plrjackpot.com Open in urlscan Pro
108.167.153.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/200eProducts
Effective URL:
https://plrjackpot.com/3/wso.php
Submission: On November 19 via api (November 19th 2019, 2:59:06 pm UTC) from BE

Summary HTTP 63 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 32 domains to perform 63 HTTP transactions. The main IP is 108.167.153.102, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is plrjackpot.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 8th 2019. Valid for: 3 months.

This is the only time plrjackpot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD - Google LLC)
1 5	104.25.149.118 104.25.149.118	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	108.167.153.102 108.167.153.102	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	72.247.224.172 72.247.224.172	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	151.101.12.65 151.101.12.65	54113 (FASTLY) (FASTLY - Fastly)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
8 11	52.17.226.250 52.17.226.250	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5 9	34.252.172.232 34.252.172.232	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	2a00:1288:110... 2a00:1288:110:c305::a000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	52.58.99.119 52.58.99.119	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.202 185.33.223.202	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
3 3	185.33.223.203 185.33.223.203	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	35.202.21.90 35.202.21.90	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:819::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.112.217 151.101.112.217	54113 (FASTLY) (FASTLY - Fastly)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
8	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	35.192.151.63 35.192.151.63	15169 (GOOGLE) (GOOGLE - Google LLC)
1	3.208.102.239 3.208.102.239	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
63	29

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.25.149.118 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

warriorplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.167.153.102 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: box6518.bluehost.com

plrjackpot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.247.224.172 (United States) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-224-172.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.17.226.250 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-226-250.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.252.172.232 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::a000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.99.119 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-99-119.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.202 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.203 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.21.90 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 90.21.202.35.bc.googleusercontent.com

vipaccess.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.192.151.63 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.102.239 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-208-102-239.compute-1.amazonaws.com

app.convertbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	adroll.com 8 redirects s.adroll.com d.adroll.com	20 KB
9	prfct.co 5 redirects pixel-geo.prfct.co pixel.prfct.co Failed	4 KB
8	googleusercontent.com lh3.googleusercontent.com	803 KB
5	facebook.com www.facebook.com	815 B
5	facebook.net connect.facebook.net	309 KB
5	warriorplus.com 1 redirects warriorplus.com	58 KB
4	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	4 KB
4	doubleclick.net 4 redirects stats.g.doubleclick.net cm.g.doubleclick.net	728 B
4	google-analytics.com www.google-analytics.com	20 KB
3	leadpages.io api.leadpages.io	1 KB
3	openx.net 1 redirects us-u.openx.net	451 B
2	gstatic.com fonts.gstatic.com	22 KB
2	center.io js.center.io	5 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	77 KB
2	bidswitch.net 1 redirects x.bidswitch.net	912 B
1	convertbar.com app.convertbar.com	67 KB
1	cloudflare.com cdnjs.cloudflare.com	19 KB
1	vimeo.com player.vimeo.com
1	googleapis.com fonts.googleapis.com	791 B
1	lpages.co vipaccess.lpages.co	23 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	twitter.com analytics.twitter.com	269 B
1	rlcdn.com idsync.rlcdn.com	40 B
1	yahoo.com 1 redirects ads.yahoo.com	671 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	190 B
1	marinsm.com tag.marinsm.com	4 KB
1	googletagmanager.com www.googletagmanager.com	21 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	plrjackpot.com plrjackpot.com	271 B
1	bit.ly 1 redirects bit.ly	356 B
63	32

	Domain	Requested by
10	d.adroll.com	7 redirects
9	pixel-geo.prfct.co	5 redirects
8	lh3.googleusercontent.com	vipaccess.lpages.co plrjackpot.com
5	www.facebook.com	plrjackpot.com
5	connect.facebook.net	warriorplus.com connect.facebook.net plrjackpot.com
5	warriorplus.com	1 redirects vipaccess.lpages.co
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	s.adroll.com	1 redirects www.googletagmanager.com
3	api.leadpages.io	js.center.io
3	secure.adnxs.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	us-u.openx.net	1 redirects
2	fonts.gstatic.com	plrjackpot.com
2	js.center.io	plrjackpot.com js.center.io
2	maxcdn.bootstrapcdn.com	vipaccess.lpages.co plrjackpot.com
2	x.bidswitch.net	1 redirects
1	app.convertbar.com	plrjackpot.com
1	cdnjs.cloudflare.com	vipaccess.lpages.co
1	player.vimeo.com	vipaccess.lpages.co
1	fonts.googleapis.com	vipaccess.lpages.co
1	vipaccess.lpages.co	plrjackpot.com
1	pixel.rubiconproject.com
1	analytics.twitter.com
1	idsync.rlcdn.com
1	ib.adnxs.com
1	ads.yahoo.com	1 redirects
1	d.adroll.mgr.consensu.org	1 redirects
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	tag.marinsm.com	www.googletagmanager.com
1	www.googletagmanager.com	warriorplus.com
1	cdn.onesignal.com	warriorplus.com
1	plrjackpot.com	warriorplus.com
1	bit.ly	1 redirects
0	pixel.prfct.co Failed
63	36

This site contains links to these domains. Also see Links.

Domain
warriorplus.com
member.ws

Subject Issuer	Validity	Valid
ssl375556.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-19` - `2020-05-27`	6 months	crt.sh
inspirationdna.com Let's Encrypt Authority X3	`2019-11-08` - `2020-02-06`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2019-09-23` - `2020-09-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.lpages.co COMODO RSA Domain Validation Secure Server CA	`2017-03-23` - `2020-03-22`	3 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.center.io COMODO RSA Domain Validation Secure Server CA	`2017-01-18` - `2020-02-08`	3 years	crt.sh
*.vimeo.com DigiCert SHA2 Secure Server CA	`2018-08-24` - `2020-04-02`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2019-11-12` - `2021-11-12`	2 years	crt.sh
convertbar.com Amazon	`2019-08-13` - `2020-09-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://plrjackpot.com/3/wso.php
Frame ID: FD122EBB86A629B254C8BD7B933501AA
Requests: 61 HTTP requests in this frame

Frame: https://player.vimeo.com/video/372623520?autoplay=1
Frame ID: EF77DA88CC43FFB26C5635A9424F2BD2
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 8AD8D35143AA007E2A9B9A585D84FC74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/200eProducts HTTP 301
https://warriorplus.com/o2/a/clptd/0/scrbx Page URL
https://warriorplus.com/o2/a/clptd/0/scrbx?nonce=954e203d61ed031ee906e2a0ed6b80e422ea514f HTTP 302
https://warriorplus.com/o/view/s49mrn/affc_clptd Page URL
https://plrjackpot.com/3/wso.php Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

63
Requests

98 %
HTTPS

44 %
IPv6

32
Domains

36
Subdomains

29
IPs

6
Countries

1454 kB
Transfer

2879 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://warriorplus.com/o2/buy/ptyj14/s49mrn/cxd1ys

Search URL Search Domain Scan URL

URL: https://warriorplus.com/o2/buy/ptyj14/s49mrn/p9rhzn

Search URL Search Domain Scan URL

URL: http://member.ws/legal
Title: Legal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/200eProducts HTTP 301
https://warriorplus.com/o2/a/clptd/0/scrbx Page URL
https://warriorplus.com/o2/a/clptd/0/scrbx?nonce=954e203d61ed031ee906e2a0ed6b80e422ea514f HTTP 302
https://warriorplus.com/o/view/s49mrn/affc_clptd Page URL
https://plrjackpot.com/3/wso.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bit.ly/200eProducts HTTP 301
https://warriorplus.com/o2/a/clptd/0/scrbx

Request Chain 1

https://warriorplus.com/o2/a/clptd/0/scrbx?nonce=954e203d61ed031ee906e2a0ed6b80e422ea514f HTTP 302
https://warriorplus.com/o/view/s49mrn/affc_clptd

Request Chain 12

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-74776-7&cid=1339998683.1574175532&jid=1593800947&gjid=894808570&_gid=162490820.1574175532&_u=aGBAgAAr~&z=1891773750 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=1339998683.1574175532&jid=1593800947&_v=j79&z=1891773750 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=1339998683.1574175532&jid=1593800947&_v=j79&z=1891773750&slf_rd=1&random=376389218

Request Chain 13

https://s.adroll.com/j/exp/KD3RBGHXH5DG3PI3RBAUIR/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 14

https://d.adroll.mgr.consensu.org/consent/iabcheck/KD3RBGHXH5DG3PI3RBAUIR?_s=12b01897a97f413188db4e77f2029eb7&_b=2 HTTP 302
https://d.adroll.com/consent/check/KD3RBGHXH5DG3PI3RBAUIR/?_s=12b01897a97f413188db4e77f2029eb7&_b=2

Request Chain 15

https://pixel-geo.prfct.co/tagjs?a_id=406&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag

Request Chain 17

https://d.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&pv=40398179565.845215&cookie=&adroll_s_ref=https%3A//warriorplus.com/o2/a/clptd/0/scrbx&keyw=&arrfrr=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fs49mrn%2Faffc_clptd HTTP 302
https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js

Request Chain 19

https://d.adroll.com/cm/r/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 20

https://d.adroll.com/cm/b/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI

Request Chain 21

https://d.adroll.com/cm/x/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI

Request Chain 22

https://d.adroll.com/cm/l/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=a372f140493490c393f3b2013c8cf0c2

Request Chain 23

https://d.adroll.com/cm/o/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a372f140493490c393f3b2013c8cf0c2 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a372f140493490c393f3b2013c8cf0c2

Request Chain 24

https://d.adroll.com/cm/g/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=o3LxQEk0kMOT87IBPIzwwg HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=o3LxQEk0kMOT87IBPIzwwg&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 25

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_bzJoV8fO75LiGhYFd

Request Chain 26

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_bzJoV8fO75LiGhYFd&sigv=1&esig=2~d031f9887b7f0ede45b479ce50c780e4583702f2 HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_bzJoV8fO75LiGhYFd

Request Chain 27

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_bzJoV8fO75LiGhYFd

Request Chain 28

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_bzJoV8fO75LiGhYFd

Request Chain 29

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfYnpKb1Y4Zk83NUxpR2hZRmQ HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 31

https://secure.adnxs.com/seg?t=2&add=1083254 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D1083254 HTTP 302
https://secure.adnxs.com/seg?add=695885&t=2 HTTP 302
https://pixel-geo.prfct.co/seg/?add=695885

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

scrbx Show response
warriorplus.com/o2/a/clptd/0/
Redirect Chain

http://bit.ly/200eProducts
https://warriorplus.com/o2/a/clptd/0/scrbx

17 KB
7 KB

722ms
698ms

Document
text/html

104.25.149.118
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://warriorplus.com/o2/a/clptd/0/scrbx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.25.149.118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3

Resource Hash

bd3a8a0ea2976a5d0589ef16d8c93edb58caf8b4e32f91bae8f1d23425e7507e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:method: GET
:authority: warriorplus.com
:scheme: https
:path: /o2/a/clptd/0/scrbx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 200
date: Tue, 19 Nov 2019 14:58:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d96205216e4eb272652022066d4af17ae1574175530; expires=Wed, 18-Nov-20 14:58:50 GMT; path=/; domain=.warriorplus.com; HttpOnly warriorplus=6td4qaq10f6j6nb3dlrumcttc3; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gw6q97d6y3cx4wsf; expires=Wed, 18-Nov-2020 14:58:50 GMT; Max-Age=31536000; path=/ wpg=gw6q97d6y3cx4wsf; expires=Wed, 18-Nov-2020 14:58:50 GMT; Max-Age=31536000; path=/
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: DENY
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53830b66ae9ebf14-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Tue, 19 Nov 2019 14:58:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 129
Cache-Control: private, max-age=90
Location: https://warriorplus.com/o2/a/clptd/0/scrbx
Set-Cookie: _bit=jajeWN-4f3494bfc3d6287d38-001; Domain=bit.ly; Expires=Sun, 17 May 2020 14:58:49 GMT
Via: 1.1 google

GET
H2

200

affc_clptd Show response
warriorplus.com/o/view/s49mrn/
Redirect Chain

https://warriorplus.com/o2/a/clptd/0/scrbx?nonce=954e203d61ed031ee906e2a0ed6b80e422ea514f
https://warriorplus.com/o/view/s49mrn/affc_clptd

20 KB
7 KB

693ms
691ms

Document
text/html

104.25.149.118
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://warriorplus.com/o/view/s49mrn/affc_clptd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.25.149.118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash: 1b4f78c17836a63e9e9ea4ad035ac2e5b29c3cc1f90cdef052ee486ffee21b4b

Request headers

:method: GET
:authority: warriorplus.com
:scheme: https
:path: /o/view/s49mrn/affc_clptd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://warriorplus.com/o2/a/clptd/0/scrbx
accept-encoding: gzip, deflate, br
cookie: __cfduid=d96205216e4eb272652022066d4af17ae1574175530; warriorplus=6td4qaq10f6j6nb3dlrumcttc3; wpg=gw6q97d6y3cx4wsf; affo_s49mrn=187790014; affo2_87411=187790014
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://warriorplus.com/o2/a/clptd/0/scrbx

Response headers

status: 200
date: Tue, 19 Nov 2019 14:58:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gw6q97d6y3cx4wsf; expires=Wed, 18-Nov-2020 14:58:51 GMT; Max-Age=31536000; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53830b6f6ff7bf14-FRA
content-encoding: br

Redirect headers

status: 302
date: Tue, 19 Nov 2019 14:58:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: DENY
set-cookie: TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gw6q97d6y3cx4wsf; expires=Wed, 18-Nov-2020 14:58:51 GMT; Max-Age=31536000; path=/ wpg=gw6q97d6y3cx4wsf; expires=Wed, 18-Nov-2020 14:58:51 GMT; Max-Age=31536000; path=/ affo_s49mrn=187790014; expires=Thu, 19-Dec-2019 14:58:51 GMT; Max-Age=2592000; path=/ affo2_87411=187790014; expires=Thu, 19-Dec-2019 14:58:51 GMT; Max-Age=2592000; path=/
location: /o/view/s49mrn/affc_clptd
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53830b6b1b82bf14-FRA

GET
H2 200 Primary Request wso.php Show response
plrjackpot.com/3/ 279 B
271 B 746ms
219ms Document
text/html 108.167.153.102
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://plrjackpot.com/3/wso.php
Requested by: Host: warriorplus.com
URL: https://warriorplus.com/o/view/s49mrn/affc_clptd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 108.167.153.102 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS: box6518.bluehost.com
Software: nginx/1.14.1 /
Resource Hash: a8dc861d52fa53d9e8730c092b5e056e81a45d9ac5f6a94af0638b48b00a5d6a

Request headers

:method: GET
:authority: plrjackpot.com
:scheme: https
:path: /3/wso.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd

Response headers

status: 200
server: nginx/1.14.1
date: Tue, 19 Nov 2019 14:58:52 GMT
content-type: text/html; charset=UTF-8
x-server-cache: false
content-encoding: gzip

GET
H2 200 OneSignalSDK.js
cdn.onesignal.com/sdks/ 8 KB
3 KB 57ms
29ms Script
application/javascript 2606:4700::6812:e134
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: warriorplus.com
URL: https://warriorplus.com/o/view/s49mrn/affc_clptd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:52 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3441
etag: W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 53830b73fb10cb9c-VIE
expires: Wed, 20 Nov 2019 02:58:52 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 57 KB
21 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:81b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Requested by

Host: warriorplus.com
URL: https://warriorplus.com/o/view/s49mrn/affc_clptd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:52 GMT
content-encoding: br
last-modified: Tue, 19 Nov 2019 12:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21869
x-xss-protection: 0
expires: Tue, 19 Nov 2019 14:58:52 GMT

GET
H/1.1 200
OK roundtrip.js
s.adroll.com/j/ 35 KB
12 KB 14ms
13ms Script
text/javascript 72.247.224.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.172 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id: Cfcf2Zha050p6Qtd5W1_7cu6D.28F5LP
Content-Encoding: gzip
x-amz-request-id: 5359950DEF031161
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 19 Nov 2019 14:58:52 GMT
Connection: keep-alive
Content-Length: 11203
x-amz-id-2: Ujvvr8DP3fR0qiO9BxejNE/zrS0o41wnPWtLFv3CvaUKIiWYP26jTmT56sYE1ojDau77fsbG2Bg=
Last-Modified: Mon, 18 Nov 2019 19:14:13 GMT
Server: AmazonS3
ETag: "180d7a429ccc15b416bc374f31fbb901"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 5265944071686a380300010a.js
tag.marinsm.com/serve/ 10 KB
4 KB 52ms
8ms Script
text/javascript 151.101.12.65
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/5265944071686a380300010a.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.65 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Tue, 19 Nov 2019 14:58:52 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 125
X-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3586
X-Served-By: cache-fra19160-FRA
Server: Cowboy
X-Timer: S1574175532.199670,VS0,VE0
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 analytics.js
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1515
date: Tue, 19 Nov 2019 14:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 19 Nov 2019 16:33:37 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 121 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: warriorplus.com
URL: https://warriorplus.com/o2/a/clptd/0/scrbx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: xeqIvAM+lrEt0lnuK7GkCtSZ8CTo9pWWoPL/9jTKM2KIPwekjXJsI2MPGCIVtNYlD6IfDs5wmNYIuQxSBskxLA==
x-fb-trip-id: 420120009
date: Tue, 19 Nov 2019 14:58:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 linkid.js
www.google-analytics.com/plugins/ua/ 2 KB
928 B 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1719
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 19 Nov 2019 15:30:13 GMT

GET
H2 200 ec.js
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2934
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Tue, 19 Nov 2019 15:09:58 GMT

GET
H2 200 661035823949763
connect.facebook.net/signals/config/ 349 KB
85 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/661035823949763?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 87142
x-xss-protection: 0
pragma: public
x-fb-debug: vMRzVsxdXuplVXekWlbaPJWZh0g5K9GeURWvwfJOfZhfxmOnXZRk+VQjq5Lj1k3Q/jcXuvPcZGUhjFy4wBQVUA==
x-fb-trip-id: 420120009
date: Tue, 19 Nov 2019 14:58:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=832820719&t=pageview&_s=1&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fs49mrn%2Faffc_clptd&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAr~&jid=1593800947&gjid=894808570&cid=1339998683.1574175532&tid=UA-74776-7&_gid=162490820.1574175532&gtm=2wgav3WMGQ2M&z=1426736263

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Nov 2019 16:45:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 598427
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-74776-7&cid=1339998683.1574175532&jid=1593800947&gjid=894808570&_gid=162490820.1574175532&_u=aGBAgAAr~&z=1891773750
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=1339998683.1574175532&jid=1593800947&_v=j79&z=1891773750
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=1339998683.1574175532&jid=1593800947&_v=j79&z=1891773750&slf_rd=1&random=376389218

42 B
109 B

30ms
29ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=1339998683.1574175532&jid=1593800947&_v=j79&z=1891773750&slf_rd=1&random=376389218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=1339998683.1574175532&jid=1593800947&_v=j79&z=1891773750&slf_rd=1&random=376389218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/KD3RBGHXH5DG3PI3RBAUIR/index.js
https://s.adroll.com/j/exp/index.js

28 B
680 B

12ms
12ms

Script
application/javascript

72.247.224.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.172 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id: uu8aC4BrXH37ifNGEDMt9zG1fcIDAhBn
x-amz-request-id: 3ED7BA267878D549
x-amz-server-side-encryption: AES256
Date: Tue, 19 Nov 2019 14:58:52 GMT
Connection: keep-alive
Content-Length: 28
x-amz-id-2: q+EuHVqK+DeO4NGZOK3ycqY+rb1y/QfUiG6C8cEN+8s/EUJfv0cYUle6DZ11RzXnaYIp+MZHoJM=
Last-Modified: Mon, 18 Nov 2019 19:22:30 GMT
Server: AmazonS3
ETag: "5816cced8568d223aa09d889f300692b"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 19 Nov 2019 14:58:52 GMT
Server: AkamaiGHost
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2

200

/
d.adroll.com/consent/check/KD3RBGHXH5DG3PI3RBAUIR/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/KD3RBGHXH5DG3PI3RBAUIR?_s=12b01897a97f413188db4e77f2029eb7&_b=2
https://d.adroll.com/consent/check/KD3RBGHXH5DG3PI3RBAUIR/?_s=12b01897a97f413188db4e77f2029eb7&_b=2

86 B
552 B

34ms
31ms

Script
application/javascript

52.17.226.250
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/KD3RBGHXH5DG3PI3RBAUIR/?_s=12b01897a97f413188db4e77f2029eb7&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.226.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-226-250.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 86

Redirect headers

status: 302
date: Tue, 19 Nov 2019 14:58:52 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/KD3RBGHXH5DG3PI3RBAUIR/?_s=12b01897a97f413188db4e77f2029eb7&_b=2

GET
H/1.1

200
OK

tagjs
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=406&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag

83 B
411 B

31ms
30ms

Script
text/javascript

34.252.172.232
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 83
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 /
www.facebook.com/tr/ 44 B
256 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661035823949763&ev=PageView&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fs49mrn%2Faffc_clptd&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fclptd%2F0%2Fscrbx&if=false&ts=1574175532215&sw=1600&sh=1200&v=2.9.13&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1574175532214.148506696&it=1574175532180&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 19 Nov 2019 14:58:52 GMT

GET
H/1.1

200
OK

M5CWFZYDJZHPXPS7JF6KB3.js
s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/
Redirect Chain

https://d.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&pv=40398179565.845215&cookie=&adroll_s_ref=https%3A//warr...
https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js

3 KB
2 KB

18ms
17ms

Script
text/javascript

72.247.224.172
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.224.172 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id: t5yLb0hIE3oP_XgkNAidEpLimnb3fFJy
Content-Encoding: gzip
x-amz-request-id: 0EDD3583CBFE6CFE
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Tue, 19 Nov 2019 14:58:52 GMT
Connection: keep-alive
Content-Length: 1291
x-amz-id-2: wGtk9z08OEpLg5zuEmJX9xupv9X+57MnTtsHOg8KNDp9/8Xjd8DqiUqeXJX9ZQJ1d3V4k1GprFI=
Last-Modified: Wed, 23 Oct 2019 23:01:15 GMT
Server: AmazonS3
ETag: "ee36f9774eaf2c0e780d5d0020092e32"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Tue, 19 Nov 2019 14:58:52 GMT
x-segment-display-name
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.16.1
x-rule: *
x-segment-eid: M5CWFZYDJZHPXPS7JF6KB3
location: https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: FKQRAFP6HZHONOPBPNAQUD
x-segment-name: *
x-advertisable-eid: KD3RBGHXH5DG3PI3RBAUIR
x-conversion-currency

GET
H2 200 1425266997788380
connect.facebook.net/signals/config/ 349 KB
86 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1425266997788380?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: rc8WVUhvQ2s40EBll8+gQidjbH4b6l1lwsYWE1oaqRxkSR8o/fuShj2vN/N4Umc//Re5hPD83YrXius8xub/iQ==
x-fb-trip-id: 420120009
date: Tue, 19 Nov 2019 14:58:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
519 B

31ms
31ms

Image
image/gif

52.17.226.250
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.226.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-226-250.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

Date: Tue, 19 Nov 2019 14:58:52 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI

43 B
380 B

43ms
43ms

Image
image/gif

52.58.99.119
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.99.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-99-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 200
date: Tue, 19 Nov 2019 14:58:52 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Tue, 19 Nov 2019 14:58:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://ib.adnxs.com/setuid?entity=172&code=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI

43 B
874 B

44ms
15ms

Image
image/gif

185.33.223.202
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.202 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

318.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Nov 2019 14:58:54 GMT
AN-X-Request-Uuid: b9eea5c2-5cf2-4f48-a3b5-6c105b96dd35
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 318.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
server: nginx/1.16.1
location: https://ib.adnxs.com/setuid?entity=172&code=YTM3MmYxNDA0OTM0OTBjMzkzZjNiMjAxM2M4Y2YwYzI
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://idsync.rlcdn.com/377928.gif?partner_uid=a372f140493490c393f3b2013c8cf0c2

0
40 B

113ms
112ms

Image
text/plain

35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=a372f140493490c393f3b2013c8cf0c2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 204
date: Tue, 19 Nov 2019 14:58:52 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
server: nginx/1.16.1
location: https://idsync.rlcdn.com/377928.gif?partner_uid=a372f140493490c393f3b2013c8cf0c2
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a372f140493490c393f3b2013c8cf0c2
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a372f140493490c393f3b2013c8cf0c2

43 B
109 B

16ms
15ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a372f140493490c393f3b2013c8cf0c2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.1 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
via: 1.1 google
server: OXGW/16.167.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 19 Nov 2019 14:58:52 GMT
via: 1.1 google
server: OXGW/16.167.1
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a372f140493490c393f3b2013c8cf0c2
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=efd40a358cebe494856e847a57229914-1574175532339&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=o3LxQEk0kMOT87IBPIzwwg
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=o3LxQEk0kMOT87IBPIzwwg&google_tc=
https://d.adroll.com/cm/g/in

42 B
536 B

33ms
33ms

Image
image/gif

52.17.226.250
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.226.250 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-226-250.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_bzJoV8fO75LiGhYFd

43 B
269 B

127ms
127ms

Image
image/gif

104.244.42.195
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_bzJoV8fO75LiGhYFd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 121
pragma: no-cache
last-modified: Tue, 19 Nov 2019 14:58:52 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ecc0734c97a39a70c2d08c5a88edd75a
x-transaction: 00124b0000ca7099
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_bzJoV8fO75LiGhYFd
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_bzJoV8fO75LiGhYFd&sigv=1&esig=2~d031f9887b7f0ede45b479ce50c780e4583702f2
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_bzJoV8fO75LiGhYFd

0
0

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_bzJoV8fO75LiGhYFd

43 B
109 B

16ms
15ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_bzJoV8fO75LiGhYFd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.1 /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
via: 1.1 google
server: OXGW/16.167.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_bzJoV8fO75LiGhYFd
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_bzJoV8fO75LiGhYFd

0
239 B

11ms
10ms

Image
image/gif

69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_bzJoV8fO75LiGhYFd
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_bzJoV8fO75LiGhYFd
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfYnpKb1Y4Zk83NUxpR2hZRmQ
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

29ms
28ms

Image
image/gif

34.252.172.232
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:52 GMT
server: HTTP server (unknown)
location: https://pixel-geo.prfct.co/cb?partnerId=goo
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 113ms
113ms Image
image/gif 34.252.172.232
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=1083254&source=js_tag&a_id=406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/seg/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=1083254
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D1083254
https://secure.adnxs.com/seg?add=695885&t=2
https://pixel-geo.prfct.co/seg/?add=695885

43 B
365 B

118ms
118ms

Image
image/gif

34.252.172.232
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=695885
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Pragma: no-cache
Date: Tue, 19 Nov 2019 14:58:54 GMT
AN-X-Request-Uuid: 61a55d28-23be-4a1c-8e49-9f1801b3dd01
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://pixel-geo.prfct.co/seg/?add=695885
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.45:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1425266997788380&ev=PageView&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fs49mrn%2Faffc_clptd&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fclptd%2F0%2Fscrbx&if=false&ts=1574175532508&cd[segment_eid]=M5CWFZYDJZHPXPS7JF6KB3&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=29&fbp=fb.1.1574175532214.148506696&it=1574175532180&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 19 Nov 2019 14:58:52 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=661035823949763&ev=Microdata&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fs49mrn%2Faffc_clptd&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fclptd%2F0%2Fscrbx&if=false&ts=1574175532717&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwarriorplus.comhttps%3A%2F%2Fplrjackpot.com%2F3%2Fwso.php%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.13&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1574175532214.148506696&it=1574175532180&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://warriorplus.com/o/view/s49mrn/affc_clptd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 19 Nov 2019 14:58:52 GMT

GET
H2 200 / Show response
vipaccess.lpages.co/_/js/plr-jackpot-3-wso/ 139 KB
23 KB 359ms
121ms Script
application/javascript 35.202.21.90
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.202.21.90 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

0105135be106f504fd0f64d1baf2602e318428386291b177d49c8cc15dca274c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
content-encoding: br
last-modified: Tue, 19 Nov 2019 14:49:53 GMT
server: Leadpages
etag: W/"98c3e556a3cee8a654f62d46bcc9e414"
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: application/javascript
status: 200
cache-control: no-cache
strict-transport-security: max-age=15768000

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 27ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by: Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 6662

GET
H2 200 css
fonts.googleapis.com/ 9 KB
791 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

33e2656713e8648323bd5193b2e314db7df61f4d37d5df4ce22ad72b04a1166a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 19 Nov 2019 14:58:53 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 19 Nov 2019 14:58:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 19 Nov 2019 14:58:53 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 35ms
13ms Script
application/javascript 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3adb60545bd82c9e4963d5bb1a08138b66c931262fb4852ca38219c430762e0a

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:57:03 GMT
content-encoding: gzip
server: Google Frontend
age: 110
etag: "1wcOuA"
content-type: application/javascript
status: 200
x-cloud-trace-context: 0b6246cb8b94259af63f7522ab9b2ad5
cache-control: public, max-age=300
content-length: 5099
expires: Tue, 19 Nov 2019 15:02:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: xeqIvAM+lrEt0lnuK7GkCtSZ8CTo9pWWoPL/9jTKM2KIPwekjXJsI2MPGCIVtNYlD6IfDs5wmNYIuQxSBskxLA==
x-fb-trip-id: 420120009
date: Tue, 19 Nov 2019 14:58:53 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 372623520
player.vimeo.com/video/ Frame EF77 0
0 101ms
101ms Document
text/html 151.101.112.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/372623520?autoplay=1

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://plrjackpot.com/3/wso.php
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://plrjackpot.com/3/wso.php

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Wed, 20 Nov 2019 14:42:30 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-7
X-Vimeo-DC: ge
Content-Length: 4485
Accept-Ranges: bytes
Date: Tue, 19 Nov 2019 14:58:53 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-hhn4068-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1574175533.368283,VS0,VE96
Vary: Accept-Encoding

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.14.1/ 57 KB
19 KB 21ms
21ms Script
application/javascript 2606:4700::6811:4104
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.14.1/moment.min.js

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 18809374
cf-ray: 53830b7b9e52cb98-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:24:28 GMT
server: cloudflare
etag: W/"5afd4a4c-e53e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 08 Nov 2020 14:58:53 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.011

GET
H2 200 YJBzqCjFGvJjUbuHQi3b89VYwzt9LDYl1Wg2QE2FL9yDjcpvrsXqNVAjXHFyg-thrjau3AVeqcWwzOABXk-DXQ=w16
lh3.googleusercontent.com/ 174 B
267 B 7ms
6ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YJBzqCjFGvJjUbuHQi3b89VYwzt9LDYl1Wg2QE2FL9yDjcpvrsXqNVAjXHFyg-thrjau3AVeqcWwzOABXk-DXQ=w16

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

1e5577e41dae1bf7707249e6807fe7f43ae6c8dfe0adfd2632c49a24fa93872d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:26:17 GMT
x-content-type-options: nosniff
age: 1956
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 174
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Nov 2019 15:26:03 GMT

GET
H2 200 LTL8VcDh7L_-OUHiyZNBBztgVY-hWDq3MneTt47v9MDvbSL9oDDKSeYJLN2Dsn2oNoISquFc_8sA_9GnV9rMUDY=w16
lh3.googleusercontent.com/ 284 B
350 B 8ms
7ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/LTL8VcDh7L_-OUHiyZNBBztgVY-hWDq3MneTt47v9MDvbSL9oDDKSeYJLN2Dsn2oNoISquFc_8sA_9GnV9rMUDY=w16

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

4ea0e885d2d26e2570a06dcc10982065e202fc412f2d9a5bc9229cafcb296791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:26:17 GMT
x-content-type-options: nosniff
age: 1956
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Nov 2019 15:26:03 GMT

GET
H2 200 BPNZj81X7L8xhQa6MH420A49b330wO9b2vrBHwQ3Dyi7oj-45-NoxQy1XylmoyRY3a52L6cyRbamyoro0PJg=s0
lh3.googleusercontent.com/ 30 KB
30 KB 9ms
8ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/BPNZj81X7L8xhQa6MH420A49b330wO9b2vrBHwQ3Dyi7oj-45-NoxQy1XylmoyRY3a52L6cyRbamyoro0PJg=s0

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

c6c7102c4fdc91b2b43ed4905445f4be8ac2467d8b8125e1d95b28cacd756685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:26:17 GMT
x-content-type-options: nosniff
age: 1956
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30903
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Nov 2019 15:26:04 GMT

GET
H2 200 6OkgWTTlkMUdJFzrhATDCSmKtLsCEHW-4i5Xa0tbK2v1D-aEBKySNCqPf1FYKBgRVBBvBFfdGIxo3CkFaA8u=w16
lh3.googleusercontent.com/ 741 B
807 B 8ms
7ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/6OkgWTTlkMUdJFzrhATDCSmKtLsCEHW-4i5Xa0tbK2v1D-aEBKySNCqPf1FYKBgRVBBvBFfdGIxo3CkFaA8u=w16

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

4b8d6b01ed00f234c0d7fd9e66a393ec46064c433444ad412eebcad1827dafc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:26:17 GMT
x-content-type-options: nosniff
age: 1956
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 741
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Nov 2019 15:26:03 GMT

GET
H2 200 lLp-VAYtv3Dn1VBBYSHsv6LXDhIG7tNNH7_Tx4rUIbVEI1uytJzWxInAGREqi9CX8W7rNuOBOA04zz68UIrJ=w16
lh3.googleusercontent.com/ 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/lLp-VAYtv3Dn1VBBYSHsv6LXDhIG7tNNH7_Tx4rUIbVEI1uytJzWxInAGREqi9CX8W7rNuOBOA04zz68UIrJ=w16

Requested by

Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

06656c6c8650b6717772f3b4a95353b83b8d39d6269d79208341de909d3103e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:26:17 GMT
x-content-type-options: nosniff
age: 1956
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2555
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Nov 2019 15:26:03 GMT

GET
H2 200 178389
warriorplus.com/o2/btn/fn100011121/ptyj14/s49mrn/ 21 KB
21 KB 963ms
962ms Image
image/png 104.25.149.118
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warriorplus.com/o2/btn/fn100011121/ptyj14/s49mrn/178389
Requested by: Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.25.149.118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash: ce92b0e7f4637897db1984bc39bb6b8f957af49c98a04583eaac3df82b0bbac6

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:54 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 19 Nov 2019 14:58:54 GMT
server: cloudflare
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 53830b7b9d5dbf14-FRA
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 178390
warriorplus.com/o2/btn/fn120011121/ptyj14/s49mrn/ 21 KB
22 KB 311ms
311ms Image
image/png 104.25.149.118
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warriorplus.com/o2/btn/fn120011121/ptyj14/s49mrn/178390
Requested by: Host: vipaccess.lpages.co
URL: https://vipaccess.lpages.co/_/js/plr-jackpot-3-wso/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.25.149.118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash: f2f172c4c3d70374cad1bb562dc4acffc31a7e232bc76e2604614d8cf811f976

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Nov 2019 14:58:53 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 19 Nov 2019 14:58:53 GMT
server: cloudflare
x-powered-by: PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 53830b7b9d5fbf14-FRA
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 512184942710792 Show response
connect.facebook.net/signals/config/ 349 KB
86 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/512184942710792?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

dd968ad7b34348818ef41b9bb162528f8a28b2a6df12387cf73dbb8243911f60

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 9K8ulFq0iOsO7U9BLn2QjRNM2EefC7mm/kMgnIRd8pcDOdL5/3wcxqkXc+clnQrgUNDAKedLArxkU9HPX+SUeg==
x-fb-trip-id: 420120009
date: Tue, 19 Nov 2019 14:58:53 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
70 KB 9ms
9ms Font
font/woff2 2001:4de0:ac19::1:b:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin: https://plrjackpot.com

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 71903

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin: https://plrjackpot.com

Response headers

date: Tue, 12 Nov 2019 15:22:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 603405
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Wed, 11 Nov 2020 15:22:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin: https://plrjackpot.com

Response headers

date: Tue, 12 Nov 2019 15:22:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 603404
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Wed, 11 Nov 2020 15:22:09 GMT

GET
H2 200 identify.html
js.center.io/ Frame 8AD8 0
0 13ms
13ms Document
text/html 2a00:1450:4001:819::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

:method: GET
:authority: js.center.io
:scheme: https
:path: /identify.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://plrjackpot.com/3/wso.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://plrjackpot.com/3/wso.php

Response headers

status: 200
date: Tue, 19 Nov 2019 14:57:50 GMT
expires: Tue, 19 Nov 2019 15:02:50 GMT
etag: "1wcOuA"
x-cloud-trace-context: 36531442161e11b58989842ea8317949
content-type: text/html
content-encoding: gzip
server: Google Frontend
cache-control: public, max-age=300
content-length: 1698
age: 63

GET
H2 200 YJBzqCjFGvJjUbuHQi3b89VYwzt9LDYl1Wg2QE2FL9yDjcpvrsXqNVAjXHFyg-thrjau3AVeqcWwzOABXk-DXQ=w435
lh3.googleusercontent.com/ 6 KB
6 KB 18ms
17ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YJBzqCjFGvJjUbuHQi3b89VYwzt9LDYl1Wg2QE2FL9yDjcpvrsXqNVAjXHFyg-thrjau3AVeqcWwzOABXk-DXQ=w435

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

90cd8a6d0d801e1b45f2cfa88b039337e59c8b14402f8df34f65a49f1c312e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5751
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 18 Nov 2019 14:26:21 GMT

GET
H2 200 LTL8VcDh7L_-OUHiyZNBBztgVY-hWDq3MneTt47v9MDvbSL9oDDKSeYJLN2Dsn2oNoISquFc_8sA_9GnV9rMUDY=w870
lh3.googleusercontent.com/ 42 KB
42 KB 20ms
20ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/LTL8VcDh7L_-OUHiyZNBBztgVY-hWDq3MneTt47v9MDvbSL9oDDKSeYJLN2Dsn2oNoISquFc_8sA_9GnV9rMUDY=w870

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

4e1a37353a6a29d7f57177c907ca86b902d3955d47e3493e7222e67caea29e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42887
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 18 Nov 2019 15:28:36 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
647 B 370ms
143ms XHR
image/gif 35.192.151.63
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=i3ug9XR3LRjH9ztq5jBAX8&v=&e=&st=&pid=vVHAqwQWtBPcHspQ4Z5AEe&uid=XUK4hDUD4nLh7GXdejMpas&sid=otSeAdpK24G38gL4wbbCth&cid=lp-i3ug9XR3LRjH9ztq5jBAX8&uri=https%3A%2F%2Fplrjackpot.com%2F3%2Fwso.php&rf=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fs49mrn%2Faffc_clptd&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://plrjackpot.com/3/wso.php
Origin: https://plrjackpot.com

Response headers

Date: Tue, 19 Nov 2019 14:58:53 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 144.76.109.30
Content-Type: image/gif
access-control-allow-origin: https://plrjackpot.com
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
access-control-max-age: 600
Connection: keep-alive
x-request-id: 02pvcp9pjrvukbe5sk3g

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=512184942710792&ev=PageView&dl=https%3A%2F%2Fplrjackpot.com%2F3%2Fwso.php&rl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fs49mrn%2Faffc_clptd&if=false&ts=1574175533482&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.1.1574175533482.1257727881&it=1574175533380&coo=false&rqm=GET

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 19 Nov 2019 14:58:53 GMT

GET
H2 200 6OkgWTTlkMUdJFzrhATDCSmKtLsCEHW-4i5Xa0tbK2v1D-aEBKySNCqPf1FYKBgRVBBvBFfdGIxo3CkFaA8u=w870
lh3.googleusercontent.com/ 720 KB
721 KB 24ms
24ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/6OkgWTTlkMUdJFzrhATDCSmKtLsCEHW-4i5Xa0tbK2v1D-aEBKySNCqPf1FYKBgRVBBvBFfdGIxo3CkFaA8u=w870

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d244663cd32c12838d7147e2b09f51e01e730c63071d047ed25dee84261c9dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 737635
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Nov 2019 13:38:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=512184942710792&ev=Microdata&dl=https%3A%2F%2Fplrjackpot.com%2F3%2Fwso.php&rl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fs49mrn%2Faffc_clptd&if=false&ts=1574175533985&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PLR%20Jackpot%203%20%7C%20The%20Biggest%20PLR%20Package%20EVER!%22%2C%22meta%3Akeywords%22%3A%22plr%2C%20private%20label%2C%20private%20label%20rights%2C%20white%20label%2C%20white%20label%20rights%2C%20internet%20marketing%2C%20make%20money%20online%22%2C%22meta%3Adescription%22%3A%22200%2B%20Private%20Label%20Rights%20Collection%20from%20Eric%20Holmlund%20and%20Ian%20del%20Carmen%27s%20PLR%20Jackpot%203!%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fvipaccess.lpages.co%2Fplr-jackpot-3-wso%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22PLR%20Jackpot%203%20%7C%20The%20Biggest%20PLR%20Package%20EVER!%22%2C%22og%3Adescription%22%3A%22200%2B%20Private%20Label%20Rights%20Collection%20from%20Eric%20Holmlund%20and%20Ian%20del%20Carmen%27s%20PLR%20Jackpot%203!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Flh3.googleusercontent.com%2FLNT2dd1BV7Jf11aSJZ7IO41X3A9TWDBEq7tt_JQkK2PV4xyWQMCgpQqEcNWzph7Vd44-5BqicfQZfIRF13_RZic%3Ds0%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.13&r=stable&ec=1&o=30&fbp=fb.1.1574175533482.1257727881&it=1574175533380&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 14:58:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Tue, 19 Nov 2019 14:58:53 GMT

GET
H/1.1 200
OK convertbar.js Show response
app.convertbar.com/embed/a79c06ff-af55-46cc-8559-edd41f72b18e/ 208 KB
67 KB 407ms
115ms Script
text/html 3.208.102.239
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convertbar.com/embed/a79c06ff-af55-46cc-8559-edd41f72b18e/convertbar.js
Requested by: Host: plrjackpot.com
URL: https://plrjackpot.com/3/wso.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.102.239 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-208-102-239.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ee5c40c182b8651e5defb9e7ef197dc2db2edb83cc6e0d4141292810e3661f3e

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Tue, 19 Nov 2019 14:58:54 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, private
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
355 B 115ms
114ms Image
image/gif 35.192.151.63
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=303,223,219,746,1,748,1330,1330,2384,2385
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://plrjackpot.com/3/wso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Tue, 19 Nov 2019 14:58:54 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 144.76.109.30
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 02pvcpg6ngp9aeerrf0g

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
437 B 115ms
114ms XHR
image/gif 35.192.151.63
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.4&correlateBy=NeoQ5x2TJRKR9SobB56Af6&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=35.94500012695789,30.289998278021812,1,371.0100017488003
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.192.151.63 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://plrjackpot.com/3/wso.php
Origin: https://plrjackpot.com

Response headers

Date: Tue, 19 Nov 2019 14:58:57 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 144.76.109.30
Content-Type: image/gif
access-control-allow-origin: https://plrjackpot.com
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
access-control-max-age: 600
Connection: keep-alive
x-request-id: 02pvcqa6rkhh4sugj940

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.prfct.co
URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_bzJoV8fO75LiGhYFd

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
player.vimeo.com/	1970-01-26 12:28:15	Name: muxData Value: mux_viewer_id=cf62a9cb-51a5-46b0-8c3a-6e2f1a1b6f5a&msn=0.5188105665860343&sid=17255c40-c479-4c81-bea5-646cf6ba2fa6&sst=1574175533604&sex=1574177033625
.vimeo.com/	1970-01-19 14:03:17	Name: player Value: ""
.vimeo.com/	1970-01-19 22:47:27	Name: vuid Value: pl1183089442.11890105
player.vimeo.com/video	1969-12-31 23:59:59	Name: loglevel Value: WARN
.plrjackpot.com/	1970-01-19 07:25:51	Name: _fbp Value: fb.1.1574175533482.1257727881

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://app.convertbar.com/embed/a79c06ff-af55-46cc-8559-edd41f72b18e/convertbar.js(Line 3) Message: jQuery.Deferred exception: Cannot read property 'visited_on_this_site' of null TypeError: Cannot read property 'visited_on_this_site' of null at Object.e.get (https://app.convertbar.com/embed/a79c06ff-af55-46cc-8559-edd41f72b18e/convertbar.js:4:13918) at HTMLDocument.ue (https://app.convertbar.com/embed/a79c06ff-af55-46cc-8559-edd41f72b18e/convertbar.js:7:18666) at d (https://app.convertbar.com/embed/a79c06ff-af55-46cc-8559-edd41f72b18e/convertbar.js:2:31667) at f (https://app.convertbar.com/embed/a79c06ff-af55-46cc-8559-edd41f72b18e/convertbar.js:2:31982) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
analytics.twitter.com
api.leadpages.io
app.convertbar.com
bit.ly
cdn.onesignal.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
js.center.io
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
player.vimeo.com
plrjackpot.com
s.adroll.com
secure.adnxs.com
stats.g.doubleclick.net
tag.marinsm.com
us-u.openx.net
vipaccess.lpages.co
warriorplus.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
pixel.prfct.co
104.244.42.195
104.25.149.118
108.167.153.102
151.101.112.217
151.101.12.65
172.217.23.98
185.33.223.202
185.33.223.203
2001:4de0:ac19::1:b:3b
2606:4700::6811:4104
2606:4700::6812:e134
2a00:1288:110:c305::a000
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:819::2013
2a00:1450:4001:81b::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200a
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.208.102.239
34.252.172.232
34.95.120.147
35.190.72.21
35.192.151.63
35.202.21.90
52.17.226.250
52.58.99.119
67.199.248.11
69.173.144.136
72.247.224.172
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0105135be106f504fd0f64d1baf2602e318428386291b177d49c8cc15dca274c
06656c6c8650b6717772f3b4a95353b83b8d39d6269d79208341de909d3103e5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0defdc819a00920beaa312fdc89a49ccf1f2a335044c59d2bfb11019f416438a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b4f78c17836a63e9e9ea4ad035ac2e5b29c3cc1f90cdef052ee486ffee21b4b
1e5577e41dae1bf7707249e6807fe7f43ae6c8dfe0adfd2632c49a24fa93872d
33e2656713e8648323bd5193b2e314db7df61f4d37d5df4ce22ad72b04a1166a
3adb60545bd82c9e4963d5bb1a08138b66c931262fb4852ca38219c430762e0a
4b8d6b01ed00f234c0d7fd9e66a393ec46064c433444ad412eebcad1827dafc5
4e1a37353a6a29d7f57177c907ca86b902d3955d47e3493e7222e67caea29e2b
4ea0e885d2d26e2570a06dcc10982065e202fc412f2d9a5bc9229cafcb296791
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
90cd8a6d0d801e1b45f2cfa88b039337e59c8b14402f8df34f65a49f1c312e24
a8dc861d52fa53d9e8730c092b5e056e81a45d9ac5f6a94af0638b48b00a5d6a
bd3a8a0ea2976a5d0589ef16d8c93edb58caf8b4e32f91bae8f1d23425e7507e
c6c7102c4fdc91b2b43ed4905445f4be8ac2467d8b8125e1d95b28cacd756685
ce92b0e7f4637897db1984bc39bb6b8f957af49c98a04583eaac3df82b0bbac6
d244663cd32c12838d7147e2b09f51e01e730c63071d047ed25dee84261c9dba
dd968ad7b34348818ef41b9bb162528f8a28b2a6df12387cf73dbb8243911f60
ee5c40c182b8651e5defb9e7ef197dc2db2edb83cc6e0d4141292810e3661f3e
f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16
f2f172c4c3d70374cad1bb562dc4acffc31a7e232bc76e2604614d8cf811f976

plrjackpot.com Open in urlscan Pro 108.167.153.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

44 %IPv6

32 Domains

36 Subdomains

29 IPs

6 Countries

1454 kBTransfer

2879 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

plrjackpot.com Open in urlscan Pro
108.167.153.102 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

44 %
IPv6

32
Domains

36
Subdomains

29
IPs

6
Countries

1454 kB
Transfer

2879 kB
Size

5
Cookies

63 HTTP transactions
0 data transactions