urlscan.io logo urlscan.io
SecurityTrails logo

ticketymarketing.com Open in urlscan Pro
162.211.84.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://u7518060.ct.sendgrid.net/wf/click?upn=wUP7KVIjIv77NcN0AKCcHJXR612KyGcQpBD2BNeFM8w-3D_lBa7v2o5b2dBFosQcE4zG0seR-2BaF8OpGmU...
Effective URL: https://ticketymarketing.com/affiliate-rebill-riches-3-0/
Submission: On November 13 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 24 domains to perform 45 HTTP transactions. The main IP is 162.211.84.188, located in Dallas, United States and belongs to PRIVATESYSTEMS - PrivateSystems Networks, US. The main domain is ticketymarketing.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 31st 2019. Valid for: 3 months.
This is the only time ticketymarketing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.54 11377 (SENDGRID)
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 3 104.25.149.118 13335 (CLOUDFLAR...)
1 162.211.84.188 63410 (PRIVATESY...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2.18.233.40 16625 (AKAMAI-AS)
1 151.101.12.65 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
7 11 34.252.172.232 16509 (AMAZON-02)
7 10 54.72.198.186 16509 (AMAZON-02)
2 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 2 52.58.102.57 16509 (AMAZON-02)
1 37.252.173.27 29990 (ASN-APPNEXUS)
1 35.190.72.21 15169 (GOOGLE)
2 4 34.95.120.147 15169 (GOOGLE)
3 3 172.217.16.130 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
1 3.81.196.225 14618 (AMAZON-AES)
1 69.173.144.139 26667 (RUBICONPR...)
3 3 37.252.172.249 29990 (ASN-APPNEXUS)
45 20
1    167.89.115.54 (United States)

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789115x54.outbound-mail.sendgrid.net
u7518060.ct.sendgrid.net
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly
bit.ly
3    104.25.149.118 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
warriorplus.com
1    162.211.84.188 (Dallas, United States)

ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US)
PTR: host.ticketymarketing.com
ticketymarketing.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com
s.adroll.com
1    151.101.12.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
tag.marinsm.com
4    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
11    34.252.172.232 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
pixel-geo.prfct.co
10    54.72.198.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-198-186.eu-west-1.compute.amazonaws.com
d.adroll.com
2    2a00:1288:110:c305::a000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
ads.yahoo.com
2    52.58.102.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-102-57.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    37.252.173.27 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
4    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
us-u.openx.net
3    172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    104.244.42.195 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    3.81.196.225 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-81-196-225.compute-1.amazonaws.com
pixel.prfct.co
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com
3    37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
Domain Requested by
11 pixel-geo.prfct.co 7 redirects
10 d.adroll.com 7 redirects s.adroll.com
4 us-u.openx.net 2 redirects
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 s.adroll.com 1 redirects www.googletagmanager.com
3 secure.adnxs.com 3 redirects
3 cm.g.doubleclick.net 3 redirects
3 www.facebook.com
3 connect.facebook.net warriorplus.com
connect.facebook.net
3 warriorplus.com 1 redirects
2 x.bidswitch.net 1 redirects
2 ads.yahoo.com 2 redirects
1 pixel.rubiconproject.com
1 pixel.prfct.co
1 analytics.twitter.com
1 idsync.rlcdn.com
1 ib.adnxs.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 tag.marinsm.com www.googletagmanager.com
1 www.googletagmanager.com warriorplus.com
1 cdn.onesignal.com warriorplus.com
1 ticketymarketing.com warriorplus.com
ticketymarketing.com
1 bit.ly 1 redirects
1 u7518060.ct.sendgrid.net 1 redirects
0 cdn.shortpixel.ai Failed ticketymarketing.com
0 fonts.googleapis.com Failed ticketymarketing.com
45 28

This site contains no links.

Subject Issuer Validity Valid
ssl375556.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-02 -
2020-05-10		 6 months crt.sh
ticketymarketing.com
cPanel, Inc. Certification Authority		 2019-08-31 -
2019-11-29		 3 months crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-11 -
2020-04-18		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2018-12-19 -
2020-03-19		 a year crt.sh
g.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2019-09-23 -
2020-09-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.prfct.co
DigiCert SHA2 Secure Server CA		 2019-09-03 -
2021-10-27		 2 years crt.sh
adroll.mgr.consensu.org
Amazon		 2019-11-06 -
2020-12-06		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://ticketymarketing.com/affiliate-rebill-riches-3-0/
Frame ID: FBE1C0995B0C7758574BC899159616D6
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://u7518060.ct.sendgrid.net/wf/click?upn=wUP7KVIjIv77NcN0AKCcHJXR612KyGcQpBD2BNeFM8w-3D_lBa7v2o5b2dBFosQ... HTTP 302
    http://bit.ly/RevRebill HTTP 301
    https://warriorplus.com/o2/a/wcg1j/0/scrbx Page URL
  2. https://warriorplus.com/o2/a/wcg1j/0/scrbx?nonce=9c667e6442b1b3f712a6daae549ac7c6838226bf HTTP 302
    https://warriorplus.com/o/view/cfsgn7/affc_wcg1j Page URL
  3. https://ticketymarketing.com/affiliate-rebill-riches-3-0/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

45
Requests

78 %
HTTPS

35 %
IPv6

24
Domains

28
Subdomains

20
IPs

6
Countries

279 kB
Transfer

1054 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u7518060.ct.sendgrid.net/wf/click?upn=wUP7KVIjIv77NcN0AKCcHJXR612KyGcQpBD2BNeFM8w-3D_lBa7v2o5b2dBFosQcE4zG0seR-2BaF8OpGmURp5hSGDHl8YIzNvhQd4FH7QEX8V11uPqAGyDwD7d3SOYbHwZPr-2BaMgCupcRNFWup1k9tT3ZBcWXRUhRKfycw77gFbr2YpPjm9y9Q5iNQARbFrpmI4KvmKG9hS-2FkmUiE1V24ANgwYvTa5ANYfKqLkJ6UurAqj5V2NwOA4bQ-2Fl-2FGfHRv-2BYUQcw-3D-3D HTTP 302
    http://bit.ly/RevRebill HTTP 301
    https://warriorplus.com/o2/a/wcg1j/0/scrbx Page URL
  2. https://warriorplus.com/o2/a/wcg1j/0/scrbx?nonce=9c667e6442b1b3f712a6daae549ac7c6838226bf HTTP 302
    https://warriorplus.com/o/view/cfsgn7/affc_wcg1j Page URL
  3. https://ticketymarketing.com/affiliate-rebill-riches-3-0/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://u7518060.ct.sendgrid.net/wf/click?upn=wUP7KVIjIv77NcN0AKCcHJXR612KyGcQpBD2BNeFM8w-3D_lBa7v2o5b2dBFosQcE4zG0seR-2BaF8OpGmURp5hSGDHl8YIzNvhQd4FH7QEX8V11uPqAGyDwD7d3SOYbHwZPr-2BaMgCupcRNFWup1k9tT3ZBcWXRUhRKfycw77gFbr2YpPjm9y9Q5iNQARbFrpmI4KvmKG9hS-2FkmUiE1V24ANgwYvTa5ANYfKqLkJ6UurAqj5V2NwOA4bQ-2Fl-2FGfHRv-2BYUQcw-3D-3D HTTP 302
  • http://bit.ly/RevRebill HTTP 301
  • https://warriorplus.com/o2/a/wcg1j/0/scrbx
Request Chain 1
  • https://warriorplus.com/o2/a/wcg1j/0/scrbx?nonce=9c667e6442b1b3f712a6daae549ac7c6838226bf HTTP 302
  • https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
Request Chain 12
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-74776-7&cid=2106948229.1573646826&jid=346591610&gjid=1870782743&_gid=403422369.1573646826&_u=aGBAgAAr~&z=34633714 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=2106948229.1573646826&jid=346591610&_v=j79&z=34633714 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=2106948229.1573646826&jid=346591610&_v=j79&z=34633714&slf_rd=1&random=1102328534
Request Chain 14
  • https://s.adroll.com/j/exp/KD3RBGHXH5DG3PI3RBAUIR/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 15
  • https://pixel-geo.prfct.co/tagjs?a_id=406&source=js_tag HTTP 302
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Request Chain 17
  • https://d.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&pv=55344242165.81766&cookie=&adroll_s_ref=https%3A//warriorplus.com/o2/a/wcg1j/0/scrbx&keyw=&arrfrr=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fcfsgn7%2Faffc_wcg1j HTTP 302
  • https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js
Request Chain 19
  • https://d.adroll.com/cm/r/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 20
  • https://d.adroll.com/cm/b/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
Request Chain 21
  • https://d.adroll.com/cm/x/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
Request Chain 22
  • https://d.adroll.com/cm/l/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=902114c9897c36b74ac50938431838b3
Request Chain 23
  • https://d.adroll.com/cm/o/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=902114c9897c36b74ac50938431838b3 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=902114c9897c36b74ac50938431838b3
Request Chain 24
  • https://d.adroll.com/cm/g/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=kCEUyYl8NrdKxQk4Qxg4sw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=kCEUyYl8NrdKxQk4Qxg4sw&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 27
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_fOifmpYMoi2YLFjUT
Request Chain 28
  • https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_fOifmpYMoi2YLFjUT&sigv=1&esig=2~24cd45f0da86dcfb7e4de8dfc8401209a49d2efe HTTP 302
  • https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_fOifmpYMoi2YLFjUT
Request Chain 29
  • https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_fOifmpYMoi2YLFjUT HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_fOifmpYMoi2YLFjUT
Request Chain 30
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_fOifmpYMoi2YLFjUT
Request Chain 31
  • https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfZk9pZm1wWU1vaTJZTEZqVVQ HTTP 302
  • https://pixel-geo.prfct.co/cb?partnerId=goo
Request Chain 33
  • https://secure.adnxs.com/seg?t=2&add=1083254 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D1083254 HTTP 302
  • https://secure.adnxs.com/seg?add=695885&t=2 HTTP 302
  • https://pixel-geo.prfct.co/seg/?add=695885 HTTP 302
  • https://pixel-geo.prfct.co/seg/?check_cookie=1&add=695885

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
scrbx
warriorplus.com/o2/a/wcg1j/0/
Redirect Chain
  • http://u7518060.ct.sendgrid.net/wf/click?upn=wUP7KVIjIv77NcN0AKCcHJXR612KyGcQpBD2BNeFM8w-3D_lBa7v2o5b2dBFosQcE4zG0seR-2BaF8OpGmURp5hSGDHl8YIzNvhQd4FH7QEX8V11uPqAGyDwD7d3SOYbHwZPr-2BaMgCupcRNFWup1k9...
  • http://bit.ly/RevRebill
  • https://warriorplus.com/o2/a/wcg1j/0/scrbx
17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warriorplus.com/o2/a/wcg1j/0/scrbx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.149.118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash
4a81cf17dcb1c3adbcf773f61fe0fd58c055e9e7418059d23c66d46a4bccbc00
Security Headers
Name Value
X-Frame-Options DENY

Request headers

:method
GET
:authority
warriorplus.com
:scheme
https
:path
/o2/a/wcg1j/0/scrbx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 13 Nov 2019 12:07:04 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2299a427f36d3c969c48b8851fa950ff1573646823; expires=Thu, 12-Nov-20 12:07:03 GMT; path=/; domain=.warriorplus.com; HttpOnly warriorplus=5efgtlq85h2gofeotun2cikn81; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gnr5wsc47cn0c82y; expires=Thu, 12-Nov-2020 12:07:04 GMT; Max-Age=31536000; path=/ wpg=gnr5wsc47cn0c82y; expires=Thu, 12-Nov-2020 12:07:04 GMT; Max-Age=31536000; path=/
x-powered-by
PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
DENY
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53509f87ca7cc82b-AMS
content-encoding
br

Redirect headers

Server
nginx
Date
Wed, 13 Nov 2019 12:07:03 GMT
Content-Type
text/html; charset=utf-8
Content-Length
129
Cache-Control
private, max-age=90
Location
https://warriorplus.com/o2/a/wcg1j/0/scrbx
Set-Cookie
_bit=jadc73-da8d829da1971228d9-00H; Domain=bit.ly; Expires=Mon, 11 May 2020 12:07:03 GMT
Via
1.1 google
affc_wcg1j
warriorplus.com/o/view/cfsgn7/
Redirect Chain
  • https://warriorplus.com/o2/a/wcg1j/0/scrbx?nonce=9c667e6442b1b3f712a6daae549ac7c6838226bf
  • https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.149.118 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
Resource Hash
a24736be0a08d498e0270e0e4200a2f7389a873d969f21744e669da81a1cbd46

Request headers

:method
GET
:authority
warriorplus.com
:scheme
https
:path
/o/view/cfsgn7/affc_wcg1j
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://warriorplus.com/o2/a/wcg1j/0/scrbx
accept-encoding
gzip, deflate, br
cookie
__cfduid=d2299a427f36d3c969c48b8851fa950ff1573646823; warriorplus=5efgtlq85h2gofeotun2cikn81; wpg=gnr5wsc47cn0c82y; affo_cfsgn7=187130247; affo2_83191=187130247
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://warriorplus.com/o2/a/wcg1j/0/scrbx

Response headers

status
200
date
Wed, 13 Nov 2019 12:07:05 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gnr5wsc47cn0c82y; expires=Thu, 12-Nov-2020 12:07:05 GMT; Max-Age=31536000; path=/
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53509f91ec7fc82b-AMS
content-encoding
br

Redirect headers

status
302
date
Wed, 13 Nov 2019 12:07:05 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.0.33-6+ubuntu14.04.1+deb.sury.org+3
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
DENY
set-cookie
TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ TOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ PASSWORD=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_aff=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ notifications_sales=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ wpg=gnr5wsc47cn0c82y; expires=Thu, 12-Nov-2020 12:07:05 GMT; Max-Age=31536000; path=/ wpg=gnr5wsc47cn0c82y; expires=Thu, 12-Nov-2020 12:07:05 GMT; Max-Age=31536000; path=/ affo_cfsgn7=187130247; expires=Fri, 13-Dec-2019 12:07:05 GMT; Max-Age=2592000; path=/ affo2_83191=187130247; expires=Fri, 13-Dec-2019 12:07:05 GMT; Max-Age=2592000; path=/
location
/o/view/cfsgn7/affc_wcg1j
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53509f8d1c4ec82b-AMS
Primary Request Cookie set /
ticketymarketing.com/affiliate-rebill-riches-3-0/ 		36 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ticketymarketing.com/affiliate-rebill-riches-3-0/
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.211.84.188 Dallas, United States, ASN63410 (PRIVATESYSTEMS - PrivateSystems Networks, US),
Reverse DNS
host.ticketymarketing.com
Software
Apache /
Resource Hash

Request headers

Host
ticketymarketing.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j

Response headers

Date
Wed, 13 Nov 2019 12:07:06 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Link
<https://ticketymarketing.com/wp-json/>; rel="https://api.w.org/", <https://ticketymarketing.com/?p=2129>; rel=shortlink
Set-Cookie
PHPSESSID=80vccsc4dk9ngi6utiqegljoo4; path=/ __ib2pgvar_2129=a; expires=Thu, 12-Nov-2020 12:07:11 GMT; Max-Age=31536000; path=/
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Content-Length
16588
Keep-Alive
timeout=5, max=100
Content-Type
text/html; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 12:07:05 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
480
etag
W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
53509f96693a59ca-VIE
expires
Thu, 14 Nov 2019 00:07:05 GMT
gtm.js
www.googletagmanager.com/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 12:07:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21869
x-xss-protection
0
expires
Wed, 13 Nov 2019 12:07:05 GMT
roundtrip.js
s.adroll.com/j/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
1fxjTbJ3jcJwCvMzmTRRhpDwI7pT4r.j
Content-Encoding
gzip
ETag
"303704ccccc53419523c3b4950b2ed3c"
x-amz-request-id
C88B9A91A5009177
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
11246
x-amz-id-2
GIZtnMawqs+/Ysg306PGGl2AHGoqGmTnvr666PsUVzyNkG/Sf1ZBjO9zDAujU43TKQd3V1UsYPc=
Last-Modified
Tue, 12 Nov 2019 23:56:54 GMT
Server
AmazonS3
Date
Wed, 13 Nov 2019 12:07:06 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
5265944071686a380300010a.js
tag.marinsm.com/serve/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.marinsm.com/serve/5265944071686a380300010a.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.65 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Cowboy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 12:07:06 GMT
Via
1.1 vegur, 1.1 varnish
X-Content-Type-Options
nosniff
Age
1162
X-Cache
HIT
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3586
X-Served-By
cache-fra19183-FRA
Server
Cowboy
X-Timer
S1573646826.063632,VS0,VE0
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Cache-Hits
1
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMGQ2M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5608
date
Wed, 13 Nov 2019 10:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 13 Nov 2019 12:33:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		122 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: warriorplus.com
URL: https://warriorplus.com/o2/a/wcg1j/0/scrbx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
27377
x-xss-protection
0
pragma
public
x-fb-debug
X9jNt0FnpEZa2EGrZ2hGGv9h/2MDUwkoDpLvlUr9kYYrwbDYsSRdspOBMcgIK40sVmB+Qqs9lrYybJD1ZfJQJA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 13 Nov 2019 12:07:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 11:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
888
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Wed, 13 Nov 2019 12:52:17 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 11:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1485
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1306
x-xss-protection
0
expires
Wed, 13 Nov 2019 12:42:20 GMT
661035823949763
connect.facebook.net/signals/config/ 		348 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/661035823949763?v=2.9.11&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
86576
x-xss-protection
0
pragma
public
x-fb-debug
oKOprx3mdUnztLwtQ+1P87Jj8QmY5JiukDDJHeAVuWmpN7KYassRZfjPnI8FWHqunHknuLnwyGsLYDz04DEOuQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 13 Nov 2019 12:07:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1484872058&t=pageview&_s=1&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fcfsgn7%2Faffc_wcg1j&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAr~&jid=346591610&gjid=1870782743&cid=2106948229.1573646826&tid=UA-74776-7&_gid=403422369.1573646826&gtm=2wgav3WMGQ2M&z=944331972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Oct 2019 22:23:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1086220
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-74776-7&cid=2106948229.1573646826&jid=346591610&gjid=1870782743&_gid=403422369.1573646826&_u=aGBAgAAr~&z=34633714
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=2106948229.1573646826&jid=346591610&_v=j79&z=34633714
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=2106948229.1573646826&jid=346591610&_v=j79&z=34633714&slf_rd=1&random=1102328534
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=2106948229.1573646826&jid=346591610&_v=j79&z=34633714&slf_rd=1&random=1102328534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-74776-7&cid=2106948229.1573646826&jid=346591610&_v=j79&z=34633714&slf_rd=1&random=1102328534
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=661035823949763&ev=PageView&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fcfsgn7%2Faffc_wcg1j&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fwcg1j%2F0%2Fscrbx&if=false&ts=1573646826029&sw=1600&sh=1200&v=2.9.11&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1573646826029.685655879&it=1573646826002&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 12:07:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Wed, 13 Nov 2019 12:07:06 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/KD3RBGHXH5DG3PI3RBAUIR/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ZcvUV7fi2pYauzG3S33lQ2iRDlqofIpe
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
56126E5B1B091B84
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
28
x-amz-id-2
HbLFGzmkVVQEc0n3U++kip1hEWPcXsv9h4PmXe3Fkd5VYf6EXS3GU1fCijvZH6FZjbTRCTkspAc=
Last-Modified
Tue, 12 Nov 2019 23:49:36 GMT
Server
AmazonS3
Date
Wed, 13 Nov 2019 12:07:06 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Wed, 13 Nov 2019 12:07:06 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
tagjs
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/tagjs?a_id=406&source=js_tag
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
83 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
83
Content-Type
text/javascript

Redirect headers

Location
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=406&source=js_tag
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
KD3RBGHXH5DG3PI3RBAUIR
d.adroll.com/consent/check/ 		86 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/KD3RBGHXH5DG3PI3RBAUIR?_s=3bc5b6aa1001a047f12ee4201496cf3b&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.198.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-198-186.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:06 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript
content-length
86
M5CWFZYDJZHPXPS7JF6KB3.js
s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/
Redirect Chain
  • https://d.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&pv=55344242165.81766&cookie=&adroll_s_ref=https%3A//warri...
  • https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
t5yLb0hIE3oP_XgkNAidEpLimnb3fFJy
Content-Encoding
gzip
ETag
"ee36f9774eaf2c0e780d5d0020092e32"
x-amz-request-id
0EDD3583CBFE6CFE
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1291
x-amz-id-2
wGtk9z08OEpLg5zuEmJX9xupv9X+57MnTtsHOg8KNDp9/8Xjd8DqiUqeXJX9ZQJ1d3V4k1GprFI=
Last-Modified
Wed, 23 Oct 2019 23:01:15 GMT
Server
AmazonS3
Date
Wed, 13 Nov 2019 12:07:06 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

date
Wed, 13 Nov 2019 12:07:06 GMT
x-segment-display-name
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
content-length
0
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.16.1
x-rule
*
x-segment-eid
M5CWFZYDJZHPXPS7JF6KB3
location
https://s.adroll.com/pixel/KD3RBGHXH5DG3PI3RBAUIR/FKQRAFP6HZHONOPBPNAQUD/M5CWFZYDJZHPXPS7JF6KB3.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
FKQRAFP6HZHONOPBPNAQUD
x-segment-name
*
x-advertisable-eid
KD3RBGHXH5DG3PI3RBAUIR
x-conversion-currency
1425266997788380
connect.facebook.net/signals/config/ 		348 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1425266997788380?v=2.9.11&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Gy5zYB1RKbNMKPtOTE1hXRGNx2YIZvFS/o2nkAR9Q2roBtFDyK3/bQRRLdoecKO7t2RZxcoAcm5Y1hX9tjiDTA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Wed, 13 Nov 2019 12:07:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
in
d.adroll.com/cm/r/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.198.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-198-186.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:06 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42

Redirect headers

Date
Wed, 13 Nov 2019 12:07:06 GMT
X-Content-Type-Options
nosniff
Server
ATS
Age
0
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.102.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-58-102-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 13 Nov 2019 12:07:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Wed, 13 Nov 2019 12:07:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
  • https://ib.adnxs.com/setuid?entity=172&code=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
0
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=172&code=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 12:07:08 GMT
X-Proxy-Origin
109.236.94.21; 109.236.94.21; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.115:80
AN-X-Request-Uuid
e51bb43b-89bb-490f-ae25-f2ba85cd8245
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:06 GMT
server
nginx/1.16.1
status
302
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ib.adnxs.com/setuid?entity=172&code=OTAyMTE0Yzk4OTdjMzZiNzRhYzUwOTM4NDMxODM4YjM
cache-control
no-store, no-cache, must-revalidate
content-length
93
377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
  • https://idsync.rlcdn.com/377928.gif?partner_uid=902114c9897c36b74ac50938431838b3
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=902114c9897c36b74ac50938431838b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Wed, 13 Nov 2019 12:07:06 GMT
via
1.1 google
alt-svc
clear

Redirect headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:06 GMT
server
nginx/1.16.1
status
302
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://idsync.rlcdn.com/377928.gif?partner_uid=902114c9897c36b74ac50938431838b3
cache-control
no-store, no-cache, must-revalidate
content-length
86
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=902114c9897c36b74ac50938431838b3
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=902114c9897c36b74ac50938431838b3
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=902114c9897c36b74ac50938431838b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:08 GMT
via
1.1 google
server
OXGW/16.167.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 13 Nov 2019 12:07:08 GMT
via
1.1 google
server
OXGW/16.167.1
status
302
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=902114c9897c36b74ac50938431838b3
alt-svc
clear
content-length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=857e6492353b87ead537c7d618dd04ab-1573646826317&xid_ch=f&advertisable=KD3RBGHXH5DG3PI3RBAUIR&google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=kCEUyYl8NrdKxQk4Qxg4sw
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=kCEUyYl8NrdKxQk4Qxg4sw&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.198.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-198-186.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:06 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:06 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1425266997788380&ev=PageView&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fcfsgn7%2Faffc_wcg1j&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fwcg1j%2F0%2Fscrbx&if=false&ts=1573646826465&cd[segment_eid]=M5CWFZYDJZHPXPS7JF6KB3&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=29&fbp=fb.1.1573646826029.685655879&it=1573646826002&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 12:07:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Wed, 13 Nov 2019 12:07:06 GMT
/
www.facebook.com/tr/ 		44 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=661035823949763&ev=Microdata&dl=https%3A%2F%2Fwarriorplus.com%2Fo%2Fview%2Fcfsgn7%2Faffc_wcg1j&rl=https%3A%2F%2Fwarriorplus.com%2Fo2%2Fa%2Fwcg1j%2F0%2Fscrbx&if=false&ts=1573646826532&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwarriorplus.comhttps%3A%2F%2Fticketymarketing.com%2Faffiliate-rebill-riches-3-0%2F%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.11&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1573646826029.685655879&it=1573646826002&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 12:07:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Wed, 13 Nov 2019 12:07:06 GMT
adsct
analytics.twitter.com/i/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_fOifmpYMoi2YLFjUT
43 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_fOifmpYMoi2YLFjUT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 12:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Wed, 13 Nov 2019 12:07:07 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
29bfd4128fab031b8e0374b801965c00
x-transaction
00464e8a00f2607c
expires
Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_fOifmpYMoi2YLFjUT
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cb
pixel.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=yah
  • https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_fOifmpYMoi2YLFjUT&sigv=1&esig=2~24cd45f0da86dcfb7e4de8dfc8401209a49d2efe
  • https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_fOifmpYMoi2YLFjUT
43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_fOifmpYMoi2YLFjUT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.81.196.225 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-81-196-225.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Wed, 13 Nov 2019 12:07:07 GMT
X-Content-Type-Options
nosniff
Server
ATS
Age
0
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_fOifmpYMoi2YLFjUT
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=opx
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_fOifmpYMoi2YLFjUT
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_fOifmpYMoi2YLFjUT
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_fOifmpYMoi2YLFjUT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.1 /
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:08 GMT
via
1.1 google
server
OXGW/16.167.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 13 Nov 2019 12:07:08 GMT
via
1.1 google
server
OXGW/16.167.1
status
302
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_fOifmpYMoi2YLFjUT
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_fOifmpYMoi2YLFjUT
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_fOifmpYMoi2YLFjUT
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_fOifmpYMoi2YLFjUT
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cb
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=goo
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfZk9pZm1wWU1vaTJZTEZqVVQ
  • https://pixel-geo.prfct.co/cb?partnerId=goo
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/cb?partnerId=goo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Nov 2019 12:07:07 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pixel-geo.prfct.co/seg/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/seg/?add=1083254&source=js_tag&a_id=406
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif
/
pixel-geo.prfct.co/seg/
Redirect Chain
  • https://secure.adnxs.com/seg?t=2&add=1083254
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D1083254
  • https://secure.adnxs.com/seg?add=695885&t=2
  • https://pixel-geo.prfct.co/seg/?add=695885
  • https://pixel-geo.prfct.co/seg/?check_cookie=1&add=695885
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/seg/?check_cookie=1&add=695885
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.172.232 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-172-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://warriorplus.com/o/view/cfsgn7/affc_wcg1j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://pixel-geo.prfct.co/seg/?check_cookie=1&add=695885
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
autoptimize_b1bd6152b978494ab924e90f4ec76c67.css
ticketymarketing.com/wp-content/cache/autoptimize/css/ 		0
0
autoptimize_single_801e85cfcd618b566bc76d14b87d8228.css
ticketymarketing.com/wp-content/cache/autoptimize/css/ 		0
0
cbfg21291573554344.min.css
ticketymarketing.com/wp-content/uploads/essential-addons-elementor/ 		0
0
css
fonts.googleapis.com/ 		0
0
autoptimize_single_774c0dd3aa1a7c639fa478d4177dee9a.css
ticketymarketing.com/wp-content/cache/autoptimize/css/ 		0
0
css
fonts.googleapis.com/ 		0
0
jquery.js
ticketymarketing.com/wp-includes/js/jquery/ 		0
0
Val-Wilson-bw-pic-3-o0kgcdso7inlkd7dcn8te3dbdt81ujqljerr3ycknm.png
cdn.shortpixel.ai/client/q_glossy,ret_img/https://ticketymarketing.com/wp-content/uploads/elementor/thumbs/ 		0
0
rev1-1-1024x538.png
cdn.shortpixel.ai/client/q_glossy,ret_img,w_1024/https://ticketymarketing.com/wp-content/uploads/2015/12/ 		0
0
rev2-1024x455.png
cdn.shortpixel.ai/client/q_glossy,ret_img,w_1024/https://ticketymarketing.com/wp-content/uploads/2015/12/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ticketymarketing.com
URL
https://ticketymarketing.com/wp-content/cache/autoptimize/css/autoptimize_b1bd6152b978494ab924e90f4ec76c67.css
Domain
ticketymarketing.com
URL
https://ticketymarketing.com/wp-content/cache/autoptimize/css/autoptimize_single_801e85cfcd618b566bc76d14b87d8228.css?ver=1572560642
Domain
ticketymarketing.com
URL
https://ticketymarketing.com/wp-content/uploads/essential-addons-elementor/cbfg21291573554344.min.css?ver=3.5.2
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C500%2C700%7CMontserrat%3A300%2C400%2C500%2C700%26subset%3Dlatin%2Clatin-ext&ver=5.040
Domain
ticketymarketing.com
URL
https://ticketymarketing.com/wp-content/cache/autoptimize/css/autoptimize_single_774c0dd3aa1a7c639fa478d4177dee9a.css?ver=1572560640
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.2.4
Domain
ticketymarketing.com
URL
https://ticketymarketing.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Domain
cdn.shortpixel.ai
URL
https://cdn.shortpixel.ai/client/q_glossy,ret_img/https://ticketymarketing.com/wp-content/uploads/elementor/thumbs/Val-Wilson-bw-pic-3-o0kgcdso7inlkd7dcn8te3dbdt81ujqljerr3ycknm.png
Domain
cdn.shortpixel.ai
URL
https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_1024/https://ticketymarketing.com/wp-content/uploads/2015/12/rev1-1-1024x538.png
Domain
cdn.shortpixel.ai
URL
https://cdn.shortpixel.ai/client/q_glossy,ret_img,w_1024/https://ticketymarketing.com/wp-content/uploads/2015/12/rev2-1024x455.png

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

3 Cookies

Domain/Path Name / Value
warriorplus.com/ Name: wpg
Value: gnr5wsc47cn0c82y
warriorplus.com/ Name: warriorplus
Value: 5efgtlq85h2gofeotun2cikn81
.warriorplus.com/ Name: __cfduid
Value: d2299a427f36d3c969c48b8851fa950ff1573646823

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY