37 GMT; Max-Age=14400; HttpOnly _abck=70AA28E2EF7CBC2FEE3A9BB6EE409733~-1~YAAQx2ZWuNNzwbZ3AQAA61VR4gXTSKed1i7psfv8qeekAcqxODEJht3X6ERw5hs9wFvBjc2x0x1FQ7RGDTmKSlDN6vGUoxIrAjQZQvieURo3dEWE8OxqcBdhFhRBlB+P2e8/Cw+/Do2Yt/dlKKE8niTnN04n7dnpjroi+87kR7pNAbzNsO1WrEmTHzaeu2kghz8fLC6gCRhtw5RaI5qgkoameMkrLkTEb8h8Bse6VzZcALEGdTiZ5BQwE6YSyS4eAI1FSFrmrScS3xYwf4aYbdMB1h3XEWowkYPqa4LDiX3p6JndfaZ3+GzgP0uTuGdsdLT5L2fSWMIs6MTkvu5eb/oGrP9jASsAJdFc/tktee62+VfuB9TnRJJ4ISY=~-1~-1~-1; Domain=.deezer.com; Path=/; Expires=Sun, 27 Feb 2022 07:08:37 GMT; Max-Age=31536000; Secure
x-org
FR
8487933382
www.deezer.com/us/playlist/ Frame F41B
Redirect Chain
  • http://www.deezer.com/playlist/8487933382
  • https://www.deezer.com/playlist/8487933382
  • https://www.deezer.com/us/playlist/8487933382
0
0
Document
General
Full URL
https://www.deezer.com/us/playlist/8487933382
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.103.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-103-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.deezer.com
:scheme
https
:path
/us/playlist/8487933382
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sid=frb99de62bf19daf10694a1abc2a90250cceade6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
p3p
policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-frame-options
SAMEORIGIN
content-security-policy-report-only
upgrade-insecure-requests ; report-uri /csp-report block-all-mixed-content ; report-uri /csp-report
access-control-allow-origin
https://twitter.com
link
<https://e-cdns-files.dzcdn.net/cache/js/runtime.ec3ad2da6a5ddac3f72a.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/js/legacy.8f02eaccedfd961d02de.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/js/app-web.262ab55ced6ed5f85fdb.js>; as="script"; rel="preload"; nopush, <https://e-cdns-files.dzcdn.net/cache/css/sass_c/app-web.5640e2c0bcc9affee6e0.css>; as="style"; rel="preload"; nopush
content-encoding
gzip
x-host
blm-web-84
x-ua-compatible
IE=edge,chrome=1,requiresActiveX=true
x-content-type-options
nosniff
content-type
text/html; charset=utf-8
x-akamai-transformed
9 - 0 pmb=mTOE,3
date
Sat, 27 Feb 2021 07:08:37 GMT
vary
Accept-Encoding
set-cookie
sid=frb99de62bf19daf10694a1abc2a90250cceade6; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None dzr_uniq_id=dzr_uniq_id_fr653c083b8687c7adce667d08a63268a04954b8; expires=Thu, 26-Aug-2021 07:08:37 GMT; Max-Age=15552000; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None ak_bmsc=9D38D35582803BEA35E2C632C9044484B85666C783040000F5EF396070E2767E~plS4rWWzrHR7ttOpDWXF3pUWkfzYlIwSfo40R5UE5DmEQm0fQgplcAZkdrwkMILphV6rxal+HAxXOgj58sAZ+m9BOxNMqeaCPPSHYWg14ToFQlGkLXZsQvKkLeZVy0IOwXHIOAMEB3XViOG3x3P0RK3+UR887eC+8PrjzVGM3QtAi7FLeerxxBNzrHRIkbKeQ6+0pprYcaTmyaU+05Ra3uQZQKeLiHETtjJgf1+TeCpms=; expires=Sat, 27 Feb 2021 09:08:37 GMT; max-age=7200; path=/; domain=.deezer.com; HttpOnly bm_mi=805EF228757C4E3CA435FC2E1E1A7F72~wvMTzzTfjRrRjlY+CXh2MVchipyAPUJz8ehePQMSWRNYcEzKEo0lUWOfja080fxUX1qTv8nxWN11hMA0VTUb/IepEfQZeNVeFYfU5gY7xCogsGrFKTM4U0DA5MXsxwLpFDpsyzHXxsrzObjTMmEtaS0gmBwb2iA9r5IttBnK2EXc5RgxR2/uSAapN5OX+4Pac21iY7dHdX4aKqhBJUSsXi1RxjzT1Bh8ktJto1sR5a2uT07b8Pz3f70HRUyr+GGQ; Domain=.deezer.com; Path=/; Max-Age=0; HttpOnly bm_sz=4449AB097CEBDE3052BB71E4F07FF7D9~YAAQx2ZWuNpzwbZ3AQAAQ1ZR4go9VJquUElkZd0CHi1HNZf/WkoniaJ1SPYVTXlSQo4mcnQMpamD3D/jb1G9iI6CTq5fx1GxqA/txlR+CNav/zaZtjF/GZOcKpyhZSbTnJ9bnAa1wSHbiCYTwtk3SQRzT9a5NyJqQdc3pdpjfbqd0NhySdSEk9BVeHv1Jrg=; Domain=.deezer.com; Path=/; Expires=Sat, 27 Feb 2021 11:08:37 GMT; Max-Age=14400; HttpOnly _abck=5CDF9A7004BADCF30BF64717C3592799~-1~YAAQx2ZWuNtzwbZ3AQAAQ1ZR4gUgcn2cDfpgd6JmAyOK44l2M3RxVPFHMDWEHDjYfJH6uFMJya5/pix0/aMGfPtl19yRuw+/eifWA4Sl3B1WWjMilrgEit1uvkQBNj2BD+PmgGb5/aQrd8OAjut9N8IteWtJ2rszXIzfgw7hVMtZBHC9lfp0eK9QnK9R13EuLoYQ83KpVh8EbChfGxoMpoGLH6dMUKnpXiX96Jt0wfzOGkHC9PJHTqIx5r+CBnwg4MatjiTjxY9A20QwHoA3T6Wf9ehIw996CsiIXdPN8WqPlnEP/acKll52tblCmJBeU8dkX7AqgFAzIjffD0ajSiIRYm/AOknr3LdjNGUi6ZOxMGGzMpjoIn51GrA=~-1~-1~-1; Domain=.deezer.com; Path=/; Expires=Sun, 27 Feb 2022 07:08:37 GMT; Max-Age=31536000; Secure
x-org
FR

Redirect headers

server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
p3p
policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-frame-options
SAMEORIGIN
location
/us/playlist/8487933382
x-host
blm-web-49
x-ua-compatible
IE=edge,chrome=1,requiresActiveX=true
x-content-type-options
nosniff
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 27 Feb 2021 07:08:37 GMT
set-cookie
sid=frb99de62bf19daf10694a1abc2a90250cceade6; path=/; domain=.deezer.com; secure; HttpOnly; SameSite=None ak_bmsc=835F1E27EE857CF3E8428A99195736DEB85666C783040000F5EF3960D2147C7C~plinbYyE9uh/7xLXmDoGlj/Q40xT51Wnd9fgslGwALQFcaet9JECg4TOuccA1E1H3fpEFUVg1cR4+DTTFfdoCUCaB49EzQAdQcX0JfkAaXNXrMVVNs2j6vtP1SegB+heqNta4xFuHgpCyynmaXVRSQmlEUNUQIHqkF7/ivqv344U/lF4JClimp44fOVdir9t4s6H6BiQ4U0Touja1L18TJuazOHUYNDAJmvgvvbS98adU=; expires=Sat, 27 Feb 2021 09:08:37 GMT; max-age=7200; path=/; domain=.deezer.com; HttpOnly bm_sz=FCBF58F786C7BD360E0C5393C6C4BB27~YAAQx2ZWuM5zwbZ3AQAA5FVR4goSWVKnLN+Ng2Ajec4TmzZzmHgdx2ZW8L3Xpsdc0y0ZXTqNxb4+4tDtwI/J3Mmczj1i3aEQX98U2JZnmrCA6sR0H695149Om/71ttyc2zapsmbtMUAlBxdCWcUOVeV8ZOllLDxdK0egEVOfkTf8yEZfUW1lwwMKkmgmdrNA; Domain=.deezer.com; Path=/; Expires=Sat, 27 Feb 2021 11:08:37 GMT; Max-Age=14400; HttpOnly _abck=2131966375A6026DE1E9F98C164A0F19~-1~YAAQx2ZWuM9zwbZ3AQAA5FVR4gUWFEH0ddYPMPHClESDn/hTajbWrq0t4vXDwE83kHxidip3Ubp6ukjYiIu6adbGmXTR3Naah0XIrrvCJd4vYH8m47/wZd38QCnwiwNd5MabIK6lR7jQbytPMJvRXx+eiGhdmz0NCZxYdQRiZl4yhfFzW7sSH7kl4zGwEQ0+daSFsf+KZdfOG+60ek7wC1+KRLHsvYVP3NhN87CR51/0/D4hmh/llKUzdaQXnZfoDTqdKoUXi76xMzR7tlb41ojTgNSa4ySEjuxpQm8G8bOGlAMUe0P56YmUQYExLRxmsKPVpoGXCm2oCShRCbMsp0kNhElfH8jOuAMqshKyL12/GxpFkW0+DR8Nn08=~-1~-1~-1; Domain=.deezer.com; Path=/; Expires=Sun, 27 Feb 2022 07:08:37 GMT; Max-Age=31536000; Secure
x-org
FR
Cookie set etMyW0
gestyy.com/ Frame 3B74
0
0
Document
General
Full URL
http://gestyy.com/etMyW0
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
HTTP/1.1
Server
2606:4700:20::681a:89b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-0+deb8u13
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
gestyy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

Date
Sat, 27 Feb 2021 07:08:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df134763eee4a9d2be549001697c578c31614409717; expires=Mon, 29-Mar-21 07:08:37 GMT; path=/; domain=.gestyy.com; HttpOnly; SameSite=Lax PHPSESSID=g6jgp6e3ckpa1akidgd10108c4; expires=Sat, 27-Feb-2021 08:08:37 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly hl=en; expires=Sun, 27-Feb-2022 07:08:37 GMT; Max-Age=31536000; path=/ referrer_url=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0; expires=Sun, 28-Feb-2021 07:08:37 GMT; Max-Age=86400; path=/; httponly cookies-enable=1; path=/; httponly
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u13
Cache-Control
no-cache
X-Frame-Options
DENY
X-Server-ID
shn13
X-UA-Compatible
IE=Edge
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
cf-request-id
0883ea6d1e00004e68f338f000000001
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DgFsBQVhXTq4OQg9b0BCQ1uwQXk2dz3jOz0Ssqe4hqBNrBU3pX0S6ZEnQo3i96MJHkwmr8U23DNhVZq8yHJwPjB5yiES8sfMt708Qk2kX220A3JOHbnx"}],"max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6280135b68364e68-FRA
Content-Encoding
gzip
DivineDesignsByKrys
www.etsy.com/shop/ Frame D0BE
Redirect Chain
  • http://etsy.me/37IFRbs
  • https://etsy.me/37IFRbs
  • https://www.etsy.com/shop/DivineDesignsByKrys
0
516 B
Document
General
Full URL
https://www.etsy.com/shop/DivineDesignsByKrys
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.33.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-33-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
www.etsy.com
:scheme
https
:path
/shop/DivineDesignsByKrys
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server
Apache
x-cloud-trace-context
284dd1caf5f280cfb1970195a24e542d/16825229391293569383;o=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
content-type
text/html; charset=UTF-8
x-akamai-http2
True
date
Sat, 27 Feb 2021 07:08:37 GMT
set-cookie
uaid=IzK2xU_Fvw3bOKL3BRGKXD_jcpFjZACCBMv3X2F0tVJpYmaKkpWSRVFaoWtaYEqhuXFAfrBFQV5ZWJF3aYBpfm5FsVItAwA.; expires=Sun, 27-Feb-2022 07:08:37 GMT; Max-Age=31536000; path=/; domain=.etsy.com; secure; SameSite=None user_prefs=8omxj4vY7olSOnjCQqagxfiFBnBjZACCBMv3X2F0dF5pTo4OeUQsAwA.; expires=Sun, 27-Feb-2022 07:08:37 GMT; Max-Age=31536000; path=/; domain=.etsy.com

Redirect headers

cache-control
private, max-age=90
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Sat, 27 Feb 2021 07:08:37 GMT
location
https://www.etsy.com/shop/DivineDesignsByKrys
referrer-policy
unsafe-url
server
nginx
set-cookie
_bit=l1r78B-0e09faa3c77e3696aa-00t; Domain=etsy.me; Expires=Thu, 26 Aug 2021 07:08:37 GMT
strict-transport-security
max-age=1209600
content-length
132
convite
www.picpay.com/ Frame CF1F
Redirect Chain
  • http://www.picpay.com/convite?G9DK9C
  • https://www.picpay.com/convite?G9DK9C
91 KB
24 KB
Document
General
Full URL
https://www.picpay.com/convite?G9DK9C
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 / PHP/7.2.11
Resource Hash
8a6a21ecbbcb8881fc6d52ce3724e0deec4e72be594d2041aa01ab8d37800260

Request headers

:method
GET
:authority
www.picpay.com
:scheme
https
:path
/convite?G9DK9C
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.12.2
x-powered-by
PHP/7.2.11
cache-control
no-cache, private
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

Server
awselb/2.0
Date
Sat, 27 Feb 2021 07:08:37 GMT
Content-Type
text/html
Content-Length
134
Connection
keep-alive
Location
https://www.picpay.com:443/convite?G9DK9C
Cookie set etMyW0
gestyy.com/ Frame D265
0
0
Document
General
Full URL
http://gestyy.com/etMyW0
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
HTTP/1.1
Server
2606:4700:20::681a:89b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-0+deb8u13
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
gestyy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

Date
Sat, 27 Feb 2021 07:08:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dc2eb4f848a7ccc4595e01ed4e2a23dcb1614409717; expires=Mon, 29-Mar-21 07:08:37 GMT; path=/; domain=.gestyy.com; HttpOnly; SameSite=Lax PHPSESSID=c7dh9erlrhsj7pec46bkl4hjr2; expires=Sat, 27-Feb-2021 08:08:37 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly hl=en; expires=Sun, 27-Feb-2022 07:08:37 GMT; Max-Age=31536000; path=/ referrer_url=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0; expires=Sun, 28-Feb-2021 07:08:37 GMT; Max-Age=86400; path=/; httponly cookies-enable=1; path=/; httponly
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u13
Cache-Control
no-cache
X-Frame-Options
DENY
X-Server-ID
shn06
X-UA-Compatible
IE=Edge
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
cf-request-id
0883ea6d1d000005e4d304d000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ya7pNfj2oN7%2BGo19JFifmfMX49BmEKFlrxvwIqREDoXaf%2F4TAqO2DezBkW7%2Fm4LTXXxYNSd2R84NdvnN5ayiAbBs%2F861i9nfxwRDZSf0tIEw3GEgm4rc"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6280135b681c05e4-FRA
Content-Encoding
gzip
/
www.entireweb.com/free_submission/ Frame 15A2
Redirect Chain
  • http://www.entireweb.com/free_submission/?a=walawala
  • https://www.entireweb.com/free_submission/?a=walawala
17 KB
5 KB
Document
General
Full URL
https://www.entireweb.com/free_submission/?a=walawala
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx / PHP/7.3.27 PleskLin
Resource Hash
9fb983c60584ed2f5a3e59d288666a46cf252621c0acd82870ed4910abdd0167

Request headers

:method
GET
:authority
www.entireweb.com
:scheme
https
:path
/free_submission/?a=walawala
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server
nginx
date
Sat, 27 Feb 2021 07:08:37 GMT
content-type
text/html; charset=UTF-8
content-length
5140
x-powered-by
PHP/7.3.27 PleskLin
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 27 Feb 2021 07:08:37 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://www.entireweb.com/free_submission/?a=walawala
Cookie set /
vermontbiz.squarespace.com/2019-bob-winners/ Frame 0C98
485 KB
486 KB
Document
General
Full URL
http://vermontbiz.squarespace.com/2019-bob-winners/
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
8dc23d8b8bef5be2be8313bc6d8ab885209b0f3465cfea46567a8a64b37c3021

Request headers

Host
vermontbiz.squarespace.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

Content-Type
text/html;charset=UTF-8
Date
Sat, 27 Feb 2021 07:08:36 GMT
Server
Squarespace
Set-Cookie
JSESSIONID=3CD516541F85507334F390D60B76BF69.v5-web019; Path=/; HttpOnly
X-Contextid
cRXylrsX/0Ob6lUDU
Transfer-Encoding
chunked
/
www.entireweb.com/free_submission/ Frame E5B6
Redirect Chain
  • http://www.entireweb.com/free_submission/?a=walawala
  • https://www.entireweb.com/free_submission/?a=walawala
17 KB
5 KB
Document
General
Full URL
https://www.entireweb.com/free_submission/?a=walawala
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx / PHP/7.3.27 PleskLin
Resource Hash
9fb983c60584ed2f5a3e59d288666a46cf252621c0acd82870ed4910abdd0167

Request headers

:method
GET
:authority
www.entireweb.com
:scheme
https
:path
/free_submission/?a=walawala
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
http://traffic-monetizer.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0

Response headers

server
nginx
date
Sat, 27 Feb 2021 07:08:37 GMT
content-type
text/html; charset=UTF-8
content-length
5140
x-powered-by
PHP/7.3.27 PleskLin
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 27 Feb 2021 07:08:37 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://www.entireweb.com/free_submission/?a=walawala
fa-brands-400.woff2
www.entireweb.com/include/webfonts/ Frame 15A2
73 KB
73 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-brands-400.woff2
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
etag
"5c3c5631-12230"
content-type
font/woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
74288
fa-brands-400.woff
www.entireweb.com/include/webfonts/ Frame 15A2
85 KB
85 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-brands-400.woff
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
eb098ff1725c8819ea67b54d857b6574d20ccfbb2cc451c1fab85fb4d968a62d

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
etag
"5c3c5631-15408"
content-type
font/woff
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
87048
fa-brands-400.ttf
www.entireweb.com/include/webfonts/ Frame 15A2
131 KB
131 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-brands-400.ttf
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b52e41923dfdc250e4f7914afab339390b49f6834e158e0294cddf71c8f6248b

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-20c10"
content-type
application/font-sfnt
accept-ranges
bytes
content-length
134160
fa-solid-900.woff2
www.entireweb.com/include/webfonts/ Frame 15A2
77 KB
77 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-solid-900.woff2
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
etag
"5c3c5631-134fc"
content-type
font/woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
79100
fa-solid-900.woff
www.entireweb.com/include/webfonts/ Frame 15A2
100 KB
100 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-solid-900.woff
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
e14bf8513c6848f983ed24852e9700dec95589b748e26bacd6b2ca7dc9bb2aee

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
etag
"5c3c5631-18f50"
content-type
font/woff
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
102224
fa-solid-900.ttf
www.entireweb.com/include/webfonts/ Frame 15A2
204 KB
204 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-solid-900.ttf
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2e9112db77640346bf93bc6031a2e2ede793324533273de02c61345d39b70d26

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-32f98"
content-type
application/font-sfnt
accept-ranges
bytes
content-length
208792
jquarymerge.min.js
cdn.entireweb.com/include/js/ Frame 15A2
253 KB
79 KB
Script
General
Full URL
https://cdn.entireweb.com/include/js/jquarymerge.min.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c387866-3f4f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368
content-length
80832
font-awesome.css
cdn.entireweb.com/include/css/ Frame 15A2
26 KB
5 KB
Stylesheet
General
Full URL
https://cdn.entireweb.com/include/css/font-awesome.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2019 15:15:36 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c94fc18-681b"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=7094
content-length
5372
all.min.css
www.entireweb.com/include/css/ Frame 15A2
53 KB
11 KB
Stylesheet
General
Full URL
https://www.entireweb.com/include/css/all.min.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
8e94f635ea6201ba815e302c25cb450470f598c880c1a5abe9fe43716a0d310b

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Wed, 18 Dec 2019 14:18:48 GMT
server
nginx
etag
W/"5dfa3548-d23a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
dropin.min.js
js.braintreegateway.com/web/dropin/1.20.0/js/ Frame 15A2
351 KB
90 KB
Script
General
Full URL
https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-5.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
50eb773d3595b8f6bde7493ea0a2f5641b4b39e5a00794521dd66182aeab95f0

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 04:48:20 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 21:50:36 GMT
server
nginx
age
8417
etag
W/"603578ac-57ba8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
6Sx5h3Gr0zsdfhwCTekSRcV7TSYSDr4mpdTt0XRdQSnzIgI4h-jhMg==
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
expires
Sun, 28 Feb 2021 04:48:20 GMT
temp-style.css
cdn.entireweb.com/include/css/ Frame 15A2
37 KB
7 KB
Stylesheet
General
Full URL
https://cdn.entireweb.com/include/css/temp-style.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
153b9acda7f4103288cef31539fe07f09838f0867d72055145e4159eb08dc357

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Jan 2019 10:44:37 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c6815-9479"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=74092
content-length
6832
ew.css
www.entireweb.com/free_submission/ Frame 15A2
41 KB
9 KB
Stylesheet
General
Full URL
https://www.entireweb.com/free_submission/ew.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
2d78993263ae95bb823d1c9321ad49d09a7341bd291cca56f9a379b8479c15c2

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
etag
W/"5c387866-a40f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
css.css
www.entireweb.com/free_submission/ Frame 15A2
12 KB
2 KB
Stylesheet
General
Full URL
https://www.entireweb.com/free_submission/css.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
982a7e02d9bc3463ea7470fcb2b83104b9134b0b6bd3dcf0998358e5aa0f4a0f

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
etag
W/"5c387866-301b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
mobileburger.css
www.entireweb.com/free_submission/ Frame 15A2
4 KB
1 KB
Stylesheet
General
Full URL
https://www.entireweb.com/free_submission/mobileburger.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
e9dc680d1306408adb91dafb9214df61b5ded783b4976ced63731fc19c7e046d

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Tue, 22 Oct 2019 12:52:56 GMT
server
nginx
etag
W/"5daefba8-1008"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
js
www.googletagmanager.com/gtag/ Frame 15A2
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-263233-10
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec20bde78d0a630c4755d188de6934dce2db9c29a688f5e975d85a9067573232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39436
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:37 GMT
IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
widgets.entireweb.com/pixel/ Frame 15A2
77 KB
8 KB
Script
General
Full URL
https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.163.155.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-155-157.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) OpenSSL/1.1.1d / PHP/7.4.7
Resource Hash
843a0e84fb001c79fb2b24c58279d267f17f4dde3923324dc16ca1852aef4637

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Content-Encoding
gzip
Server
Apache/2.4.43 (Unix) OpenSSL/1.1.1d
X-Powered-By
PHP/7.4.7
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
8064
Expires
Sat, 27 Feb 2021 07:08:37 GMT
entireweb-web-search-engine-toplogo.png
cdn.entireweb.com/include/img/ Frame 15A2
10 KB
10 KB
Image
General
Full URL
https://cdn.entireweb.com/include/img/entireweb-web-search-engine-toplogo.png
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b62877eb46f9bb55b2b29b75105ea33e8ae5ac8f170f2d15982a728aca2fd902

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-26c9"
content-type
image/png
cache-control
public, max-age=223126
accept-ranges
bytes
content-length
9929
820x574-intro-searchengines.png
cdn.entireweb.com/include/img/ Frame 15A2
275 KB
276 KB
Image
General
Full URL
https://cdn.entireweb.com/include/img/820x574-intro-searchengines.png
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
da98c5459e194aef5e59d5d91c86b855b0fbdaf045f0b01b6573191511fb9831

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-44b1e"
content-type
image/png
cache-control
public, max-age=225200
accept-ranges
bytes
content-length
281374
jz06nf
affiliate.entireweb.com/scripts/ Frame 15A2
31 KB
7 KB
Script
General
Full URL
https://affiliate.entireweb.com/scripts/jz06nf
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 12:06:38 GMT
x-srv
3
age
65
etag
W/"7b51-5b5a24efbaf80"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish (1.lb-app.pap.linode-us-tx)
cache-control
max-age=120
x-varnish
217128648 217295504
accept-ranges
bytes
content-length
7147
server
nginx
expires
Sat, 27 Feb 2021 07:09:32 GMT
jquarymerge.min.js
www.entireweb.com/include/js/ Frame 15A2
253 KB
75 KB
Script
General
Full URL
https://www.entireweb.com/include/js/jquarymerge.min.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
etag
W/"5c387866-3f4f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
js.js
www.entireweb.com/free_submission/ Frame 15A2
228 B
331 B
Script
General
Full URL
https://www.entireweb.com/free_submission/js.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
1736659eb7e9d4ad2043a76bb4d23a5591677c4614c5dbf407ac30f303bb8a28

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
etag
W/"5c387866-e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
fa-brands-400.woff2
www.entireweb.com/include/webfonts/ Frame E5B6
73 KB
73 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-brands-400.woff2
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
etag
"5c3c5631-12230"
content-type
font/woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
74288
fa-brands-400.woff
www.entireweb.com/include/webfonts/ Frame E5B6
85 KB
85 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-brands-400.woff
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
eb098ff1725c8819ea67b54d857b6574d20ccfbb2cc451c1fab85fb4d968a62d

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
etag
"5c3c5631-15408"
content-type
font/woff
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
87048
fa-brands-400.ttf
www.entireweb.com/include/webfonts/ Frame E5B6
131 KB
131 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-brands-400.ttf
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b52e41923dfdc250e4f7914afab339390b49f6834e158e0294cddf71c8f6248b

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-20c10"
content-type
application/font-sfnt
accept-ranges
bytes
content-length
134160
fa-solid-900.woff2
www.entireweb.com/include/webfonts/ Frame E5B6
77 KB
77 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-solid-900.woff2
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
etag
"5c3c5631-134fc"
content-type
font/woff2
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
79100
fa-solid-900.woff
www.entireweb.com/include/webfonts/ Frame E5B6
100 KB
100 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-solid-900.woff
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
e14bf8513c6848f983ed24852e9700dec95589b748e26bacd6b2ca7dc9bb2aee

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
etag
"5c3c5631-18f50"
content-type
font/woff
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
102224
fa-solid-900.ttf
www.entireweb.com/include/webfonts/ Frame E5B6
204 KB
204 KB
Font
General
Full URL
https://www.entireweb.com/include/webfonts/fa-solid-900.ttf
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2e9112db77640346bf93bc6031a2e2ede793324533273de02c61345d39b70d26

Request headers

Origin
https://www.entireweb.com
Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-32f98"
content-type
application/font-sfnt
accept-ranges
bytes
content-length
208792
jquarymerge.min.js
cdn.entireweb.com/include/js/ Frame E5B6
253 KB
79 KB
Script
General
Full URL
https://cdn.entireweb.com/include/js/jquarymerge.min.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c387866-3f4f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10368
content-length
80832
font-awesome.css
cdn.entireweb.com/include/css/ Frame E5B6
26 KB
5 KB
Stylesheet
General
Full URL
https://cdn.entireweb.com/include/css/font-awesome.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2019 15:15:36 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c94fc18-681b"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=7094
content-length
5372
all.min.css
www.entireweb.com/include/css/ Frame E5B6
53 KB
11 KB
Stylesheet
General
Full URL
https://www.entireweb.com/include/css/all.min.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
8e94f635ea6201ba815e302c25cb450470f598c880c1a5abe9fe43716a0d310b

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Wed, 18 Dec 2019 14:18:48 GMT
server
nginx
etag
W/"5dfa3548-d23a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
dropin.min.js
js.braintreegateway.com/web/dropin/1.20.0/js/ Frame E5B6
351 KB
90 KB
Script
General
Full URL
https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-5.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
50eb773d3595b8f6bde7493ea0a2f5641b4b39e5a00794521dd66182aeab95f0

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 04:48:20 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 21:50:36 GMT
server
nginx
age
8417
etag
W/"603578ac-57ba8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
tM25vtLAQhYdQgEOIATGb64PtVpX3Hv6uxxd7Mjb1pKTX2ueIb1Usg==
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
expires
Sun, 28 Feb 2021 04:48:20 GMT
temp-style.css
cdn.entireweb.com/include/css/ Frame E5B6
37 KB
7 KB
Stylesheet
General
Full URL
https://cdn.entireweb.com/include/css/temp-style.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
153b9acda7f4103288cef31539fe07f09838f0867d72055145e4159eb08dc357

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Mon, 14 Jan 2019 10:44:37 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c6815-9479"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=74092
content-length
6832
ew.css
www.entireweb.com/free_submission/ Frame E5B6
41 KB
9 KB
Stylesheet
General
Full URL
https://www.entireweb.com/free_submission/ew.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
2d78993263ae95bb823d1c9321ad49d09a7341bd291cca56f9a379b8479c15c2

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
etag
W/"5c387866-a40f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
css.css
www.entireweb.com/free_submission/ Frame E5B6
12 KB
2 KB
Stylesheet
General
Full URL
https://www.entireweb.com/free_submission/css.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
982a7e02d9bc3463ea7470fcb2b83104b9134b0b6bd3dcf0998358e5aa0f4a0f

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
etag
W/"5c387866-301b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
mobileburger.css
www.entireweb.com/free_submission/ Frame E5B6
4 KB
1 KB
Stylesheet
General
Full URL
https://www.entireweb.com/free_submission/mobileburger.css
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
e9dc680d1306408adb91dafb9214df61b5ded783b4976ced63731fc19c7e046d

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Tue, 22 Oct 2019 12:52:56 GMT
server
nginx
etag
W/"5daefba8-1008"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
js
www.googletagmanager.com/gtag/ Frame E5B6
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-263233-10
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec20bde78d0a630c4755d188de6934dce2db9c29a688f5e975d85a9067573232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39436
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:37 GMT
IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
widgets.entireweb.com/pixel/ Frame E5B6
77 KB
8 KB
Script
General
Full URL
https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.163.155.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-155-157.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) OpenSSL/1.1.1d / PHP/7.4.7
Resource Hash
843a0e84fb001c79fb2b24c58279d267f17f4dde3923324dc16ca1852aef4637

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Content-Encoding
gzip
Server
Apache/2.4.43 (Unix) OpenSSL/1.1.1d
X-Powered-By
PHP/7.4.7
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
8064
Expires
Sat, 27 Feb 2021 07:08:37 GMT
entireweb-web-search-engine-toplogo.png
cdn.entireweb.com/include/img/ Frame E5B6
10 KB
10 KB
Image
General
Full URL
https://cdn.entireweb.com/include/img/entireweb-web-search-engine-toplogo.png
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b62877eb46f9bb55b2b29b75105ea33e8ae5ac8f170f2d15982a728aca2fd902

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-26c9"
content-type
image/png
cache-control
public, max-age=223126
accept-ranges
bytes
content-length
9929
820x574-intro-searchengines.png
cdn.entireweb.com/include/img/ Frame E5B6
275 KB
276 KB
Image
General
Full URL
https://cdn.entireweb.com/include/img/820x574-intro-searchengines.png
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
da98c5459e194aef5e59d5d91c86b855b0fbdaf045f0b01b6573191511fb9831

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-44b1e"
content-type
image/png
cache-control
public, max-age=225200
accept-ranges
bytes
content-length
281374
jz06nf
affiliate.entireweb.com/scripts/ Frame E5B6
31 KB
7 KB
Script
General
Full URL
https://affiliate.entireweb.com/scripts/jz06nf
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 12:06:38 GMT
x-srv
3
age
65
etag
W/"7b51-5b5a24efbaf80"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish (1.lb-app.pap.linode-us-tx)
cache-control
max-age=120
x-varnish
215039740 217295504
accept-ranges
bytes
content-length
7147
server
nginx
expires
Sat, 27 Feb 2021 07:09:32 GMT
jquarymerge.min.js
www.entireweb.com/include/js/ Frame E5B6
253 KB
75 KB
Script
General
Full URL
https://www.entireweb.com/include/js/jquarymerge.min.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
etag
W/"5c387866-3f4f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
js.js
www.entireweb.com/free_submission/ Frame E5B6
228 B
331 B
Script
General
Full URL
https://www.entireweb.com/free_submission/js.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.13.152.237 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
1736659eb7e9d4ad2043a76bb4d23a5591677c4614c5dbf407ac30f303bb8a28

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
etag
W/"5c387866-e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
common.css
vermontbiz.squarespace.com/display/ Frame 0C98
49 KB
49 KB
Stylesheet
General
Full URL
http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
dbcaf9499a3b75cc140484c09ca843e3e1507056d86385e2eee14dd2d6ddd2f6

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:36 GMT
Cache-Control
max-age=94608000, private
Server
Squarespace
X-Contextid
ujHGZBYw/BT8PNf1c
Transfer-Encoding
chunked
Content-Type
text/css
squarespace-gallery-slideshow.css
vermontbiz.squarespace.com/universal/styles/ Frame 0C98
4 KB
5 KB
Stylesheet
General
Full URL
http://vermontbiz.squarespace.com/universal/styles/squarespace-gallery-slideshow.css?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
bf1a62c3dd9d41a6e07e7d8085d73a6d6f4da10f000578f69f8f31ec7689aaa7

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"4592-1614363396000"
Content-Type
text/css
X-Contextid
hebycWzT/OFd23dWv
Accept-Ranges
bytes
Content-Length
4592
yahoo-dom-event.js
vermontbiz.squarespace.com/universal/yui/yahoo-dom-event/ Frame 0C98
36 KB
37 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
6366210ee3e98e8dbeb12ddb208aa5bf84a0e550b1ee7bc108154bed17d5fd86

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"36989-1614363396000"
Content-Type
text/javascript
X-Contextid
pu9ePXLP/R4RNTgjv
Accept-Ranges
bytes
Content-Length
36989
connection_core-min.js
vermontbiz.squarespace.com/universal/yui/connection/ Frame 0C98
7 KB
8 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/yui/connection/connection_core-min.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
dc493b884b5c1dd9cc927347a08a650c23ac5db728c6e76f359ea5d44b465eab

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"7581-1614363396000"
Content-Type
text/javascript
X-Contextid
DzTXDahq/C2e9wQRQ
Accept-Ranges
bytes
Content-Length
7581
json-min.js
vermontbiz.squarespace.com/universal/yui/json/ Frame 0C98
5 KB
5 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/yui/json/json-min.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
e4778b5e74de16953704058db3fc86b02d8cbf4e18c48b86b17da13e66c08660

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"4890-1614363396000"
Content-Type
text/javascript
X-Contextid
LbTWBmI7/4YE8dENX
Accept-Ranges
bytes
Content-Length
4890
animation-min.js
vermontbiz.squarespace.com/universal/yui/animation/ Frame 0C98
14 KB
14 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/yui/animation/animation-min.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
a80737f8fdf73f43cf3f9e19ce5a248f4d324823a0b9fe3d5b183104c5f0f914

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"13827-1614363396000"
Content-Type
text/javascript
X-Contextid
DzTXDahq/wWn5d93b
Accept-Ranges
bytes
Content-Length
13827
selector.js
vermontbiz.squarespace.com/universal/yui/selector/ Frame 0C98
21 KB
22 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/yui/selector/selector.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
b9b49c94efe4f8c5376973cf127a967b31b0b0c5ff78270b4975afc51b23d02b

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"21705-1614363396000"
Content-Type
text/javascript
X-Contextid
hebycWzT/3HvfBR51
Accept-Ranges
bytes
Content-Length
21705
element.js
vermontbiz.squarespace.com/universal/yui/element/ Frame 0C98
32 KB
33 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/yui/element/element.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
3f781e1ec8ab4da1b5277fd277a4243d4ea9d2fa38990c507b989870b3e9e39a

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:36 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"33056-1614363396000"
Content-Type
text/javascript
X-Contextid
DzTXDahq/VbI44qZp
Accept-Ranges
bytes
Content-Length
33056
global.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
46 KB
46 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/global.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
5163153f73bcb9d1a994adee45d155088ce2bfdcc760a3531a31e7e1057599e2

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:08 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"46629-1614364028000"
Content-Type
text/javascript
X-Contextid
pu9ePXLP/1G8NkdoP
Accept-Ranges
bytes
Content-Length
46629
lightbox.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
32 KB
32 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/lightbox.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
141e453c0954d4d72869df1454692b1191eb1f3a14583dba6711f47505cfeb95

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:08 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"32767-1614364028000"
Content-Type
text/javascript
X-Contextid
LbTWBmI7/dN3xKiwD
Accept-Ranges
bytes
Content-Length
32767
api.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
7 KB
7 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/api.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
966df6347e0edba690c2156333bdebb32c60f958538064654259678ddfdc4f21

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:06 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"6752-1614364026000"
Content-Type
text/javascript
X-Contextid
hebycWzT/1jBPRBJA
Accept-Ranges
bytes
Content-Length
6752
base64.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
2 KB
2 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/base64.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
a275d31e71f53519347ba3027d094b0106d58856342b84f529a69a4cd3259d29

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:06 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"1642-1614364026000"
Content-Type
text/javascript
X-Contextid
cRXylrsX/jdZp71YY
Accept-Ranges
bytes
Content-Length
1642
census.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
543 B
942 B
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/census.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
3c46620115be1a968545f16eba340f39e28ea9a5ed4629948639dcb4226a49d1

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:06 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"543-1614364026000"
Content-Type
text/javascript
X-Contextid
ujHGZBYw/IPQZaEFz
Accept-Ranges
bytes
Content-Length
543
yui2-yui3-bridge.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
12 KB
12 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/yui2-yui3-bridge.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
2f9ff181474313a332c97bbee9db56f7bcfdf5c0e02b8129e6d98e2892199588

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:08 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"12027-1614364028000"
Content-Type
text/javascript
X-Contextid
DzTXDahq/r5O8ieOT
Accept-Ranges
bytes
Content-Length
12027
squarespace-gallery-slideshow.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
21 KB
21 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/squarespace-gallery-slideshow.js?CE=75
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
4d3c90227aea70a3733ff1d8c46f42f43323d763764232390d50a9643bdd15c1

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:08 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"21566-1614364028000"
Content-Type
text/javascript
X-Contextid
pu9ePXLP/axblxr5p
Accept-Ranges
bytes
Content-Length
21566
cpk5jjj.js
use.typekit.com/ Frame 0C98
17 KB
7 KB
Script
General
Full URL
http://use.typekit.com/cpk5jjj.js
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
13cfd006a193767be58638649fb8404175db5e3fec29e83d5ba4e388f114732d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Encoding
gzip
Server
nginx
Date
Sat, 27 Feb 2021 07:08:37 GMT
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=600, stale-while-revalidate=604800
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
6839
guestlist-embed.js
guestlist.co/javascripts/ Frame 0C98
Redirect Chain
  • http://guestlistapp.com/javascripts/guestlist-embed.js
  • https://guestlistapp.com/javascripts/guestlist-embed.js
  • https://guestlist.co/javascripts/guestlist-embed.js
9 KB
4 KB
Script
General
Full URL
https://guestlist.co/javascripts/guestlist-embed.js
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.97.24.204 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5f0e20dd09132e89d903765e5304653208e126eb7487d39395cc4e470bf0991e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type
application/x-javascript
access-control-allow-origin
*
access-control-max-age
0
cache-control
public, must-revalidate, max-age=0
strict-transport-security
max-age=31536000; includeSubdomains
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
x-xss-protection
1; mode=block

Redirect headers

date
Sat, 27 Feb 2021 07:08:37 GMT
x-content-type-options
nosniff
server
nginx
location
https://guestlist.co/javascripts/guestlist-embed.js
vary
Origin
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, HEAD
content-type
text/html
access-control-allow-origin
*
access-control-max-age
0
strict-transport-security
max-age=31536000; includeSubdomains
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
178
x-xss-protection
1; mode=block
cookie-min.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
4 KB
5 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/cookie-min.js
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
27c757e3c8fd36b0356cf4d8f889ebad92688c23338baaf3abae30736ce21feb

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:06 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"4401-1614364026000"
Content-Type
text/javascript
X-Contextid
cRXylrsX/jP1LnazN
Accept-Ranges
bytes
Content-Length
4401
eu-cookie-policy.js
vermontbiz.squarespace.com/universal/scripts/ Frame 0C98
2 KB
2 KB
Script
General
Full URL
http://vermontbiz.squarespace.com/universal/scripts/eu-cookie-policy.js
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
a291ec1d6fd94c27c3c163fcf50ea118d548c64b38f95bb203958091df19b03b

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:37 GMT
Last-Modified
Fri, 26 Feb 2021 18:27:06 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"1682-1614364026000"
Content-Type
text/javascript
X-Contextid
hebycWzT/BUSqhEIr
Accept-Ranges
bytes
Content-Length
1682
ad.js
www.adplugg.com/serve/A48219153/js/1.1/ Frame E5B6
234 KB
65 KB
Script
General
Full URL
https://www.adplugg.com/serve/A48219153/js/1.1/ad.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.166.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
7e11170a0f7ef5c6fc10bf5581bd2060988b5d6ede1bcd98d09c1abafcb9e904

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:38 GMT
Content-Encoding
gzip
Server
nginx/1.15.5
Age
93
ETag
W/"2.87"
Vary
X-Cache
HIT
Content-Type
text/javascript;charset=UTF-8
Via
1.1 varnish-v4
Cache-Control
max-age=60, public
X-Varnish
33258279 33343858
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65744
ad.js
www.adplugg.com/serve/A48219153/js/1.1/ Frame 15A2
234 KB
65 KB
Script
General
Full URL
https://www.adplugg.com/serve/A48219153/js/1.1/ad.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.166.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
7e11170a0f7ef5c6fc10bf5581bd2060988b5d6ede1bcd98d09c1abafcb9e904

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:38 GMT
Content-Encoding
gzip
Server
nginx/1.15.5
Age
0
ETag
W/"2.87"
Vary
X-Cache
HIT
Content-Type
text/javascript;charset=UTF-8
Via
1.1 varnish-v4
Cache-Control
max-age=60, public
X-Varnish
33344004 33258280
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65744
50x180-feature-icons2.png
cdn.entireweb.com/include/img/ Frame E5B6
3 KB
3 KB
Image
General
Full URL
https://cdn.entireweb.com/include/img/50x180-feature-icons2.png
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/css.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
65a62cc0e7be1c2ddf719108c92cc51c4e94735bdbe8bd74e617d950baa1761d

Request headers

Referer
https://www.entireweb.com/free_submission/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-c46"
content-type
image/png
cache-control
public, max-age=45328
accept-ranges
bytes
content-length
3142
950x90-selogos-bar.jpg
cdn.entireweb.com/include/img/ Frame E5B6
15 KB
15 KB
Image
General
Full URL
https://cdn.entireweb.com/include/img/950x90-selogos-bar.jpg
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/css.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
59d521c7e1d5d1253714ccf0f586b7d6ae5e617f9975c9cf5ab64723002e5869

Request headers

Referer
https://www.entireweb.com/free_submission/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c387866-3ab9"
content-type
image/jpeg
cache-control
public, max-age=452694
accept-ranges
bytes
content-length
15033
50x180-feature-icons2.png
cdn.entireweb.com/include/img/ Frame 15A2
3 KB
3 KB
Image
General
Full URL
https://cdn.entireweb.com/include/img/50x180-feature-icons2.png
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/css.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
65a62cc0e7be1c2ddf719108c92cc51c4e94735bdbe8bd74e617d950baa1761d

Request headers

Referer
https://www.entireweb.com/free_submission/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Mon, 14 Jan 2019 09:28:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c3c5631-c46"
content-type
image/png
cache-control
public, max-age=589898
accept-ranges
bytes
content-length
3142
950x90-selogos-bar.jpg
cdn.entireweb.com/include/img/ Frame 15A2
15 KB
15 KB
Image
General
Full URL
https://cdn.entireweb.com/include/img/950x90-selogos-bar.jpg
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/css.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19b::3a15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
59d521c7e1d5d1253714ccf0f586b7d6ae5e617f9975c9cf5ab64723002e5869

Request headers

Referer
https://www.entireweb.com/free_submission/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Fri, 11 Jan 2019 11:05:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c387866-3ab9"
content-type
image/jpeg
cache-control
public, max-age=452694
accept-ranges
bytes
content-length
15033
trackjs.js
affiliate.entireweb.com/scripts/ Frame E5B6
31 KB
7 KB
Script
General
Full URL
https://affiliate.entireweb.com/scripts/trackjs.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 12:06:38 GMT
x-srv
3
age
65
etag
W/"7b51-5b5a24efbaf80"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish (1.lb-app.pap.linode-us-tx)
cache-control
max-age=120
x-varnish
213904191 217295504
accept-ranges
bytes
content-length
7147
server
nginx
expires
Sat, 27 Feb 2021 07:09:32 GMT
trackjs.js
affiliate.entireweb.com/scripts/ Frame 15A2
31 KB
7 KB
Script
General
Full URL
https://affiliate.entireweb.com/scripts/trackjs.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 12:06:38 GMT
x-srv
3
age
65
etag
W/"7b51-5b5a24efbaf80"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish (1.lb-app.pap.linode-us-tx)
cache-control
max-age=120
x-varnish
215939525 217295504
accept-ranges
bytes
content-length
7147
server
nginx
expires
Sat, 27 Feb 2021 07:09:32 GMT
analytics.js
www.google-analytics.com/ Frame E5B6
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-263233-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4880
date
Sat, 27 Feb 2021 05:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 27 Feb 2021 07:47:17 GMT
analytics.js
www.google-analytics.com/ Frame 15A2
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-263233-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4880
date
Sat, 27 Feb 2021 05:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 27 Feb 2021 07:47:17 GMT
css
fonts.googleapis.com/ Frame 45E7
37 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cdf5a442a3cc0f524587e271f499c9ba77ae0834e3a33b9b26b39e28b0d876b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 07:08:37 GMT
server
ESF
date
Sat, 27 Feb 2021 07:08:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Feb 2021 07:08:37 GMT
plugins.min.css
www.marathonbet.co.uk/landings/blocks/static/css/ Frame 45E7
395 KB
62 KB
Stylesheet
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/css/plugins.min.css
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91745e5a6d4006d522494e45b4c9195ab890beadd03e770c68bfb6e86f64a946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:24:51 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a63-62d7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
no-cache, must-revalidate
cf-ray
6280135eda892488-FRA
cf-request-id
0883ea6f4c0000248815861000000001
site.global.css
www.marathonbet.co.uk/landings/assets/css/ Frame 45E7
40 KB
10 KB
Stylesheet
General
Full URL
https://www.marathonbet.co.uk/landings/assets/css/site.global.css
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c43ca22960570d73fe186c57396733b8f8044f59b7b92b63dbdb92c0959e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:24:43 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a5b-a181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
no-cache, must-revalidate
cf-ray
6280135eda8b2488-FRA
cf-request-id
0883ea6f4c0000248864060000000001
site.global.css
www.marathonbet.co.uk/landings/assets/css/custom/ Frame 45E7
8 KB
2 KB
Stylesheet
General
Full URL
https://www.marathonbet.co.uk/landings/assets/css/custom/site.global.css
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7fe429ae4cdaf8105bb31a2491e076f127d005b2bc89110117980cf8740a4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:43:53 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127c9-21c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
no-cache, must-revalidate
cf-ray
6280135eda8d2488-FRA
cf-request-id
0883ea6f4c0000248804874000000001
site.global.js
www.marathonbet.co.uk/landings/assets/js/ Frame 45E7
236 KB
85 KB
Script
General
Full URL
https://www.marathonbet.co.uk/landings/assets/js/site.global.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c02e45096fe64f0737eb0575687264ee2365f6740876e618327d8b3209f02f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:43:53 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127c9-3b0e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
6280135eea922488-FRA
cf-request-id
0883ea6f4d00002488fbb10000000001
site.global.js
www.marathonbet.co.uk/landings/assets/js/custom/ Frame 45E7
19 KB
8 KB
Script
General
Full URL
https://www.marathonbet.co.uk/landings/assets/js/custom/site.global.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7402bb7dba8e1523e062ca0a063d3c4b660ad0871022d09d85e4e570e7295d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:24:44 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a5c-4df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
6280135eea932488-FRA
cf-request-id
0883ea6f4d00002488a7998000000001
plugins.min.js
www.marathonbet.co.uk/landings/blocks/static/js/ Frame 45E7
158 KB
53 KB
Script
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/js/plugins.min.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de87c35f5b60ca8e83e0a971217b411932b3c12a949b16167de1dda88174875b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-27750"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
6280135eea952488-FRA
cf-request-id
0883ea6f4d000024881f06b000000001
api.js
www.google.com/recaptcha/ Frame 45E7
907 B
670 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&onload=onScriptLoad
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
57aabc1104849fcdbe65cb780bfa6633228ec501258d2d60aa2a3d93a56dd48e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578
x-xss-protection
1; mode=block
expires
Sat, 27 Feb 2021 07:08:38 GMT
header-14-01.min.css
www.marathonbet.co.uk/landings/blocks/static/css/ Frame 45E7
28 KB
5 KB
Stylesheet
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/css/header-14-01.min.css
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4f7e14d0f68d619b155dadd78119d09711cb61f9bba866e801bf33a5c8f98e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:02 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127d2-70bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
no-cache, must-revalidate
cf-ray
6280135eda8e2488-FRA
cf-request-id
0883ea6f4f00002488b82ac000000001
newpart-02-00.min.css
www.marathonbet.co.uk/landings/blocks/static/css/ Frame 45E7
24 KB
5 KB
Stylesheet
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/css/newpart-02-00.min.css
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9386b3208ec6eebcd735a8319bf5705281d198783105692fe923b0719a43d745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:02 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127d2-6139"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
no-cache, must-revalidate
cf-ray
6280135eda8f2488-FRA
cf-request-id
0883ea6f4c000024880882c000000001
footer-11-00.min.css
www.marathonbet.co.uk/landings/blocks/static/css/ Frame 45E7
13 KB
3 KB
Stylesheet
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/css/footer-11-00.min.css
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34c93972705c7ddcc84706b83a71adcc22d663e176a2d03390a8210a2678733
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:01 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127d1-357e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
no-cache, must-revalidate
cf-ray
6280135eda902488-FRA
cf-request-id
0883ea6f4c000024888a897000000001
optimize.js
www.googleoptimize.com/ Frame 45E7
88 KB
34 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-PTD6KD6
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5dd21475a14aaefef3a2c4616e12d0089b81ea970cd0526e5da978c4b53b3dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34846
x-xss-protection
0
expires
Sat, 27 Feb 2021 07:08:37 GMT
moment.min.js
www.marathonbet.co.uk/landings/assets/js/ Frame 45E7
52 KB
19 KB
Script
General
Full URL
https://www.marathonbet.co.uk/landings/assets/js/moment.min.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:24:44 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a5c-d04c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
6280135eea992488-FRA
cf-request-id
0883ea6f5000002488d0b19000000001
en-gb.js
www.marathonbet.co.uk/landings/assets/js/moment-locale/ Frame 45E7
3 KB
1 KB
Script
General
Full URL
https://www.marathonbet.co.uk/landings/assets/js/moment-locale/en-gb.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e86bfd873ce2ba61885faa9e0ba2ae1a510574f698d6a3aba7da49d1505eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:24:44 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a5c-a47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
6280135eea9a2488-FRA
cf-request-id
0883ea6f5000002488eb2ef000000001
daterangepicker.js
www.marathonbet.co.uk/landings/assets/js/ Frame 45E7
65 KB
15 KB
Script
General
Full URL
https://www.marathonbet.co.uk/landings/assets/js/daterangepicker.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c256bcb9aa10ef7e6bab683a077aaedbbfdd6dad8deda4f1e7abf4f7fe104ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:43:53 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127c9-10301"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
6280135eea9c2488-FRA
cf-request-id
0883ea6f50000024880dbfd000000001
daterangepicker.css
www.marathonbet.co.uk/landings/assets/css/ Frame 45E7
7 KB
2 KB
Stylesheet
General
Full URL
https://www.marathonbet.co.uk/landings/assets/css/daterangepicker.css
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ef4c7e64475909a9e32315f91f5cc5753af998f3076c7e61c1386752a6b9a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:24:43 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a5b-1deb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
no-cache, must-revalidate
cf-ray
6280135eda912488-FRA
cf-request-id
0883ea6f4d00002488ff8c5000000001
marathon_logo_en.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/logo/ Frame 45E7
5 KB
2 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/logo/marathon_logo_en.svg?date=1612257921
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5cfe11b033ea87ba1fafe403a978b8ec663c977616919e3f8a4f6305f0da33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:32 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127f0-1456"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
62801366285d2488-FRA
cf-request-id
0883ea73d600002488a79be000000001
mancity.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/ Frame 45E7
19 KB
8 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/mancity.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5771db83014670269e981af8b2b68f4f4f54f5214874b41ea49a923605136454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:30 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8a-4b8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
62801366285e2488-FRA
cf-request-id
0883ea73d60000248804049000000001
sevilla.png
www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/ Frame 45E7
71 KB
71 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/sevilla.png?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4451dd6d0c9874b1cbd44fbbbad45f1c7688b65fba85652fe33c3bf9d1099475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
"601127fa-11a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
no-cache, must-revalidate
accept-ranges
bytes
cf-ray
62801366285f2488-FRA
content-length
72345
cf-request-id
0883ea73d600002488f8b8f000000001
zaragoza.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/ Frame 45E7
38 KB
15 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/partners/zaragoza.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876c47baba1d6b8feac5a06cd4b3bcdb6e98a65e63b17c41f1dc9a8f83eb71ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-97ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628602488-FRA
cf-request-id
0883ea73d900002488f8b90000000001
visa-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
6 KB
2 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/visa-white.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c37822d8b031ef6fcae40a2a5b2a183ac30769bd93b21fe9c2aa73337cec4b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:30 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8a-16a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628612488-FRA
cf-request-id
0883ea73d7000024889b914000000001
mastercard-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
29 KB
9 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/mastercard-white.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9ecc241b15446fd04b92ed5026c473a3986d680bc4f17bf363ed565044dc57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:30 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8a-749f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628622488-FRA
cf-request-id
0883ea73d700002488fbb36000000001
maestro-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
8 KB
3 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/maestro-white.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e95d4a39a603845a5bd5fec2bd672a1e8a94cce0fc9fe5a8c36056d57573c342
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-20e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628632488-FRA
cf-request-id
0883ea73d70000248855a1e000000001
banktransfer-en.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
9 KB
3 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/banktransfer-en.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7a8be46676d21b5058ba010b6549311a78a6b87c61953cb13d1668ecdc5988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:30 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8a-2473"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628642488-FRA
cf-request-id
0883ea73d7000024886ca5d000000001
skrill2.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
3 KB
1 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/skrill2.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
981b91a09857b33707e4784c2977f2a026b8b1a809940d4e230e23255dbbae09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-c08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628652488-FRA
cf-request-id
0883ea73d70000248864089000000001
neteller-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
3 KB
1 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/neteller-white.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd015e512f77c3bb8930ac78fc8e64a33a905e5aa1cadde379d20ddf0e4e4f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-c6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628662488-FRA
cf-request-id
0883ea73d70000248802328000000001
paysafecard-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
14 KB
5 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/paysafecard-white.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0236033b64827076dabee32636265f80c66147e6cded6bc6afffbc7eff28872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-372a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628672488-FRA
cf-request-id
0883ea73d700002488ee339000000001
paypal-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
7 KB
3 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/paypal-white.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01694614acbfdb7855af11b5c9d07aff0c1fe30ed4fdd60aaa0d39b864d0fd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-1b16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628682488-FRA
cf-request-id
0883ea73d800002488c41bf000000001
trustly.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
10 KB
4 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/trustly.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef858c9b1960e18ab571a1a8a898b2239ac0ccbab6ce84bd74594c36f1195dfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:30 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8a-291e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
62801366286a2488-FRA
cf-request-id
0883ea73da00002488d4a8b000000001
ecopayz-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ Frame 45E7
4 KB
2 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/pay/ecopayz-white.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb446d29480abd8e0f4edcaef3598cba619b58c9f2d339bab5ec45fd1c6ff06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-109d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
62801366286b2488-FRA
cf-request-id
0883ea73db000024887499b000000001
18_white_logo.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/ Frame 45E7
2 KB
1 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/18_white_logo.svg?date=1612257930
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ae2d2029e982a3d20fa96647a74df968034aa9dd227aec99fb581a680bedaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:30 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8a-975"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
62801366286d2488-FRA
cf-request-id
0883ea73db0000248881a95000000001
alderney-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/ Frame 45E7
101 KB
31 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/alderney-white.svg?date=1612257931
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ab10abd1ea2c940cb30a0a796c1ee8cb77fe33c31e3eb7468b2ef8808e2319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:31 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8b-1921e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
62801366286e2488-FRA
cf-request-id
0883ea73db00002488f5b5b000000001
gamblingcommission-white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/ Frame 45E7
21 KB
9 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/gamblingcommission-white.svg?date=1612257931
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af03aec793c0abd11a472714bdc769668c3704d99192a27e1f8c6e6967c899d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:31 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8b-5279"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
62801366286f2488-FRA
cf-request-id
0883ea73db000024885c34e000000001
begambleawareorg_white.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/ Frame 45E7
6 KB
3 KB
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/regulators/begambleawareorg_white.svg?date=1612257931
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
249ffdc04156821f4d0d26a1252b5eb40a3ebd277de6be636fd5650d6e9a9eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:31 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8b-1824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628702488-FRA
cf-request-id
0883ea73db0000248826b97000000001
editor-js
www.marathonbet.co.uk/landings/api/v1/site-edit/ Frame 45E7
2 KB
2 KB
Script
General
Full URL
https://www.marathonbet.co.uk/landings/api/v1/site-edit/editor-js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cde392786c19aa991f2e5501b39d4c502bde5d9cdcddf51af182d2973f519a34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=31536000
cf-ray
628013649f172488-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-request-id
0883ea72df00002488e8980000000001
header-14-01.min.js
www.marathonbet.co.uk/landings/blocks/static/js/ Frame 45E7
382 B
393 B
Script
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/js/header-14-01.min.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa4a67f196d515bc3927a9ba0ee3a22ad490f33db729b88db129520abb0d99a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:42 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127fa-17e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
628013657fc52488-FRA
cf-request-id
0883ea7367000024887b368000000001
newpart-02-00.min.js
www.marathonbet.co.uk/landings/blocks/static/js/ Frame 45E7
126 B
238 B
Script
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/js/newpart-02-00.min.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e164731004bfedf6c2701b4718f017c808123097b8c4e80efd2b283aa99e6e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:31 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a8b-7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
62801365b8072488-FRA
cf-request-id
0883ea7394000024889b912000000001
footer-11-00.min.js
www.marathonbet.co.uk/landings/blocks/static/js/ Frame 45E7
0
102 B
Script
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/js/footer-11-00.min.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:25:31 GMT
server
cloudflare
cache-status
MISS
etag
"60191a8b-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
accept-ranges
bytes
cf-ray
6280136628592488-FRA
content-length
0
cf-request-id
0883ea73d50000248808855000000001
get.js
www.marathonbet.co.uk/landings/assets/js/custom/ Frame 45E7
2 KB
894 B
Script
General
Full URL
https://www.marathonbet.co.uk/landings/assets/js/custom/get.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903ac783f77eb0052416fc22e4c10de43e66873b25f7bd47b187b2fa294b0d12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:43:53 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127c9-9e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
62801366285a2488-FRA
cf-request-id
0883ea73d500002488cb176000000001
trackingEngine.js
www.marathonbet.co.uk/landings/assets/js/custom/ Frame 45E7
4 KB
2 KB
Script
General
Full URL
https://www.marathonbet.co.uk/landings/assets/js/custom/trackingEngine.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eead2bd37da6b8f6cb3184f01b5a7b6b63d73faec64bb6a2063ea150f7048db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:43:53 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127c9-113b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
62801366285b2488-FRA
cf-request-id
0883ea73d50000248815888000000001
gaevents.js
www.marathonbet.co.uk/landings/assets/js/custom/ Frame 45E7
1 KB
536 B
Script
General
Full URL
https://www.marathonbet.co.uk/landings/assets/js/custom/gaevents.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5be9fbb835bf61dc0a303926821391554760402b2368aa3a54cdb37f3a0686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:24:44 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a5c-4c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
no-cache, must-revalidate
cf-ray
62801366285c2488-FRA
cf-request-id
0883ea73d60000248893861000000001
BOB+Logo-Color-FINAL-sm.png
static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/storage/BOB%20Logo-Color-FINAL-sm.png
  • http://static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/BOB+Logo-Color-FINAL-sm.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
72 KB
73 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/BOB+Logo-Color-FINAL-sm.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
adbfbe079d701272c73777c548eb5c8e372c6f0965a4678b28080c900c7fd8bb

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:40 GMT
Via
1.1 varnish, 1.1 varnish
Age
65984
X-Cache
HIT, MISS
X-Contextid
BlB0PMdJ/xbHzy1ip
Connection
keep-alive
Content-Length
74026
X-Served-By
cache-dfw18630-DFW, cache-fra19125-FRA
Last-Modified
Wed, 14 Dec 2016 21:58:11 GMT
Server
Squarespace
X-Timer
S1614409720.329288,VS0,VE343
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/f/489136/27378587/1481752691737/BOB+Logo-Color-FINAL-sm.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:39 GMT
X-Contextid
cRXylrsX/HOXFYixH
Server
Squarespace
Content-Length
0
Content-Type
image/png;charset=UTF-8
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 0C98
13 KB
6 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 13:52:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
62170
Cross-Origin-Resource-Policy
cross-origin
Content-Length
5437
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 26 Feb 2022 13:52:30 GMT
amigos.png
www.picpay.com/static/images/bullets/ Frame CF1F
73 KB
73 KB
Image
General
Full URL
https://www.picpay.com/static/images/bullets/amigos.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
37e74d4af1424a182692cffb376f0709e63282de5823327201baf6857770c545

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-12396"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
74646
expires
Sat, 27 Feb 2021 07:08:37 GMT
boleto.png
www.picpay.com/static/images/bullets/ Frame CF1F
23 KB
23 KB
Image
General
Full URL
https://www.picpay.com/static/images/bullets/boleto.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
45aeb5dec3a47816633be3ba20ce80a5bbbe8e5052bb8030d47adab89b645b2d

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-5b79"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
23417
expires
Sat, 27 Feb 2021 07:08:37 GMT
estacionamentos.png
www.picpay.com/static/images/bullets/ Frame CF1F
20 KB
20 KB
Image
General
Full URL
https://www.picpay.com/static/images/bullets/estacionamentos.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
bbce4c1901cf6498a4d53796c5630e81db3596202fd40e41b51bc7ea8e3af55f

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-5079"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
20601
expires
Sat, 27 Feb 2021 07:08:37 GMT
jogos.png
www.picpay.com/static/images/bullets/ Frame CF1F
13 KB
13 KB
Image
General
Full URL
https://www.picpay.com/static/images/bullets/jogos.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e784f44417a9910398028653c4396e17eeb7bf9e7ccd33b63b9aa1a20c2b911c

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-332e"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
13102
expires
Sat, 27 Feb 2021 07:08:37 GMT
store.png
www.picpay.com/static/images/bullets/ Frame CF1F
7 KB
7 KB
Image
General
Full URL
https://www.picpay.com/static/images/bullets/store.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
f0206f16ebcbf0a28ed2f332fb034d50456df8105a0ccda7df95d989bde929d3

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-1a71"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
6769
expires
Sat, 27 Feb 2021 07:08:37 GMT
recarga.png
www.picpay.com/static/images/bullets/ Frame CF1F
31 KB
31 KB
Image
General
Full URL
https://www.picpay.com/static/images/bullets/recarga.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
2ddac7f61adecfacf650352168831c0479ac0afbb82da79c1fee4a4a05906720

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-7a6b"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
31339
expires
Sat, 27 Feb 2021 07:08:37 GMT
badge-google-play-big.png
www.picpay.com/static/images/ Frame CF1F
13 KB
13 KB
Image
General
Full URL
https://www.picpay.com/static/images/badge-google-play-big.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
332c353346fa34ba648c1896f0a03034a8171a203c765ececcb1d9b47d5a8678

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-3395"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
13205
expires
Sat, 27 Feb 2021 07:08:37 GMT
badge-app-store-big.png
www.picpay.com/static/images/ Frame CF1F
10 KB
10 KB
Image
General
Full URL
https://www.picpay.com/static/images/badge-app-store-big.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
febf102a9b0661ed75e2d34a0a4da79ee48e9c3c6aec16bee9c17e6fd16c351a

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-27fc"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
10236
expires
Sat, 27 Feb 2021 07:08:37 GMT
ico-fb.png
www.picpay.com/static/images/ Frame CF1F
16 KB
16 KB
Image
General
Full URL
https://www.picpay.com/static/images/ico-fb.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
c9f6eb9585d10d1acd6ff05d522445aaf470be7f914a3ba1b858416e3577f3b6

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-3fdb"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
16347
expires
Sat, 27 Feb 2021 07:08:37 GMT
ico-tt.png
www.picpay.com/static/images/ Frame CF1F
16 KB
17 KB
Image
General
Full URL
https://www.picpay.com/static/images/ico-tt.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
cb2e91d152b816c43a54ed6a9c8fdcb92e7c40a6f8c8a46ffc7ee57c5b382dfb

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-413d"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
16701
expires
Sat, 27 Feb 2021 07:08:37 GMT
ico-ig.png
www.picpay.com/static/images/ Frame CF1F
17 KB
17 KB
Image
General
Full URL
https://www.picpay.com/static/images/ico-ig.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
17c26c15a38e5ee8092fef893dd8beec647604a743307ba4644ef284fd97aef7

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-427e"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
17022
expires
Sat, 27 Feb 2021 07:08:37 GMT
ico-youtube.png
www.picpay.com/static/images/ Frame CF1F
2 KB
2 KB
Image
General
Full URL
https://www.picpay.com/static/images/ico-youtube.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
2811b20b11c559060536ad04de1cdc1c6ff288fda0e8d1c878d2636a503ddc27

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-7f8"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2040
expires
Sat, 27 Feb 2021 07:08:37 GMT
ico-linkedin.png
www.picpay.com/static/images/ Frame CF1F
2 KB
3 KB
Image
General
Full URL
https://www.picpay.com/static/images/ico-linkedin.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
c085344c5498e00798127f57d4f1013f4c761f270c93d3eef19055fca6a525ef

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-9ba"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2490
expires
Sat, 27 Feb 2021 07:08:37 GMT
ico-tiktok.png
www.picpay.com/static/images/ Frame CF1F
2 KB
2 KB
Image
General
Full URL
https://www.picpay.com/static/images/ico-tiktok.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
7c95abe781ebf06979ce7ed8a8e221f61935e43603b29bdc0bb10c4003155c9d

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-875"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2165
expires
Sat, 27 Feb 2021 07:08:37 GMT
badge-google-play.png
www.picpay.com/static/images/ Frame CF1F
6 KB
7 KB
Image
General
Full URL
https://www.picpay.com/static/images/badge-google-play.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
8e0b05f528819fb06beaa15a7bf33a3d2ff5a3bf635ddabadc60fb6a40bd8bcb

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-1974"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
6516
expires
Sat, 27 Feb 2021 07:08:37 GMT
badge-app-store.png
www.picpay.com/static/images/ Frame CF1F
3 KB
3 KB
Image
General
Full URL
https://www.picpay.com/static/images/badge-app-store.png
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
97ea5d4ced240b8018eebde8e8d314a5ab1914fa921d073d02407f12d559aca5

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:24 GMT
server
nginx/1.12.2
etag
"603812b8-b17"
content-type
image/png
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2839
expires
Sat, 27 Feb 2021 07:08:37 GMT
js
www.googletagmanager.com/gtag/ Frame CF1F
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-855209381
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e135e3cf061067667ea655b872b3a6f7d772fea510cfa70496a97d7bbd649db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39436
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:37 GMT
js
www.googletagmanager.com/gtag/ Frame CF1F
98 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-49595033-2
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
511993a43b26b3d09e98b76bafe9b8ce00dd0c214221e398fad42ac9c739b941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39391
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:37 GMT
fbevents.js
connect.facebook.net/en_US/ Frame CF1F
91 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
LO1xTAnvz8tAkwkrUOCk4H+O+eINhnD/T+aUplHZcy7CHtAHyeWIE1WEaLDYfRhwQEFQG5WTgH+Cg08AF/BjlQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 27 Feb 2021 07:08:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ Frame CF1F
0
516 B
Image
General
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=PICP&x-r=http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.164.10 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:42 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
8E9D46FD34A84681
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
pwIdJY6ngM4ud116E2x1u6qrU19jr5onK3P+0zByazTBFWy4fNEg0B90HiSiklBQ0OTn9eVH/6k=
hotjar-1397873.js
static.hotjar.com/c/ Frame CF1F
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1397873.js?sv=6
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-24.fra2.r.cloudfront.net
Software
/
Resource Hash
5d51f7c03341f9c212aba23759ef0b2eab000a24ff3182dde9acbcdce1272cd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/0084e4d05a00a760d99fb6c5c5ec73c9
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1577
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-id
exLkeZ_jjeA8fEYcBaWlC82A9S4x9VFlo7JeZl56dh8iA-X46Q90Kw==
ppayreg.woff2
www.picpay.com/static/styles/webfont/ Frame CF1F
21 KB
22 KB
Font
General
Full URL
https://www.picpay.com/static/styles/webfont/ppayreg.woff2
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
2f126200b438f6261d02167703c0a49ce51062efcf7d99309098c5e86578be06

Request headers

Origin
https://www.picpay.com
Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:25 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"603812b9-559c"
content-length
21916
content-type
application/octet-stream
analytics.js
www.google-analytics.com/ Frame CF1F
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4880
date
Sat, 27 Feb 2021 05:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 27 Feb 2021 07:47:17 GMT
gtm.js
www.googletagmanager.com/ Frame CF1F
147 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5CPZW2
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52c989b150b6949b3e65363abb4fa1d1eabc75be7e93f8428a2af9746522bc23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51115
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:37 GMT
ppaybld.woff2
www.picpay.com/static/styles/webfont/ Frame CF1F
22 KB
22 KB
Font
General
Full URL
https://www.picpay.com/static/styles/webfont/ppaybld.woff2
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.87 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-87.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
7c027781127b6fad344a068f0ccc8dcaa6b20ec5cd98db56310849409fdd0412

Request headers

Origin
https://www.picpay.com
Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:37 GMT
last-modified
Thu, 25 Feb 2021 21:12:25 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"603812b9-5634"
content-length
22068
content-type
application/octet-stream
pixel.css
widgets.entireweb.com/themes/altum/assets/css/ Frame 15A2
36 KB
5 KB
Stylesheet
General
Full URL
https://widgets.entireweb.com/themes/altum/assets/css/pixel.css
Requested by
Host: widgets.entireweb.com
URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.163.155.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-155-157.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) OpenSSL/1.1.1d /
Resource Hash
34ef26f2dc337d09f7d7f0bd1a10f27ff9f3222484e68d5f5e0ea7eb81631595

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Aug 2020 11:50:07 GMT
Server
Apache/2.4.43 (Unix) OpenSSL/1.1.1d
ETag
"9091-5ad257d14c8c2-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4336
/
api64.ipify.org/ Frame 15A2
20 B
238 B
XHR
General
Full URL
https://api64.ipify.org/
Requested by
Host: widgets.entireweb.com
URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f2d8:4010:8::2 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software
nginx/1.19.7 /
Resource Hash
88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.entireweb.com
Date
Sat, 27 Feb 2021 07:08:38 GMT
Server
nginx/1.19.7
Connection
keep-alive
Content-Length
20
Vary
Origin
Content-Type
text/plain
2a01:4f8:192:5414::2
www.iplocate.io/api/lookup/ Frame 15A2
288 B
1 KB
XHR
General
Full URL
https://www.iplocate.io/api/lookup/2a01:4f8:192:5414::2
Requested by
Host: widgets.entireweb.com
URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8e72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8135274119acee82aafaee8ad4133b16c3b4081dffa052bcd9b3699b1e9ea77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
cf-ray
628013633cdcd6dd-FRA
x-ratelimit-limit
1000
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a9aed3f4-997a-4b2e-8cd7-d84a55af8e63
x-runtime
0.009180
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"e8135274119acee82aafaee8ad4133b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KjdKoou4RBg%2B5ThGlW6qb9lhc9IILJmQAh7hvN85PpNzbNvNgx4tb98M6zdhGoH9D15veoMmKRctWs%2F56mFs1mdXg2knp9nJ7B0D4FiJnN1HLuYTGXh3q9dw3r0%3D"}],"max_age":604800,"group":"cf-nel"}
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
x-ratelimit-limit, x-ratelimit-reset, x-ratelimit-remaining
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
2021-02-28 00:00:00 +0000
x-ratelimit-remaining
999
cf-request-id
0883ea72030000d6ddef2a4000000001
content-type
application/json; charset=utf-8
x-ratelimit-client-id
2a01:4f8:192:5414::2
pixel.css
widgets.entireweb.com/themes/altum/assets/css/ Frame E5B6
36 KB
5 KB
Stylesheet
General
Full URL
https://widgets.entireweb.com/themes/altum/assets/css/pixel.css
Requested by
Host: widgets.entireweb.com
URL: https://widgets.entireweb.com/pixel/IAJLC6UB8ZNUJVSUQ2OGSPDMVEESDQDZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.163.155.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-155-157.compute-1.amazonaws.com
Software
Apache/2.4.43 (Unix) OpenSSL/1.1.1d /
Resource Hash
34ef26f2dc337d09f7d7f0bd1a10f27ff9f3222484e68d5f5e0ea7eb81631595

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Aug 2020 11:50:07 GMT
Server
Apache/2.4.43 (Unix) OpenSSL/1.1.1d
ETag
"9091-5ad257d14c8c2-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4336
track.php
affiliate.entireweb.com/scripts/ Frame E5B6
66 B
443 B
Script
General
Full URL
https://affiliate.entireweb.com/scripts/track.php?accountId=default1&url=S_www.entireweb.com%2Ffree_submission%2F&referrer=H_traffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&isInIframe=true&getParams=%3Fa%3Dwalawala&anchor=
Requested by
Host: affiliate.entireweb.com
URL: https://affiliate.entireweb.com/scripts/trackjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef294a26b7bc4bb108953b59f9fd804031aa0176921188e5a0b1912e6bd5bba1

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-type
application/octet-stream, application/x-javascript
content-length
66
expires
Mon, 26 Jul 1997 05:00:00 GMT
track.php
affiliate.entireweb.com/scripts/ Frame 15A2
66 B
443 B
Script
General
Full URL
https://affiliate.entireweb.com/scripts/track.php?accountId=default1&url=S_www.entireweb.com%2Ffree_submission%2F&referrer=H_traffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&isInIframe=true&getParams=%3Fa%3Dwalawala&anchor=
Requested by
Host: affiliate.entireweb.com
URL: https://affiliate.entireweb.com/scripts/trackjs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
a76fad1fc33625662745f003219d8403e765dc0c412f59e889b993908dfa819d

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-type
application/octet-stream, application/x-javascript
content-length
66
expires
Mon, 26 Jul 1997 05:00:00 GMT
track.php
affiliate.entireweb.com/scripts/ Frame E5B6
66 B
447 B
Script
General
Full URL
https://affiliate.entireweb.com/scripts/track.php?accountId=default1&url=S_www.entireweb.com%2Ffree_submission%2F&referrer=H_traffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&isInIframe=true&getParams=%3Fa%3Dwalawala&anchor=
Requested by
Host: affiliate.entireweb.com
URL: https://affiliate.entireweb.com/scripts/jz06nf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
f164b0f7c34cc10d90a770c81b95d80e13932ec33598926cd158c20702dc0e5a

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-type
application/octet-stream, application/x-javascript
content-length
66
expires
Mon, 26 Jul 1997 05:00:00 GMT
bat.js
bat.bing.com/ Frame E5B6
28 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 01:12:13 GMT
x-msedge-ref
Ref A: C87F93F734914FAD828579F8F81D8991 Ref B: FRAEDGE1307 Ref C: 2021-02-27T07:08:38Z
etag
"8014993f13bd71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8512
track.php
affiliate.entireweb.com/scripts/ Frame 15A2
66 B
447 B
Script
General
Full URL
https://affiliate.entireweb.com/scripts/track.php?accountId=default1&url=S_www.entireweb.com%2Ffree_submission%2F&referrer=H_traffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&isInIframe=true&getParams=%3Fa%3Dwalawala&anchor=
Requested by
Host: affiliate.entireweb.com
URL: https://affiliate.entireweb.com/scripts/jz06nf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.33.2.97 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
ab221b6a08cf7afd686405d9ccde09f5980db42495fe870a9fc27274afa856ac

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx
content-type
application/octet-stream, application/x-javascript
content-length
66
expires
Mon, 26 Jul 1997 05:00:00 GMT
bat.js
bat.bing.com/ Frame 15A2
28 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 01:12:13 GMT
x-msedge-ref
Ref A: 462C001DF2E3475589CB061734248696 Ref B: FRAEDGE1307 Ref C: 2021-02-27T07:08:38Z
etag
"8014993f13bd71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8512
537191696950466
connect.facebook.net/signals/config/ Frame CF1F
240 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/537191696950466?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23ce5a3a01cba8e49310fa2810483542cd8e3832e19eeb0fed049571d5895cd4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
uAiNsR7MiYkAlqFM0VEXvQ7XwWKXlFxtu0fhanGVs6JadVxH2c5ME994ByQ6nnvQpBl0LATYu8/F3e2deY1h5g==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 27 Feb 2021 07:08:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.dbbd0f16dca02537aef0.js
script.hotjar.com/ Frame CF1F
217 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.dbbd0f16dca02537aef0.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1397873.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-11.fra2.r.cloudfront.net
Software
/
Resource Hash
3206338c1b9937821c2817da1ca9d71c9caab3f29ddbed6051cc37137736eee4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 14:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
147285
x-cache
Hit from cloudfront
content-length
58514
access-control-allow-origin
*
last-modified
Thu, 25 Feb 2021 14:10:45 GMT
etag
"343f2857df680c77e0648b393f21a333"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
WzuWUztUxDWxBHS2i-fmk4-LRoFeWx7uOe5ig9F3grEe6pDkbb1tyA==
js
www.googletagmanager.com/gtag/ Frame CF1F
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-855209381&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49595033-2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3acf0e811ad466a869d3a076bafcde05cab0d7ba5c828cb92f410ea27c6aaf6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39430
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:38 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame CF1F
31 KB
13 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-855209381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12348
x-xss-protection
0
server
cafe
etag
7672817363517198860
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Feb 2021 07:08:40 GMT
js
www.google-analytics.com/gtm/ Frame CF1F
86 KB
34 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-WXX3LPG&t=gtm12&cid=1810950490.1614409719
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a37eaa5f2ae1d7a44c39acbd581946022f57f919b7ab8f58e608d8883edbed7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34886
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:38 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame CF1F
423 B
498 B
Script
General
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=72397
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5CPZW2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.147 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
2b212d5fbb0d807d8dc09d3dcfd1af6428182cb75479505e227946e841332738

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/javascript
cache-control
public, max-age=10800
timing-allow-origin
*
content-length
310
expires
Sat, 27 Feb 2021 10:08:41 GMT
js
www.google-analytics.com/gtm/ Frame CF1F
95 KB
37 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-N2X6V7Q&t=gtag_UA_49595033_2&cid=1810950490.1614409719
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf8cde21125e1fbd0dc21e1c0d0025037aa687659fca67d6f6864b40a0cd3cda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37770
x-xss-protection
0
expires
Sat, 27 Feb 2021 07:08:38 GMT
gtm.js
www.googletagmanager.com/ Frame 45E7
68 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLQHKZ
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea284c0ffda5c38bf42c2628f79d87ad0314ec9bca4bf232fd0ad15d60b632e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27911
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:38 GMT
gtm.js
www.googletagmanager.com/ Frame 45E7
321 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSGGT2L
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83445fe1673a12bbbcd316d3b62813be302d651be5e661de110e411314ad6d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82946
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:38 GMT
white-ray.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/header/ Frame 45E7
239 B
410 B
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/header/white-ray.svg
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/blocks/static/css/header-14-01.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c62d867ca7c721b7572ab056103ce73f728c036311b4c9989726fabd82e279d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/blocks/static/css/header-14-01.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Tue, 02 Feb 2021 09:24:53 GMT
server
cloudflare
cache-status
MISS
etag
W/"60191a65-ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628712488-FRA
cf-request-id
0883ea73dc00002488d0b42000000001
red-ray.svg
www.marathonbet.co.uk/landings/blocks/static/img/assets/footer/ Frame 45E7
240 B
424 B
Image
General
Full URL
https://www.marathonbet.co.uk/landings/blocks/static/img/assets/footer/red-ray.svg
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/blocks/static/css/footer-11-00.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2b64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0096ee0be1f29c3d06fbe0748e6c34433ed65015916d1005abc004a4ea58cafa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/blocks/static/css/footer-11-00.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
last-modified
Wed, 27 Jan 2021 08:44:05 GMT
server
cloudflare
cache-status
MISS
etag
W/"601127d5-f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
content-type
image/svg+xml
cache-control
no-cache, must-revalidate
cf-ray
6280136628722488-FRA
cf-request-id
0883ea73dc000024884d190000000001
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 45E7
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.marathonbet.co.uk
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 09:18:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:47 GMT
server
sffe
age
78584
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10996
x-xss-protection
0
expires
Sat, 26 Feb 2022 09:18:54 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 45E7
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.marathonbet.co.uk
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:56:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:42 GMT
server
sffe
age
83504
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10968
x-xss-protection
0
expires
Sat, 26 Feb 2022 07:56:54 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 45E7
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.marathonbet.co.uk
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
96179
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:39 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 45E7
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.marathonbet.co.uk
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i%7CRoboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 21 Feb 2021 15:31:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:35 GMT
server
sffe
age
488258
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11052
x-xss-protection
0
expires
Mon, 21 Feb 2022 15:31:00 GMT
0
bat.bing.com/action/ Frame E5B6
0
149 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5118086&Ver=2&mid=5b10d88f-4c25-460f-a5b9-e53974c07965&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Search%20Engine%20Submission&kw=free%20search%20engine%20submission,%20google%20submission,%20submit%20url,%20url%20submission&p=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&r=&lt=1527&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=756194
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Feb 2021 07:08:38 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: A34EF31C869F4EEF9DA79BA52DAFD2DE Ref B: FRAEDGE1307 Ref C: 2021-02-27T07:08:38Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame E305
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1397873.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-104.fra2.r.cloudfront.net
Software
/
Resource Hash
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.picpay.com/convite?G9DK9C
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.picpay.com/convite?G9DK9C

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
BRsTs_hv1OzM77cScseNC2CF4YEjrq1A7txR9wwdU7w93CBo95lC_A==
age
8258857
0
bat.bing.com/action/ Frame 15A2
0
93 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5118086&Ver=2&mid=cb00538f-1b69-47a1-9468-9f6fd02d285a&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Search%20Engine%20Submission&kw=free%20search%20engine%20submission,%20google%20submission,%20submit%20url,%20url%20submission&p=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&r=&lt=1573&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=879989
Requested by
Host: www.entireweb.com
URL: https://www.entireweb.com/free_submission/?a=walawala
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 27 Feb 2021 07:08:38 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 253EB95144D5447CB3F3DBFB274D651A Ref B: FRAEDGE1307 Ref C: 2021-02-27T07:08:38Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
173199046367883
connect.facebook.net/signals/config/ Frame CF1F
241 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/173199046367883?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40ec7baa953be90c457cb87ec4d73885b92033564ae375a971924eb5a808e70d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
TndiJ6XMbuoK6w9Kqxm5IhZ7D0uqj6X4NtWsC1vGzZpLHqZ7yntpqd6BtsHgMPM3KcWDEDSlTWK51jhsKdwZ/w==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 27 Feb 2021 07:08:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame CF1F
44 B
408 B
Image
General
Full URL
https://www.facebook.com/tr/?id=537191696950466&ev=PageView&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&if=true&ts=1614409718821&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614409718591&coo=false&rqm=GET
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 27 Feb 2021 07:08:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 45E7
331 KB
332 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onScriptLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.marathonbet.co.uk
Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:45:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
age
1413
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
339250
x-xss-protection
0
expires
Sun, 27 Feb 2022 06:45:05 GMT
activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26a...
8522863.fls.doubleclick.net/ Frame 90BC
Redirect Chain
  • https://8522863.fls.doubleclick.net/activityi;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%2...
  • https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%...
530 B
1013 B
Document
General
Full URL
https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSGGT2L
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
1841f5e66d0bdd2899a245be7979d5bbf5e6a4b4fd7ea58743fd7329fdef3b92
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8522863.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:08:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
412
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 27-Feb-2021 07:23:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:08:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amplitude-5.8.0-min.gz.js
cdn.amplitude.com/libs/ Frame 45E7
57 KB
19 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-5.8.0-min.gz.js
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-62.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54234dbc5f94f0c00e43abfab5b835783474b7259ab5ba5ba4024e0ef212e181

Request headers

Origin
https://www.marathonbet.co.uk
Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 04:10:42 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
5885879
x-cache
Hit from cloudfront
content-length
18497
access-control-allow-origin
*
last-modified
Fri, 06 Dec 2019 21:57:52 GMT
server
AmazonS3
etag
"208999c2bfaa80353f3f37c256fd3a3d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
JayGW0K7hcKEk8hUb5nZ1QRH3tobN7O9
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
1oZWxxsLTDx1pEkBOpW19vfvAycqL_EhSY4Ij-aQPe6dRALgzokS-Q==
divolte.js
web-analytics0.com/ Frame 45E7
9 KB
4 KB
Script
General
Full URL
https://web-analytics0.com/divolte.js
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.150.147.252 Bradford, United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5bddaf4345c25f095b25c6346e271d6e6874d8c2abd9da72f321503bd6160ee8

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:40 GMT
Content-Encoding
gzip
ETag
"gz+W92vQ0XCXwlbJcY0bicdbmh02MKr2dpy8yFQO9YWDug="
Server
nginx
Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
4109
Expires
Sat, 27 Feb 2021 08:08:40 GMT
watch.js
mc.yandex.ru/metrika/ Frame 45E7
122 KB
43 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3eee3b037e3951c286d8baa2d4e436090bc58602786f73803d6901effe2875ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:39 GMT
content-encoding
br
last-modified
Sat, 20 Feb 2021 13:25:23 GMT
etag
"60310dc3-a99f"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
43423
expires
Sat, 27 Feb 2021 08:08:39 GMT
/
cx.atdmt.com/ Frame CF1F
Redirect Chain
  • https://www.facebook.com/tr/?id=173199046367883&ev=PageView&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&...
  • https://cx.atdmt.com/?c=4528061348418889873&f=AYzhYLFOrl186_611gNhmu8eVL6LYMfCaKqyr4CnvKC3miJy20JJHHe1wwZQxJ07c2hJuhAAE_Im12ZBJXM-ycSq&id=173199046367883&l=3&v=0
43 B
651 B
Image
General
Full URL
https://cx.atdmt.com/?c=4528061348418889873&f=AYzhYLFOrl186_611gNhmu8eVL6LYMfCaKqyr4CnvKC3miJy20JJHHe1wwZQxJ07c2hJuhAAE_Im12ZBJXM-ycSq&id=173199046367883&l=3&v=0
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
x-fb-debug
3jT6hrsN2IrbhFZHT8dfW+MVeLkRA0JMCYwkMD/QwPxxuSLmLAZekqUgTn+XsvetyXkCPN1+SLVw8YzguYTnhA==
content-encoding
br
x-content-type-options
nosniff
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 26 Feb 2021 23:08:38 PST
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-fb-rlafr
0
expires
Fri, 26 Feb 2021 23:08:38 PST

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:38 GMT
server
proxygen-bolt
content-type
text/plain
location
https://cx.atdmt.com/?c=4528061348418889873&f=AYzhYLFOrl186_611gNhmu8eVL6LYMfCaKqyr4CnvKC3miJy20JJHHe1wwZQxJ07c2hJuhAAE_Im12ZBJXM-ycSq&id=173199046367883&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
expires
0
1
mc.yandex.ru/watch/28361181/ Frame 45E7
Redirect Chain
  • https://mc.yandex.ru/watch/28361181?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-mo...
  • https://mc.yandex.ru/watch/28361181/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-...
167 B
249 B
XHR
General
Full URL
https://mc.yandex.ru/watch/28361181/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A303688808186%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A916855014%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a6adcd09f9bb22a3320b63f1a4da02e9c4ade2498488f197b308323373c2e955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:39 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Feb-2021 07:08:39 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marathonbet.co.uk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Sat, 27-Feb-2021 07:08:39 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:39 GMT
last-modified
Sat, 27-Feb-2021 07:08:39 GMT
location
/watch/28361181/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A303688808186%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A916855014%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.marathonbet.co.uk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Sat, 27-Feb-2021 07:08:39 GMT
1
mc.yandex.ru/watch/21139201/ Frame 45E7
Redirect Chain
  • https://mc.yandex.ru/watch/21139201?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-mo...
  • https://mc.yandex.ru/watch/21139201/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-...
167 B
198 B
XHR
General
Full URL
https://mc.yandex.ru/watch/21139201/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A1497298881667%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A1018225097%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6553cabbaa824a89a0f697489afdb9df53fd7c905bf0d375cd72744b13004933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:39 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Feb-2021 07:08:39 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marathonbet.co.uk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Sat, 27-Feb-2021 07:08:39 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:39 GMT
last-modified
Sat, 27-Feb-2021 07:08:39 GMT
location
/watch/21139201/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A1497298881667%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A1018225097%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.marathonbet.co.uk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Sat, 27-Feb-2021 07:08:39 GMT
1
mc.yandex.ru/watch/45714030/ Frame 45E7
Redirect Chain
  • https://mc.yandex.ru/watch/45714030?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-mo...
  • https://mc.yandex.ru/watch/45714030/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-...
186 B
221 B
XHR
General
Full URL
https://mc.yandex.ru/watch/45714030/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A1595709577030%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A892871772%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
061a8d44210c7c20d445333504e226b1e10beb4cbd8e8fc7e3bde50f36991bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:39 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Feb-2021 07:08:39 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marathonbet.co.uk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Sat, 27-Feb-2021 07:08:39 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:39 GMT
last-modified
Sat, 27-Feb-2021 07:08:39 GMT
location
/watch/45714030/1?wmode=7&page-url=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&page-ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A1814%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A1595709577030%3Ahid%3A162252338%3Az%3A60%3Ai%3A20210227080839%3Aet%3A1614409719%3Ac%3A1%3Arn%3A892871772%3Au%3A1614409719498175174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614409716993%3Ads%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1401%2C12%2C%2C%2C%2C1922%3Adsn%3A1%2C14%2C267%2C0%2C221%2C0%2C%2C1417%2C12%2C%2C%2C%2C1922%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614409719%3At%3AWelcome%20to%20Marathonbet%20%7C%20Better%20Odds%20Mean%20Bigger%20Winnings
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.marathonbet.co.uk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Sat, 27-Feb-2021 07:08:39 GMT
advert.gif
mc.yandex.ru/metrika/ Frame 45E7
43 B
244 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.marathonbet.co.uk
URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:39 GMT
last-modified
Sat, 20 Feb 2021 13:25:23 GMT
etag
"60310dc3-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 27 Feb 2021 08:08:39 GMT
/
www.facebook.com/tr/ Frame CF1F
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=537191696950466&ev=Microdata&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&if=true&ts=1614409719324&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Envie%20e%20receba%20dinheiro%20pelo%20PicPay%20%20%22%2C%22meta%3Adescription%22%3A%22Crie%20sua%20conta%20com%20meu%20c%C3%B3digo%20e%20ganhe%20de%20volta%20os%20R%2410%20que%20gastar.%22%2C%22meta%3Akeywords%22%3A%22pagamento%20mobile%2C%20pagamento%20smartphone%2C%20smartphone%2C%20mobile%20payment%2C%20pagamento%20via%20celular%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Envie%20e%20receba%20dinheiro%20pelo%20PicPay%22%2C%22og%3Adescription%22%3A%22Crie%20sua%20conta%20com%20meu%20c%C3%B3digo%20e%20ganhe%20de%20volta%20os%20R%2410%20que%20gastar.%22%2C%22og%3Aimage%22%3A%22%2Fstatic%2Fimages%2Fp2p-og-image.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614409718591&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 27 Feb 2021 07:08:39 GMT
/
www.facebook.com/tr/ Frame CF1F
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=173199046367883&ev=Microdata&dl=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&rl=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&if=true&ts=1614409719457&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Envie%20e%20receba%20dinheiro%20pelo%20PicPay%20%20%22%2C%22meta%3Adescription%22%3A%22Crie%20sua%20conta%20com%20meu%20c%C3%B3digo%20e%20ganhe%20de%20volta%20os%20R%2410%20que%20gastar.%22%2C%22meta%3Akeywords%22%3A%22pagamento%20mobile%2C%20pagamento%20smartphone%2C%20smartphone%2C%20mobile%20payment%2C%20pagamento%20via%20celular%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Envie%20e%20receba%20dinheiro%20pelo%20PicPay%22%2C%22og%3Adescription%22%3A%22Crie%20sua%20conta%20com%20meu%20c%C3%B3digo%20e%20ganhe%20de%20volta%20os%20R%2410%20que%20gastar.%22%2C%22og%3Aimage%22%3A%22%2Fstatic%2Fimages%2Fp2p-og-image.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614409718591&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:39 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 27 Feb 2021 07:08:39 GMT
dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D726...
adservice.google.com/ddm/fls/i/ Frame 31E3
529 B
628 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e1706c85a166c1e2e0db3acf9a850d46f3f32e3744c07002d4eda2b8cb078f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://8522863.fls.doubleclick.net/activityi;dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312?

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:08:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
411
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D726...
8522863.fls.doubleclick.net/ddm/fls/r/ Frame 89BE
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcom...
  • https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%...
2 KB
1 KB
Document
General
Full URL
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
aeddf724c04fc63f51a85069b6ad5db87a68a92348e304942b587de9d9c845ab
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8522863.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://adservice.google.com/ddm/fls/i/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:08:40 GMT
expires
Sat, 27 Feb 2021 07:08:40 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
1055
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 27-Feb-2021 07:23:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Feb 2021 07:08:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/ Frame 89BE
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-986535033
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d58b6bfed13181253c29252ef30a9ca8190e5c5ff8901aea0f2f7820a98e98c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39437
x-xss-protection
0
last-modified
Sat, 27 Feb 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Feb 2021 07:08:40 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 89BE
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
LO1xTAnvz8tAkwkrUOCk4H+O+eINhnD/T+aUplHZcy7CHtAHyeWIE1WEaLDYfRhwQEFQG5WTgH+Cg08AF/BjlQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 27 Feb 2021 07:08:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
admtracker.lib.min.js
pj.l.a8723.com/ Frame 89BE
5 KB
2 KB
Script
General
Full URL
https://pj.l.a8723.com/admtracker.lib.min.js
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-10.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:01:57 GMT
content-encoding
gzip
last-modified
Tue, 25 Aug 2020 14:10:14 GMT
server
AmazonS3
age
404
etag
W/"5a420213029638ecea775a40089898aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control
public,max-age=900
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
buyOsPEHVdTzmDw_M0lmuCJMKBbkUX_0qev_3eqHZbfOJ_IwGB8_yQ==
789511627817132
connect.facebook.net/signals/config/ Frame 89BE
241 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/789511627817132?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ebe297e3c1ec1106923efa62ef7c9f76cf6b8c37019512eaa0ae360769686ba
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70815
x-fb-rlafr
0
pragma
public
x-fb-debug
LRPI1RGqX7q8XqgSjDDefGyEcES7ZMOUI+pPQ/w02N0PMPs2ACIYEKGBBzEJlE4RCYdl3qTu3PrNADf2kxKa/w==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sat, 27 Feb 2021 07:08:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 89BE
31 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-986535033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12348
x-xss-protection
0
server
cafe
etag
7672817363517198860
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Feb 2021 07:08:40 GMT
/
www.facebook.com/tr/ Frame 89BE
44 B
258 B
Image
General
Full URL
https://www.facebook.com/tr/?id=789511627817132&ev=PageView&dl=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&rl=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&if=true&ts=1614409720650&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614409720611&coo=false&rqm=GET
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 27 Feb 2021 07:08:40 GMT
error
connect.facebook.net//log/ Frame 89BE
0
0
Image
General
Full URL
https://connect.facebook.net//log/error?p=pixel&v=2.9.33&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20C%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F789511627817132%3Fv%3D2.9.33%26r%3Dstable%3A25%3A5431)%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F789511627817132%3Fv%3D2.9.33%26r%3Dstable%3A25%3A5786)%0A%20%20%20%20at%20H%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F789511627817132%3Fv%3D2.9.33%26r%3Dstable%3A25%3A6228)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F789511627817132%3Fv%3D2.9.33%26r%3Dstable%3A25%3A6905)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A65139)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9349)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9985)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A8768)&ue=0&rs=stable&rqm=FGET
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

/
www.facebook.com/tr/ Frame 89BE
44 B
212 B
Image
General
Full URL
https://www.facebook.com/tr/?id=789511627817132&ev=CompleteRegistration&dl=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&rl=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&if=true&ts=1614409720656&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614409720611&coo=false&rqm=GET
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 27 Feb 2021 07:08:40 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/855209381/ Frame CF1F
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855209381/?random=1614409720770&cv=9&fst=1614409720770&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a44948b4c6d4dcc30672bce5197c1190d911a0ba8465bf1cc0d431f3d11456ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1102
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/855209381/ Frame CF1F
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855209381/?random=1614409720772&cv=9&fst=1614409720772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd69550e2e182092a182d5c5b8dc86563bba25f4f93d18fec75773f1d835b6a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1102
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/986535033/ Frame 89BE
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986535033/?random=1614409720773&cv=9&fst=1614409720773&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
588b1b5e35bf5ff5c59654ddfc9e5f923b7c038d1d9ddeb1e153bccc884e25f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1214
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/986535033/ Frame 89BE
2 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/986535033/?random=1614409720774&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
3046f5dfe01b98c22d6030e982161c03c4ef4bf0468dc804ba3b8f76be7daf24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1297
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/855209381/ Frame CF1F
42 B
321 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/855209381/?random=1614409720770&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&async=1&fmt=3&is_vtc=1&random=2302237353&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/855209381/ Frame CF1F
42 B
552 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/855209381/?random=1614409720770&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&async=1&fmt=3&is_vtc=1&random=2302237353&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/986535033/ Frame 89BE
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/986535033/?random=1614409720773&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&async=1&fmt=3&is_vtc=1&random=3099588750&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/986535033/ Frame 89BE
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/986535033/?random=1614409720773&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&async=1&fmt=3&is_vtc=1&random=3099588750&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/855209381/ Frame CF1F
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/855209381/?random=1614409720772&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&async=1&fmt=3&is_vtc=1&random=3109552176&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/855209381/ Frame CF1F
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/855209381/?random=1614409720772&cv=9&fst=1614409200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.picpay.com%2Fconvite%3FG9DK9C&ref=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&tiba=Envie%20e%20receba%20dinheiro%20pelo%20PicPay&async=1&fmt=3&is_vtc=1&random=3109552176&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/986535033/ Frame 89BE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
  • https://www.google.com/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
  • https://www.google.de/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
530 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&cid=CAQSKQCNIrLMe1CJ75XW7xYbAc69NGhL4wZfH7K7qOhNgkNmnurWSTlz2eab&random=708676933&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 8522863.fls.doubleclick.net
URL: https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Feb 2021 07:08:40 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/986535033/?random=1483199062&cv=9&fst=1614409720774&num=1&label=nmIbCKLMpogBEPmotdYD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&ref=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=-O85YPCCNN2E9fgPw7SkwA8&cid=CAQSKQCNIrLMe1CJ75XW7xYbAc69NGhL4wZfH7K7qOhNgkNmnurWSTlz2eab&random=708676933&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 45E7
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSGGT2L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4884
date
Sat, 27 Feb 2021 05:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 27 Feb 2021 07:47:17 GMT
csc-event
web-analytics0.com/ Frame 45E7
37 B
333 B
Image
General
Full URL
https://web-analytics0.com/csc-event?p=0%3Aklndv4kc%3AGQzjkcVQ0FjS02qg48OYGvihEis_YKu9&s=0%3Aklndv4kc%3Al5EUUoBhVMyGRA2lqniuHwFOS_vtiEXx&v=0%3Acgpfj5pghViwNs1NC5s_JNMsV2rklw_g&e=0%3Acgpfj5pghViwNs1NC5s_JNMsV2rklw_g0&c=klndv55p&n=t&f=t&l=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312&r=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&i=18g&j=xc&k=1&w=1&h=1&t=pageView&u=(sprojectId!LANDINGS!ssub_projectId!ALDERNEY!sloginId!undefined!sreport!true!spage_hostname!www.marathonbet.co.uk!spage_path!%2Flandings%2Fwelcome!stime_start!1614409718728!stime_load!1614409721051!stime_server!undefined!sreferer_landing!undefined!spref!undefined!scurrencySymbol!undefined!slocaleLanguage!undefined!slocale_name!undefined!soddsType!undefined!ssiteStyle!undefined!sdivolte_test_mode!false!sappBuildNumber!undefined!sappVersion!undefined!sdeviceBrand!undefined!sdeviceModelName!undefined!sdeviceName!undefined!sdeviceOs!undefined!sdeviceOsVersion!undefined!sfingerprint!undefined!stiming!%7B%22navigationStart%22%3A1614409716993%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1614409717214%2C%22domainLookupStart%22%3A1614409717215%2C%22domainLookupEnd%22%3A1614409717216%2C%22connectStart%22%3A1614409717216%2C%22connectEnd%22%3A1614409717230%2C%22secureConnectionStart%22%3A1614409717221%2C%22requestStart%22%3A1614409717231%2C%22responseStart%22%3A1614409717498%2C%22responseEnd%22%3A1614409717498%2C%22domLoading%22%3A1614409717514%2C%22domInteractive%22%3A1614409718915%2C%22domContentLoadedEventStart%22%3A1614409718915%2C%22domContentLoadedEventEnd%22%3A1614409718927%2C%22domComplete%22%3A1614409721036%2C%22loadEventStart%22%3A1614409721036%2C%22loadEventEnd%22%3A1614409721037%2C%22firstPaint%22%3A0%2C%22loadTime%22%3A3823%2C%22domReadyTime%22%3A2121%2C%22readyStart%22%3A221%2C%22redirectTime%22%3A0%2C%22appcacheTime%22%3A1%2C%22unloadEventTime%22%3A0%2C%22lookupDomainTime%22%3A1%2C%22connectTime%22%3A14%2C%22requestTime%22%3A267%2C%22initDomTreeTime%22%3A1417%2C%22loadEventTime%22%3A1%7D!sloadTime!3823!)&x=u8x30p
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.150.147.252 Bradford, United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Feb 2021 07:08:41 GMT
Server
nginx
ETag
"6b3edc43-20ec-4078-bc47-e965dd76b88a"
Content-Type
image/gif
Cache-Control
private, no-cache, proxy-revalidate
Connection
keep-alive
Content-Length
37
Expires
Fri, 14 Apr 1995 11:30:00 GMT
ld.js
static.criteo.net/js/ld/ Frame CF1F
36 KB
12 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=72397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:41 GMT
content-encoding
gzip
last-modified
Mon, 14 Sep 2020 13:03:43 GMT
server
nginx
etag
W/"5f5f6a2f-90a2"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 28 Feb 2021 07:08:41 GMT
syncframe
gum.criteo.com/ Frame C52C
0
150 B
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=traffic-monetizer.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=traffic-monetizer.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.picpay.com/convite?G9DK9C
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.picpay.com/convite?G9DK9C

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1756
date
Sat, 27 Feb 2021 07:08:40 GMT
content-length
0
jsonp.js
www.adplugg.com/apusers/autoins/A48219153/js/1.0/ Frame 15A2
49 B
409 B
Script
General
Full URL
https://www.adplugg.com/apusers/autoins/A48219153/js/1.0/jsonp.js?hn=www.entireweb.com&bu=%2Ffree_submission%2F%3Fa%3Dwalawala
Requested by
Host: www.adplugg.com
URL: https://www.adplugg.com/serve/A48219153/js/1.1/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.166.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
6d2d9912610844ca937ac8fbcf67b04c53f085675d37ac833a62d12bddd2b7b1

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:41 GMT
Via
1.1 varnish-v4
Server
nginx/1.15.5
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript;charset=UTF-8
Cache-Control
no-cache
X-Varnish
87118023
Connection
keep-alive
Content-Encoding
gzip
Content-Length
67
Expires
Sat, 1 Jan 2000 00:00:00 GMT
jsonp.js
www.adplugg.com/apusers/autoins/A48219153/js/1.0/ Frame E5B6
49 B
433 B
Script
General
Full URL
https://www.adplugg.com/apusers/autoins/A48219153/js/1.0/jsonp.js?hn=www.entireweb.com&bu=%2Ffree_submission%2F%3Fa%3Dwalawala
Requested by
Host: www.adplugg.com
URL: https://www.adplugg.com/serve/A48219153/js/1.1/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.166.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.15.5 /
Resource Hash
6d2d9912610844ca937ac8fbcf67b04c53f085675d37ac833a62d12bddd2b7b1

Request headers

Referer
https://www.entireweb.com/free_submission/?a=walawala
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:41 GMT
Via
1.1 varnish-v4
Server
nginx/1.15.5
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript;charset=UTF-8
Cache-Control
no-cache
transfer-encoding
chunked
X-Varnish
89719500
Connection
keep-alive
Content-Encoding
gzip
Expires
Sat, 1 Jan 2000 00:00:00 GMT
ga.js
www.google-analytics.com/ Frame 0C98
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
92
date
Sat, 27 Feb 2021 07:07:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 27 Feb 2021 09:07:09 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
background.jpg
static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/storage/sba/background.jpg
  • http://static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/background.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
371 B
933 B
Image
General
Full URL
http://static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/background.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
7ffa48348dd0725b440c54a32288b4d24ad7f480d1c84b1a61723e31aa015faf

Request headers

Referer
http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:42 GMT
Via
1.1 varnish, 1.1 varnish
Age
75893
X-Cache
HIT, MISS
X-Contextid
48SiXvA7/PcTiQkdc
Connection
keep-alive
Content-Length
371
X-Served-By
cache-dfw18621-DFW, cache-fra19145-FRA
Last-Modified
Thu, 03 Jun 2010 20:05:18 GMT
Server
Squarespace
X-Timer
S1614409722.050209,VS0,VE228
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/f/489136/7193133/1275595518127/background.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
LbTWBmI7/Z8uupdd9
Server
Squarespace
Content-Length
0
Content-Type
image/jpeg;charset=UTF-8
VBM.bluecrimson.jpg
static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/storage/VBM.bluecrimson.jpg?__SQUARESPACE_CACHEVERSION=1610029688812
  • http://static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/VBM.bluecrimson.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
45 KB
46 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/VBM.bluecrimson.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
10dc6500d19c91233e31b0cac4a2de57adc7da32a76e23f4c046131d2713d2e7

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:42 GMT
Via
1.1 varnish, 1.1 varnish
Age
57245
X-Cache
HIT, MISS
X-Contextid
8xWPkYlO/HmmU8y9Z
Connection
keep-alive
Content-Length
46304
X-Served-By
cache-dfw18636-DFW, cache-fra19162-FRA
Last-Modified
Thu, 14 Jul 2011 14:16:48 GMT
Server
Squarespace
X-Timer
S1614409722.032294,VS0,VE253
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/f/489136/13195695/1310653008947/VBM.bluecrimson.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
cRXylrsX/MpBlkmST
Server
Squarespace
Content-Length
0
Content-Type
image/jpeg;charset=UTF-8
Vermont+Awards+2018+Logo.jpg
static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/storage/Vermont%20Awards%202018%20Logo.jpg?__SQUARESPACE_CACHEVERSION=1523031326156
  • http://static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/Vermont+Awards+2018+Logo.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
299 KB
299 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/Vermont+Awards+2018+Logo.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
31d94232adf4795cbc3d5f85ce2a864b4d2b7049965c5065a2d98c9f1b652aa0

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:42 GMT
Via
1.1 varnish, 1.1 varnish
Age
45857
X-Cache
HIT, MISS
X-Contextid
FSr0yYAF/kOyT4yRe
Connection
keep-alive
Content-Length
305916
X-Served-By
cache-dfw18626-DFW, cache-fra19125-FRA
Last-Modified
Fri, 06 Apr 2018 16:15:10 GMT
Server
Squarespace
X-Timer
S1614409722.975688,VS0,VE484
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/f/489136/27876253/1523031310070/Vermont+Awards+2018+Logo.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
hebycWzT/HyYg7upP
Server
Squarespace
Content-Length
0
Content-Type
image/jpeg;charset=UTF-8
Third+Generation+Design-Black+type+no+shadow-Logo.png
static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/storage/Third%20Generation%20Design-Black%20type%20no%20shadow-Logo.png?__SQUARESPACE_CACHEVERSION=1554135287506
  • http://static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/Third+Generation+Design-Black+type+no+shadow-Logo.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
6 MB
6 MB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/Third+Generation+Design-Black+type+no+shadow-Logo.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
e3ecbd46b869e710dd55f5aeabcccea2b6c11f0b762e1facd3bf8f451697ea37

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:43 GMT
Via
1.1 varnish, 1.1 varnish
Age
45522
X-Cache
HIT, MISS
X-Contextid
uOqgOUTC/7E6Fhbyc
Connection
keep-alive
Content-Length
6345234
X-Served-By
cache-dfw18637-DFW, cache-fra19171-FRA
Last-Modified
Tue, 19 Apr 2016 17:18:19 GMT
Server
Squarespace
X-Timer
S1614409722.005552,VS0,VE1622
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
0, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/f/489136/26981212/1461086299690/Third+Generation+Design-Black+type+no+shadow-Logo.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
pu9ePXLP/IShKRBHf
Server
Squarespace
Content-Length
0
Content-Type
image/png;charset=UTF-8
BOB+Logo-Color-FINAL.png
static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/storage/BOB%20Logo-Color-FINAL.png?__SQUARESPACE_CACHEVERSION=1554410075916
  • http://static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/BOB+Logo-Color-FINAL.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
300 KB
301 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/BOB+Logo-Color-FINAL.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
56113ab7f7e0d98b25a2768f146d13e82ebfbcb90579d0dca2223c14aaa60547

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:42 GMT
Via
1.1 varnish, 1.1 varnish
Age
60543
X-Cache
HIT, MISS
X-Contextid
dfro4PPn/BtOUpCWe
Connection
keep-alive
Content-Length
307694
X-Served-By
cache-dfw18648-DFW, cache-fra19162-FRA
Last-Modified
Thu, 04 Apr 2019 20:34:27 GMT
Server
Squarespace
X-Timer
S1614409722.006182,VS0,VE483
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/f/489136/27378207/1554410067777/BOB+Logo-Color-FINAL.png?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
ujHGZBYw/zslo0vSw
Server
Squarespace
Content-Length
0
Content-Type
image/png;charset=UTF-8
folder-expand.png
vermontbiz.squarespace.com/universal/images/core-resources/icons/dark/ Frame 0C98
4 KB
4 KB
Image
General
Full URL
http://vermontbiz.squarespace.com/universal/images/core-resources/icons/dark/folder-expand.png
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
cbb9d4200fd7355d626dc2b4015bf5b6548bd69b864f69d06c85d7bae3b61837

Request headers

Referer
http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:41 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"3632-1614363396000"
Content-Type
image/png
X-Contextid
DzTXDahq/ktFEMLHd
Accept-Ranges
bytes
Content-Length
3632
TDVUpLMqjoI
www.youtube.com/embed/ Frame 990C
51 KB
22 KB
Document
General
Full URL
https://www.youtube.com/embed/TDVUpLMqjoI
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed4a22fa5fa6e72b0a340a1fc47e89cee4075ea35c049ca5c4a376a6efed0b03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/TDVUpLMqjoI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://vermontbiz.squarespace.com/2019-bob-winners/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://vermontbiz.squarespace.com/2019-bob-winners/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 27 Feb 2021 07:08:41 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=Z5TGyCz7Zog; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=v1mhBfwPKG4; Domain=.youtube.com; Expires=Thu, 26-Aug-2021 07:08:41 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+148; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GetSlideshow
vermontbiz.squarespace.com/display/ Frame 0C98
56 KB
57 KB
XHR
General
Full URL
http://vermontbiz.squarespace.com/display/GetSlideshow?configId=5e0fb1f7bf03a69b267c79f6&filterActive=true
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/universal/yui/connection/connection_core-min.js?CE=75
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
6b7470762b1b505b6115adafe23c23ead5a2fac211c9d9b384028e754d2aff3e

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
DzTXDahq/dxsemdCY
Server
Squarespace
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
folder-contract.png
vermontbiz.squarespace.com/universal/images/core-resources/icons/dark/ Frame 0C98
4 KB
4 KB
Image
General
Full URL
http://vermontbiz.squarespace.com/universal/images/core-resources/icons/dark/folder-contract.png
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
393696c3f40cea157859e274083672a4d5468536f156d282724b0d5c110c3e61

Request headers

Referer
http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:41 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"3627-1614363396000"
Content-Type
image/png
X-Contextid
DzTXDahq/xxbbsmmK
Accept-Ranges
bytes
Content-Length
3627
RecordHit
vermontbiz.squarespace.com/process/ Frame 0C98
5 B
605 B
XHR
General
Full URL
http://vermontbiz.squarespace.com/process/RecordHit?url=%2F2019-bob-winners%2F&title=Vermont%20Business%20Magazine%20-%202019%20BOB%20Winners&viewportInnerHeight=1&viewportInnerWidth=1&screenHeight=1200&screenWidth=1600&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&referrer=http%3A%2F%2Ftraffic-monetizer.com%2Fcg.php%3Fa%3D558606ce234e786adea1696d7d0002e0&pixelRatio=1&event=View
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/universal/yui/connection/connection_core-min.js?CE=75
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
88561e211e862344bd3cc71c03f8ab25d8a79b9bdbaa1e083af7e0603f30f689

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
hebycWzT/x53GiXhC
Server
Squarespace
Content-Length
5
Content-Type
text/html;charset=UTF-8
l
use.typekit.com/af/f6d549/00000000000000000000e7fe/27/ Frame 0C98
14 KB
14 KB
Font
General
Full URL
https://use.typekit.com/af/f6d549/00000000000000000000e7fe/27/l?subset_id=2&fvd=n3&v=3
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
aa176a8bd17c4fc51d9bd94d49d35a1b7faedf2093b0ff8bf3d53ad7bfc1fc7a

Request headers

Origin
http://vermontbiz.squarespace.com
Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:41 GMT
server
nginx
etag
"8eedbe65e55a09b665fc2ac71105002b1b779413"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
14348
l
use.typekit.com/af/e48613/00000000000000000000ec0b/27/ Frame 0C98
14 KB
15 KB
Font
General
Full URL
https://use.typekit.com/af/e48613/00000000000000000000ec0b/27/l?subset_id=2&fvd=n8&v=3
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1f1ac05dd6e98d339d2e7804a3e2115d088224f41d3053856131ecf1ceb6967b

Request headers

Origin
http://vermontbiz.squarespace.com
Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:41 GMT
server
nginx
etag
"5709ee773a99344a9017cbfd7d88d6392d76ba62"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
14844
www-player-webp.css
www.youtube.com/s/player/4fe52f49/ Frame 990C
340 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/4fe52f49/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
138164
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52149
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:45:58 GMT
www-embed-player.js
www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/ Frame 990C
157 KB
57 KB
Script
General
Full URL
https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 02:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
17198
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58416
x-xss-protection
0
expires
Sun, 27 Feb 2022 02:22:04 GMT
base.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 990C
2 MB
502 KB
Script
General
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
138018
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
513497
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:48:23 GMT
fetch-polyfill.js
www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/ Frame 990C
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 05:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
7398
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Sun, 27 Feb 2022 05:05:24 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 990C
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
96183
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10748
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:38 GMT
p.gif
p.typekit.net/ Frame 0C98
35 B
182 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=cpk5jjj&ht=tk&h=vermontbiz.squarespace.com&f=2005.2036&a=178424&js=1.20.0&app=typekit&e=js&_=1614409721978
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:41 GMT
last-modified
Wed, 02 Sep 2020 00:55:11 GMT
server
nginx
etag
"5f4eed6f-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35
id
googleads.g.doubleclick.net/pagead/ Frame 990C
113 B
308 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e0ab3ae4b15a7d8157a8d01ff8a73b0a7dcf90a49e30d10f33c7218f42fccea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 990C
29 B
407 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:56:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
705
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 27 Feb 2021 07:11:57 GMT
remote.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 990C
96 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
137863
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32547
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:50:59 GMT
xyig1h48Wfhb-WSTbhZIN9qGmA_8ATQnSYNalvpEyzo.js
www.google.com/js/th/ Frame 990C
33 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/xyig1h48Wfhb-WSTbhZIN9qGmA_8ATQnSYNalvpEyzo.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c728a0d61e3c59f85bf964936e164837da86980ffc01342749835a96fa44cb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Feb 2021 08:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
428098
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14208
x-xss-protection
0
expires
Tue, 22 Feb 2022 08:13:44 GMT
embed.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame 990C
29 KB
10 KB
Script
General
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 16:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
138017
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9681
x-xss-protection
0
expires
Fri, 25 Feb 2022 16:48:25 GMT
vbm+bob+awards_050719_0397.jpg
static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0397.jpg?pictureId=21858487
  • http://static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/vbm+bob+awards_050719_0397.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
329 KB
329 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/vbm+bob+awards_050719_0397.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
97d948a989c3928a8830e77fd363f0f264f546d414d73d973fb58e7fd68f04a3

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:42 GMT
Via
1.1 varnish, 1.1 varnish
Age
1796
X-Cache
HIT, MISS
X-Contextid
VbFAjkAz/nQEZwcgf
Connection
keep-alive
Content-Length
336448
X-Served-By
cache-dfw18651-DFW, cache-fra19162-FRA
Last-Modified
Tue, 14 May 2019 14:32:06 GMT
Server
Squarespace
X-Timer
S1614409722.468470,VS0,VE490
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/p/489136/21858487/1557844326973/vbm+bob+awards_050719_0397.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
DzTXDahq/gJ3JZHL5
Server
Squarespace
Content-Length
0
vbm+bob+awards_050719_0083.jpg
static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0083.jpg?pictureId=21858387
  • http://static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/vbm+bob+awards_050719_0083.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
337 KB
337 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/vbm+bob+awards_050719_0083.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
3b764225c6794206505b8ab236d26404cd9f8545255afe31fd71802256c37410

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:42 GMT
Via
1.1 varnish, 1.1 varnish
Age
129524
X-Cache
HIT, MISS
X-Contextid
FL76uatz/JEwMFK2S
Connection
keep-alive
Content-Length
344825
X-Served-By
cache-dfw18647-DFW, cache-fra19145-FRA
Last-Modified
Tue, 14 May 2019 14:25:22 GMT
Server
Squarespace
X-Timer
S1614409722.469653,VS0,VE495
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/p/489136/21858387/1557843922680/vbm+bob+awards_050719_0083.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:42 GMT
X-Contextid
hebycWzT/52jqnz0R
Server
Squarespace
Content-Length
0
vbm+bob+awards_050719_0095.jpg
static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0095.jpg?pictureId=21858388
  • http://static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/vbm+bob+awards_050719_0095.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
263 KB
263 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/vbm+bob+awards_050719_0095.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/2019-bob-winners/
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
d9a126d7c679187a220b743352760c8104ce3a9c412490c99767d4734fe8cbb0

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:43 GMT
Via
1.1 varnish, 1.1 varnish
Age
140478
X-Cache
HIT, MISS
X-Contextid
8g4jvDHK/V8kPYP3f
Connection
keep-alive
Content-Length
269172
X-Served-By
cache-dfw18623-DFW, cache-fra19125-FRA
Last-Modified
Tue, 14 May 2019 14:25:23 GMT
Server
Squarespace
X-Timer
S1614409723.596065,VS0,VE474
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/p/489136/21858388/1557843923313/vbm+bob+awards_050719_0095.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:41 GMT
X-Contextid
LbTWBmI7/pkfL6sXp
Server
Squarespace
Content-Length
0
previous-button.png
vermontbiz.squarespace.com/universal/images/slideshow/ Frame 0C98
1 KB
2 KB
Image
General
Full URL
http://vermontbiz.squarespace.com/universal/images/slideshow/previous-button.png
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
9a6117df8db18e0f332dac159a456d654a59494d8f670befc70fa06e61bf4f8c

Request headers

Referer
http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:41 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"1457-1614363396000"
Content-Type
image/png
X-Contextid
hebycWzT/IMqb8KQK
Accept-Ranges
bytes
Content-Length
1457
next-button.png
vermontbiz.squarespace.com/universal/images/slideshow/ Frame 0C98
1 KB
2 KB
Image
General
Full URL
http://vermontbiz.squarespace.com/universal/images/slideshow/next-button.png
Requested by
Host: vermontbiz.squarespace.com
URL: http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
d7bf8a434f62b76439d0e6d681868c6d1d7e00d6f0a011a564e67b779105834b

Request headers

Referer
http://vermontbiz.squarespace.com/display/common.css?styleId=1851514&RK=1481752722107&CE=75
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:41 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"1457-1614363396000"
Content-Type
image/png
X-Contextid
LbTWBmI7/n5JkbR3N
Accept-Ranges
bytes
Content-Length
1457
truncated
/ Frame 990C
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnho2hzPmZva6K2NonYZH22r-lDzCqzvvNQIxw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 990C
1 KB
2 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AAUvwnho2hzPmZva6K2NonYZH22r-lDzCqzvvNQIxw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7c210dc98f7ab51ed91389d823e0f7f86b3dda9d282b0d8200634b0dfadd037c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:42 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1405
x-xss-protection
0
expires
Sun, 28 Feb 2021 07:08:42 GMT
sddefault.jpg
i.ytimg.com/vi/TDVUpLMqjoI/ Frame 990C
55 KB
55 KB
Image
General
Full URL
https://i.ytimg.com/vi/TDVUpLMqjoI/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42fd17a199026f5bfe906cadb39e5df6468b1132ff68e982dc9ed180f5a05cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:42 GMT
x-content-type-options
nosniff
server
sffe
etag
"1583942494"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56228
x-xss-protection
0
expires
Sat, 27 Feb 2021 09:08:42 GMT
/
www.facebook.com/tr/ Frame 89BE
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=789511627817132&ev=Microdata&dl=https%3A%2F%2F8522863.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&rl=https%3A%2F%2Fadservice.google.com%2Fddm%2Ffls%2Fi%2Fdc_pre%3DCPuol-_Aie8CFUjV7QodKUsD4Q%3Bsrc%3D8522863%3Btype%3Dconve0%3Bcat%3Dmarat0%3Bord%3D6335419372328%3Bgtm%3D2wg2h0%3B~oref%3Dhttps%253A%252F%252Fwww.marathonbet.co.uk%252Flandings%252Fwelcome%253Fbtag%253Da_10312b_66c_%2526affid%253D7269%2526siteid%253D10312&if=true&ts=1614409722232&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&it=1614409720611&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://8522863.fls.doubleclick.net/ddm/fls/r/dc_pre=CPuol-_Aie8CFUjV7QodKUsD4Q;src=8522863;type=conve0;cat=marat0;ord=6335419372328;gtm=2wg2h0;~oref=https%3A%2F%2Fwww.marathonbet.co.uk%2Flandings%2Fwelcome%3Fbtag%3Da_10312b_66c_%26affid%3D7269%26siteid%3D10312
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 27 Feb 2021 07:08:42 GMT
nr-1198.min.js
js-agent.newrelic.com/ Frame CF1F
27 KB
11 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1198.min.js
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:42 GMT
content-encoding
gzip
x-amz-request-id
8FBF058EA70ADB98
x-cache
HIT
content-length
10682
x-amz-id-2
dCyln7OIf+i76Bn+clBUl8tM3pNPIGXfyNRvPHz5ZLwhdSBkIMjzducUvcecQ4BFCTB8K4VSAVo=
x-served-by
cache-fra19163-FRA
last-modified
Fri, 29 Jan 2021 19:19:08 GMT
server
AmazonS3
x-timer
S1614409722.310801,VS0,VE0
etag
"59c98195ba35e0b45cbe2e5beebd1ac8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11878
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 990C
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sat, 27 Feb 2021 07:08:42 GMT
generate_204
www.youtube.com/ Frame 990C
0
38 B
Image
General
Full URL
https://www.youtube.com/generate_204?z-nOew
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TDVUpLMqjoI
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/TDVUpLMqjoI
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 07:08:42 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bb6a6594eb
bam-cell.nr-data.net/1/ Frame CF1F
57 B
647 B
Script
General
Full URL
https://bam-cell.nr-data.net/1/bb6a6594eb?a=406048464&v=1198.fe6ec20&to=bl0HNhYAX0tTV0daXFcXJhcXFV5VHXVDQ29xTBESOCJeVkZGXF9fXEoWPjIIVE9xW11HQVZUCQcWIVZdRmdbUkFcaAQFAQ%3D%3D&rst=5456&ck=1&ref=https://www.picpay.com/convite&ap=84&be=762&fe=5225&dc=779&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1614409717007,%22n%22:0,%22f%22:249,%22dn%22:249,%22dne%22:249,%22c%22:249,%22s%22:266,%22ce%22:462,%22rq%22:462,%22rp%22:750,%22rpe%22:754,%22dl%22:757,%22di%22:779,%22ds%22:779,%22de%22:779,%22dc%22:5225,%22l%22:5225,%22le%22:5228%7D,%22navigation%22:%7B%7D%7D&fp=831&fcp=831&at=QhoEQF4aTEU%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1198.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:43 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
6280137db85bd8a9-CPH
cf-request-id
0883ea82920000d8a990a5a000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
loading.gif
vermontbiz.squarespace.com/universal/images/manager/ Frame 0C98
1 KB
2 KB
Image
General
Full URL
http://vermontbiz.squarespace.com/universal/images/manager/loading.gif
Requested by
Host: traffic-monetizer.com
URL: http://traffic-monetizer.com/cg.php?a=558606ce234e786adea1696d7d0002e0
Protocol
HTTP/1.1
Server
198.185.159.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
3ef4d4bdf2429f59661ebad5645f104dd285c84d35dfa265715662d08bb13bfc

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Sat, 27 Feb 2021 07:08:43 GMT
Last-Modified
Fri, 26 Feb 2021 18:16:36 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"1248-1614363396000"
Content-Type
image/gif
X-Contextid
LbTWBmI7/VFMR0nVO
Accept-Ranges
bytes
Content-Length
1248
vbm+bob+awards_050719_0145.jpg
static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0145.jpg?pictureId=21858389
  • http://static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/vbm+bob+awards_050719_0145.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
359 KB
360 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/vbm+bob+awards_050719_0145.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
2c7f7e1dd2c41c70262ef73b91e4d6532aa3bfd4b9fed59a4cfa3e6cbb51b752

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:46 GMT
Via
1.1 varnish, 1.1 varnish
Age
345947
X-Cache
HIT, MISS
X-Contextid
YA1DUWgQ/roXVq666
Connection
keep-alive
Content-Length
367737
X-Served-By
cache-dfw18650-DFW, cache-fra19171-FRA
Last-Modified
Tue, 14 May 2019 14:25:23 GMT
Server
Squarespace
X-Timer
S1614409726.983292,VS0,VE238
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/p/489136/21858389/1557843923787/vbm+bob+awards_050719_0145.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:45 GMT
X-Contextid
LbTWBmI7/RV87kNt8
Server
Squarespace
Content-Length
0
vbm+bob+awards_050719_0150.jpg
static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0150.jpg?pictureId=21858390
  • http://static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/vbm+bob+awards_050719_0150.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
319 KB
319 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/vbm+bob+awards_050719_0150.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
1dc8e64fd2504aa0238daa08b2b6d3915b0a95a0245050461ebb913c1925ce1d

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:49 GMT
Via
1.1 varnish, 1.1 varnish
Age
345947
X-Cache
HIT, MISS
X-Contextid
Nc2Cci3w/2yNupRbF
Connection
keep-alive
Content-Length
326594
X-Served-By
cache-dfw18644-DFW, cache-fra19171-FRA
Last-Modified
Tue, 14 May 2019 14:25:24 GMT
Server
Squarespace
X-Timer
S1614409729.965912,VS0,VE489
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/p/489136/21858390/1557843924267/vbm+bob+awards_050719_0150.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:48 GMT
X-Contextid
LbTWBmI7/IDfriuu8
Server
Squarespace
Content-Length
0
vbm+bob+awards_050719_0153.jpg
static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/ Frame 0C98
Redirect Chain
  • http://vermontbiz.squarespace.com/picture/vbm%20bob%20awards_050719_0153.jpg?pictureId=21858391
  • http://static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/vbm+bob+awards_050719_0153.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
311 KB
312 KB
Image
General
Full URL
http://static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/vbm+bob+awards_050719_0153.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Protocol
HTTP/1.1
Server
151.101.12.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
b7a988372eceaf82ef3b50610b05aa8bf32f200820271946ad0f4be02f4c1ca5

Request headers

Referer
http://vermontbiz.squarespace.com/2019-bob-winners/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 07:08:52 GMT
Via
1.1 varnish, 1.1 varnish
Age
152902
X-Cache
HIT, MISS
X-Contextid
5llPgbtJ/1vPwwgR4
Connection
keep-alive
Content-Length
318712
X-Served-By
cache-dfw18628-DFW, cache-fra19171-FRA
Last-Modified
Tue, 14 May 2019 14:25:24 GMT
Server
Squarespace
X-Timer
S1614409732.989930,VS0,VE487
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges
bytes
X-Cache-Hits
1, 0

Redirect headers

Location
http://static1.1.sqspcdn.com/static/p/489136/21858391/1557843924727/vbm+bob+awards_050719_0153.jpg?token=7S6%2FO6MdyC5vr9aLFP5kf3zJ2TU%3D
Date
Sat, 27 Feb 2021 07:08:51 GMT
X-Contextid
LbTWBmI7/6oieEkUf
Server
Squarespace
Content-Length
0
bb6a6594eb
bam-cell.nr-data.net/events/1/ Frame CF1F
24 B
490 B
XHR
General
Full URL
https://bam-cell.nr-data.net/events/1/bb6a6594eb?a=406048464&v=1198.fe6ec20&to=bl0HNhYAX0tTV0daXFcXJhcXFV5VHXVDQ29xTBESOCJeVkZGXF9fXEoWPjIIVE9xW11HQVZUCQcWIVZdRmdbUkFcaAQFAQ%3D%3D&rst=15456&ck=1&ref=https://www.picpay.com/convite
Requested by
Host: www.picpay.com
URL: https://www.picpay.com/convite?G9DK9C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.picpay.com/convite?G9DK9C
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Date
Sat, 27 Feb 2021 07:08:53 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.picpay.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
628013bbfe22d8a9-CPH
Content-Length
24
cf-request-id
0883eaa97a0000d8a9a981e000000001
log_event
www.youtube.com/youtubei/v1/ Frame 990C
28 B
305 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/TDVUpLMqjoI
X-YouTube-Client-Version
1.20210224.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgt2MW1oQmZ3UEtHNCj53-eBBg%3D%3D
X-YouTube-Ad-Signals
dt=1614409722026&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKo6oycP3RhppMY6ouswE-CEnDEr-9eOE6dFMAL7_TupjzdN2CmB1H4YwLHbSXAoYfc7SA4gG8PRtT4afbXMhxxXtM9Kcw

Response headers

date
Sat, 27 Feb 2021 07:08:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 27 Feb 2021 07:08:52 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: v1mhBfwPKG4
.youtube.com/ Name: YSC
Value: Z5TGyCz7Zog
.doubleclick.net/ Name: IDE
Value: AHWqTUle21f0ws0X9oFEiVjkUSPI_pTMTQUy6SbUYANSobf9VxdWfq2JgbDcfDBm

4 Console Messages

Source Level URL
Text
console-api log URL: https://www.marathonbet.co.uk/landings/welcome?btag=a_10312b_66c_&affid=7269&siteid=10312(Line 150)
Message:
root = https://landing-builder.marathonbet.com
console-api warning URL: https://www.marathonbet.co.uk/landings/assets/js/site.global.js(Line 6)
Message:
You must bind Parsley on an existing element.
console-api log URL: https://www.marathonbet.co.uk/landings/blocks/static/js/plugins.min.js(Line 2)
Message:
Trying to start timer when countdown already at 0
console-api log URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js(Line 233)
Message:
reCAPTCHA couldn't find user-provided function: onScriptLoad

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8522863.fls.doubleclick.net
adservice.google.com
adservice.google.de
affiliate.entireweb.com
ajax.googleapis.com
api64.ipify.org
bam-cell.nr-data.net
bat.bing.com
cdn.amplitude.com
cdn.entireweb.com
connect.facebook.net
cx.atdmt.com
dynamic.criteo.com
etsy.me
fonts.googleapis.com
fonts.gstatic.com
gestyy.com
googleads.g.doubleclick.net
guestlist.co
guestlistapp.com
gum.criteo.com
i.ytimg.com
js-agent.newrelic.com
js.braintreegateway.com
mc.yandex.ru
p.typekit.net
pj.l.a8723.com
s3-sa-east-1.amazonaws.com
script.hotjar.com
static.criteo.net
static.doubleclick.net
static.hotjar.com
static1.1.sqspcdn.com
traffic-monetizer.com
use.typekit.com
vars.hotjar.com
vermontbiz.squarespace.com
web-analytics0.com
widgets.entireweb.com
wlmarathonbet.adsrv.eacdn.com
www.adplugg.com
www.deezer.com
www.entireweb.com
www.etsy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.iplocate.io
www.marathonbet.co.uk
www.picpay.com
www.youtube.com
yt3.ggpht.com
104.108.33.242
13.224.194.62
13.224.195.10
13.224.195.104
13.224.195.11
13.225.80.24
13.225.80.5
142.250.185.162
142.250.185.70
151.101.12.238
151.101.14.110
162.13.152.237
162.247.243.146
178.250.0.147
184.86.103.199
198.185.159.177
213.252.246.142
2606:4700:20::681a:89b
2606:4700:3030::ac43:8e72
2606:4700::6811:2b64
2607:f2d8:4010:8::2
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2016
2a00:1450:4001:813::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:1700:19b::3a15
2a02:26f0:6c00:285::19fd
2a02:26f0:6c00::210:ba2a
2a02:6b8::1:119
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.97.24.204
45.33.2.97
52.5.162.87
52.95.164.10
54.163.155.157
54.203.166.4
67.199.248.13
88.150.147.252
91.92.196.190
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
0096ee0be1f29c3d06fbe0748e6c34433ed65015916d1005abc004a4ea58cafa
00c43ca22960570d73fe186c57396733b8f8044f59b7b92b63dbdb92c0959e8b
01694614acbfdb7855af11b5c9d07aff0c1fe30ed4fdd60aaa0d39b864d0fd6b
061a8d44210c7c20d445333504e226b1e10beb4cbd8e8fc7e3bde50f36991bcf
0a7a8be46676d21b5058ba010b6549311a78a6b87c61953cb13d1668ecdc5988
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e0ab3ae4b15a7d8157a8d01ff8a73b0a7dcf90a49e30d10f33c7218f42fccea
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10dc6500d19c91233e31b0cac4a2de57adc7da32a76e23f4c046131d2713d2e7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13cfd006a193767be58638649fb8404175db5e3fec29e83d5ba4e388f114732d
141e453c0954d4d72869df1454692b1191eb1f3a14583dba6711f47505cfeb95
153b9acda7f4103288cef31539fe07f09838f0867d72055145e4159eb08dc357
1736659eb7e9d4ad2043a76bb4d23a5591677c4614c5dbf407ac30f303bb8a28
17c26c15a38e5ee8092fef893dd8beec647604a743307ba4644ef284fd97aef7
1841f5e66d0bdd2899a245be7979d5bbf5e6a4b4fd7ea58743fd7329fdef3b92
1b4f7e14d0f68d619b155dadd78119d09711cb61f9bba866e801bf33a5c8f98e
1c5be9fbb835bf61dc0a303926821391554760402b2368aa3a54cdb37f3a0686
1dc8e64fd2504aa0238daa08b2b6d3915b0a95a0245050461ebb913c1925ce1d
1f1ac05dd6e98d339d2e7804a3e2115d088224f41d3053856131ecf1ceb6967b
23ce5a3a01cba8e49310fa2810483542cd8e3832e19eeb0fed049571d5895cd4
249ffdc04156821f4d0d26a1252b5eb40a3ebd277de6be636fd5650d6e9a9eab
27c757e3c8fd36b0356cf4d8f889ebad92688c23338baaf3abae30736ce21feb
2811b20b11c559060536ad04de1cdc1c6ff288fda0e8d1c878d2636a503ddc27
295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2
2b212d5fbb0d807d8dc09d3dcfd1af6428182cb75479505e227946e841332738
2c7f7e1dd2c41c70262ef73b91e4d6532aa3bfd4b9fed59a4cfa3e6cbb51b752
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
2d78993263ae95bb823d1c9321ad49d09a7341bd291cca56f9a379b8479c15c2
2ddac7f61adecfacf650352168831c0479ac0afbb82da79c1fee4a4a05906720
2e9112db77640346bf93bc6031a2e2ede793324533273de02c61345d39b70d26
2f126200b438f6261d02167703c0a49ce51062efcf7d99309098c5e86578be06
2f9ff181474313a332c97bbee9db56f7bcfdf5c0e02b8129e6d98e2892199588
3046f5dfe01b98c22d6030e982161c03c4ef4bf0468dc804ba3b8f76be7daf24
30ab10abd1ea2c940cb30a0a796c1ee8cb77fe33c31e3eb7468b2ef8808e2319
31d94232adf4795cbc3d5f85ce2a864b4d2b7049965c5065a2d98c9f1b652aa0
3206338c1b9937821c2817da1ca9d71c9caab3f29ddbed6051cc37137736eee4
332c353346fa34ba648c1896f0a03034a8171a203c765ececcb1d9b47d5a8678
34ef26f2dc337d09f7d7f0bd1a10f27ff9f3222484e68d5f5e0ea7eb81631595
37e74d4af1424a182692cffb376f0709e63282de5823327201baf6857770c545
393696c3f40cea157859e274083672a4d5468536f156d282724b0d5c110c3e61
39893061747f88b837a34d0395d05fca83e7cd5bbf2d582d181a73c5c9a174c6
3acf0e811ad466a869d3a076bafcde05cab0d7ba5c828cb92f410ea27c6aaf6f
3b764225c6794206505b8ab236d26404cd9f8545255afe31fd71802256c37410
3b9ecc241b15446fd04b92ed5026c473a3986d680bc4f17bf363ed565044dc57
3c46620115be1a968545f16eba340f39e28ea9a5ed4629948639dcb4226a49d1
3eee3b037e3951c286d8baa2d4e436090bc58602786f73803d6901effe2875ab
3ef4d4bdf2429f59661ebad5645f104dd285c84d35dfa265715662d08bb13bfc
3f781e1ec8ab4da1b5277fd277a4243d4ea9d2fa38990c507b989870b3e9e39a
40ec7baa953be90c457cb87ec4d73885b92033564ae375a971924eb5a808e70d
412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4451dd6d0c9874b1cbd44fbbbad45f1c7688b65fba85652fe33c3bf9d1099475
45aeb5dec3a47816633be3ba20ce80a5bbbe8e5052bb8030d47adab89b645b2d
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
46e86bfd873ce2ba61885faa9e0ba2ae1a510574f698d6a3aba7da49d1505eb9
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4cdf5a442a3cc0f524587e271f499c9ba77ae0834e3a33b9b26b39e28b0d876b
4d3c90227aea70a3733ff1d8c46f42f43323d763764232390d50a9643bdd15c1
4e1706c85a166c1e2e0db3acf9a850d46f3f32e3744c07002d4eda2b8cb078f6
4e5cfe11b033ea87ba1fafe403a978b8ec663c977616919e3f8a4f6305f0da33
4ebe297e3c1ec1106923efa62ef7c9f76cf6b8c37019512eaa0ae360769686ba
50eb773d3595b8f6bde7493ea0a2f5641b4b39e5a00794521dd66182aeab95f0
511993a43b26b3d09e98b76bafe9b8ce00dd0c214221e398fad42ac9c739b941
5163153f73bcb9d1a994adee45d155088ce2bfdcc760a3531a31e7e1057599e2
52c989b150b6949b3e65363abb4fa1d1eabc75be7e93f8428a2af9746522bc23
54234dbc5f94f0c00e43abfab5b835783474b7259ab5ba5ba4024e0ef212e181
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56113ab7f7e0d98b25a2768f146d13e82ebfbcb90579d0dca2223c14aaa60547
570cb7ef4ecb9410b4297f56d1a53fd54bb4246d62951f4c5e67388a5a2419a0
5771db83014670269e981af8b2b68f4f4f54f5214874b41ea49a923605136454
57aabc1104849fcdbe65cb780bfa6633228ec501258d2d60aa2a3d93a56dd48e
588b1b5e35bf5ff5c59654ddfc9e5f923b7c038d1d9ddeb1e153bccc884e25f0
59d521c7e1d5d1253714ccf0f586b7d6ae5e617f9975c9cf5ab64723002e5869
5bddaf4345c25f095b25c6346e271d6e6874d8c2abd9da72f321503bd6160ee8
5c62d867ca7c721b7572ab056103ce73f728c036311b4c9989726fabd82e279d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d51f7c03341f9c212aba23759ef0b2eab000a24ff3182dde9acbcdce1272cd1
5dd21475a14aaefef3a2c4616e12d0089b81ea970cd0526e5da978c4b53b3dc2
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5f0e20dd09132e89d903765e5304653208e126eb7487d39395cc4e470bf0991e
6366210ee3e98e8dbeb12ddb208aa5bf84a0e550b1ee7bc108154bed17d5fd86
64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5
6553cabbaa824a89a0f697489afdb9df53fd7c905bf0d375cd72744b13004933
65a62cc0e7be1c2ddf719108c92cc51c4e94735bdbe8bd74e617d950baa1761d
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b7470762b1b505b6115adafe23c23ead5a2fac211c9d9b384028e754d2aff3e
6d2d9912610844ca937ac8fbcf67b04c53f085675d37ac833a62d12bddd2b7b1
6de4b2283ede55ceb23ed2327147479c3cc1abfe0b6076aa4277dcb0b870ec17
7c027781127b6fad344a068f0ccc8dcaa6b20ec5cd98db56310849409fdd0412
7c210dc98f7ab51ed91389d823e0f7f86b3dda9d282b0d8200634b0dfadd037c
7c95abe781ebf06979ce7ed8a8e221f61935e43603b29bdc0bb10c4003155c9d
7e11170a0f7ef5c6fc10bf5581bd2060988b5d6ede1bcd98d09c1abafcb9e904
7e164731004bfedf6c2701b4718f017c808123097b8c4e80efd2b283aa99e6e4
7ffa48348dd0725b440c54a32288b4d24ad7f480d1c84b1a61723e31aa015faf
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83445fe1673a12bbbcd316d3b62813be302d651be5e661de110e411314ad6d4e
843a0e84fb001c79fb2b24c58279d267f17f4dde3923324dc16ca1852aef4637
876c47baba1d6b8feac5a06cd4b3bcdb6e98a65e63b17c41f1dc9a8f83eb71ed
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
88561e211e862344bd3cc71c03f8ab25d8a79b9bdbaa1e083af7e0603f30f689
88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
8a6a21ecbbcb8881fc6d52ce3724e0deec4e72be594d2041aa01ab8d37800260
8dc23d8b8bef5be2be8313bc6d8ab885209b0f3465cfea46567a8a64b37c3021
8e0b05f528819fb06beaa15a7bf33a3d2ff5a3bf635ddabadc60fb6a40bd8bcb
8e94f635ea6201ba815e302c25cb450470f598c880c1a5abe9fe43716a0d310b
903ac783f77eb0052416fc22e4c10de43e66873b25f7bd47b187b2fa294b0d12
91745e5a6d4006d522494e45b4c9195ab890beadd03e770c68bfb6e86f64a946
9386b3208ec6eebcd735a8319bf5705281d198783105692fe923b0719a43d745
966df6347e0edba690c2156333bdebb32c60f958538064654259678ddfdc4f21
97d948a989c3928a8830e77fd363f0f264f546d414d73d973fb58e7fd68f04a3
97ea5d4ced240b8018eebde8e8d314a5ab1914fa921d073d02407f12d559aca5
981b91a09857b33707e4784c2977f2a026b8b1a809940d4e230e23255dbbae09
982a7e02d9bc3463ea7470fcb2b83104b9134b0b6bd3dcf0998358e5aa0f4a0f
98b068f52eadd9823c69b24befda9f79cf5bb3c44bdc6b92524433585838863a
9a6117df8db18e0f332dac159a456d654a59494d8f670befc70fa06e61bf4f8c
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c256bcb9aa10ef7e6bab683a077aaedbbfdd6dad8deda4f1e7abf4f7fe104ec
9c37822d8b031ef6fcae40a2a5b2a183ac30769bd93b21fe9c2aa73337cec4b1
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9fb983c60584ed2f5a3e59d288666a46cf252621c0acd82870ed4910abdd0167
a275d31e71f53519347ba3027d094b0106d58856342b84f529a69a4cd3259d29
a291ec1d6fd94c27c3c163fcf50ea118d548c64b38f95bb203958091df19b03b
a37eaa5f2ae1d7a44c39acbd581946022f57f919b7ab8f58e608d8883edbed7e
a42fd17a199026f5bfe906cadb39e5df6468b1132ff68e982dc9ed180f5a05cf
a44948b4c6d4dcc30672bce5197c1190d911a0ba8465bf1cc0d431f3d11456ec
a6adcd09f9bb22a3320b63f1a4da02e9c4ade2498488f197b308323373c2e955
a76fad1fc33625662745f003219d8403e765dc0c412f59e889b993908dfa819d
a80737f8fdf73f43cf3f9e19ce5a248f4d324823a0b9fe3d5b183104c5f0f914
aa176a8bd17c4fc51d9bd94d49d35a1b7faedf2093b0ff8bf3d53ad7bfc1fc7a
ab221b6a08cf7afd686405d9ccde09f5980db42495fe870a9fc27274afa856ac
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
adbfbe079d701272c73777c548eb5c8e372c6f0965a4678b28080c900c7fd8bb
aeddf724c04fc63f51a85069b6ad5db87a68a92348e304942b587de9d9c845ab
af03aec793c0abd11a472714bdc769668c3704d99192a27e1f8c6e6967c899d3
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
b34c93972705c7ddcc84706b83a71adcc22d663e176a2d03390a8210a2678733
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
b52e41923dfdc250e4f7914afab339390b49f6834e158e0294cddf71c8f6248b
b62877eb46f9bb55b2b29b75105ea33e8ae5ac8f170f2d15982a728aca2fd902
b7a988372eceaf82ef3b50610b05aa8bf32f200820271946ad0f4be02f4c1ca5
b9b49c94efe4f8c5376973cf127a967b31b0b0c5ff78270b4975afc51b23d02b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbce4c1901cf6498a4d53796c5630e81db3596202fd40e41b51bc7ea8e3af55f
bf1a62c3dd9d41a6e07e7d8085d73a6d6f4da10f000578f69f8f31ec7689aaa7
c02e45096fe64f0737eb0575687264ee2365f6740876e618327d8b3209f02f54
c085344c5498e00798127f57d4f1013f4c761f270c93d3eef19055fca6a525ef
c4ae2d2029e982a3d20fa96647a74df968034aa9dd227aec99fb581a680bedaf
c728a0d61e3c59f85bf964936e164837da86980ffc01342749835a96fa44cb3a
c9f6eb9585d10d1acd6ff05d522445aaf470be7f914a3ba1b858416e3577f3b6
cb2e91d152b816c43a54ed6a9c8fdcb92e7c40a6f8c8a46ffc7ee57c5b382dfb
cbb446d29480abd8e0f4edcaef3598cba619b58c9f2d339bab5ec45fd1c6ff06
cbb9d4200fd7355d626dc2b4015bf5b6548bd69b864f69d06c85d7bae3b61837
cde392786c19aa991f2e5501b39d4c502bde5d9cdcddf51af182d2973f519a34
cf8cde21125e1fbd0dc21e1c0d0025037aa687659fca67d6f6864b40a0cd3cda
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
d58b6bfed13181253c29252ef30a9ca8190e5c5ff8901aea0f2f7820a98e98c2
d7bf8a434f62b76439d0e6d681868c6d1d7e00d6f0a011a564e67b779105834b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9a126d7c679187a220b743352760c8104ce3a9c412490c99767d4734fe8cbb0
da98c5459e194aef5e59d5d91c86b855b0fbdaf045f0b01b6573191511fb9831
dbcaf9499a3b75cc140484c09ca843e3e1507056d86385e2eee14dd2d6ddd2f6
dbd0a61556dd9b1dd3dea21834ff68242e593bde9d390092ca60b769a6490cbd
dc493b884b5c1dd9cc927347a08a650c23ac5db728c6e76f359ea5d44b465eab
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de87c35f5b60ca8e83e0a971217b411932b3c12a949b16167de1dda88174875b
e135e3cf061067667ea655b872b3a6f7d772fea510cfa70496a97d7bbd649db6
e14bf8513c6848f983ed24852e9700dec95589b748e26bacd6b2ca7dc9bb2aee
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ecbd46b869e710dd55f5aeabcccea2b6c11f0b762e1facd3bf8f451697ea37
e4778b5e74de16953704058db3fc86b02d8cbf4e18c48b86b17da13e66c08660
e784f44417a9910398028653c4396e17eeb7bf9e7ccd33b63b9aa1a20c2b911c
e7fe429ae4cdaf8105bb31a2491e076f127d005b2bc89110117980cf8740a4bc
e8135274119acee82aafaee8ad4133b16c3b4081dffa052bcd9b3699b1e9ea77
e95d4a39a603845a5bd5fec2bd672a1e8a94cce0fc9fe5a8c36056d57573c342
e9dc680d1306408adb91dafb9214df61b5ded783b4976ced63731fc19c7e046d
ea284c0ffda5c38bf42c2628f79d87ad0314ec9bca4bf232fd0ad15d60b632e5
eb098ff1725c8819ea67b54d857b6574d20ccfbb2cc451c1fab85fb4d968a62d
ec20bde78d0a630c4755d188de6934dce2db9c29a688f5e975d85a9067573232
ed4a22fa5fa6e72b0a340a1fc47e89cee4075ea35c049ca5c4a376a6efed0b03
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eead2bd37da6b8f6cb3184f01b5a7b6b63d73faec64bb6a2063ea150f7048db6
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef294a26b7bc4bb108953b59f9fd804031aa0176921188e5a0b1912e6bd5bba1
ef858c9b1960e18ab571a1a8a898b2239ac0ccbab6ce84bd74594c36f1195dfc
f0206f16ebcbf0a28ed2f332fb034d50456df8105a0ccda7df95d989bde929d3
f0236033b64827076dabee32636265f80c66147e6cded6bc6afffbc7eff28872
f164b0f7c34cc10d90a770c81b95d80e13932ec33598926cd158c20702dc0e5a
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f5ef4c7e64475909a9e32315f91f5cc5753af998f3076c7e61c1386752a6b9a8
fa4a67f196d515bc3927a9ba0ee3a22ad490f33db729b88db129520abb0d99a6
fb7402bb7dba8e1523e062ca0a063d3c4b660ad0871022d09d85e4e570e7295d
fd015e512f77c3bb8930ac78fc8e64a33a905e5aa1cadde379d20ddf0e4e4f93
fd69550e2e182092a182d5c5b8dc86563bba25f4f93d18fec75773f1d835b6a9
febf102a9b0661ed75e2d34a0a4da79ee48e9c3c6aec16bee9c17e6fd16c351a