mastermindescapegames.com Open in urlscan Pro
185.151.30.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001Y0UxzbHmze5C8eZLQTwzdWIrzPc8ZLBT31QCrljq3pxAJvEDiUSNEdbKUaRG6BPoTsTTNRLwbUF3hGRKwO5z...
Effective URL:
https://mastermindescapegames.com/august-buy-voucher/
Submission: On February 16 via api (February 16th 2024, 1:09:26 am UTC) from CA — Scanned from CA

Summary HTTP 51 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 51 HTTP transactions. The main IP is 185.151.30.166, located in United Kingdom and belongs to TWENTYI, GB. The main domain is mastermindescapegames.com.
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.

This is the only time mastermindescapegames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
10	185.151.30.166 185.151.30.166	48254 (TWENTYI) (TWENTYI)
2	142.251.40.168 142.251.40.168	15169 (GOOGLE) (GOOGLE)
1	142.250.65.170 142.250.65.170	15169 (GOOGLE) (GOOGLE)
4	138.199.40.58 138.199.40.58	60068 (CDN77 _) (CDN77 _)
1	167.88.120.152 167.88.120.152	3842 (RAMNODE) (RAMNODE)
6	142.250.81.227 142.250.81.227	15169 (GOOGLE) (GOOGLE)
3	142.251.40.238 142.251.40.238	15169 (GOOGLE) (GOOGLE)
16	172.82.131.10 172.82.131.10	46261 (QUICKPACKET) (QUICKPACKET)
3	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
2	142.250.65.163 142.250.65.163	15169 (GOOGLE) (GOOGLE)
1	142.251.41.4 142.251.41.4	15169 (GOOGLE) (GOOGLE)
51	12

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.151.30.166 (United Kingdom)

ASN48254 (TWENTYI, GB)
PTR: 185-151-30-166.ptr4.stackcp.net

mastermindescapegames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.170 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.199.40.58 (New York, United States)

ASN60068 (CDN77 _, GB)
PTR: 138-199-40-58.bunnyinfra.net

hb.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.88.120.152 (United States)

ASN3842 (RAMNODE, US)
PTR: east-terms.com

bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.81.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.238 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.82.131.10 (Ashburn, United States)

ASN46261 (QUICKPACKET, US)
PTR: srv-1557q.bookeo.com

www-1557q.bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.156 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.163 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.4 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	bookeo.com bookeo.com — Cisco Umbrella Rank: 158301 www-1557q.bookeo.com	708 KB
10	mastermindescapegames.com mastermindescapegames.com	140 KB
6	gstatic.com fonts.gstatic.com	211 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 177 www.google.com — Cisco Umbrella Rank: 2	767 B
4	wpmucdn.com hb.wpmucdn.com — Cisco Umbrella Rank: 51402	150 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8927	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113	402 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	162 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	3 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 9189	371 B
51	11

	Domain	Requested by
16	www-1557q.bookeo.com	bookeo.com www-1557q.bookeo.com
10	mastermindescapegames.com	mastermindescapegames.com hb.wpmucdn.com
6	fonts.gstatic.com	fonts.googleapis.com
4	hb.wpmucdn.com	mastermindescapegames.com
3	analytics.google.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com mastermindescapegames.com
2	www.google.ca	mastermindescapegames.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	mastermindescapegames.com www.googletagmanager.com
1	www.google.com	mastermindescapegames.com
1	bookeo.com	mastermindescapegames.com
1	fonts.googleapis.com	mastermindescapegames.com
1	r20.rs6.net	1 redirects
51	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.mastermindescapegames.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.wpmucdn.com RapidSSL TLS RSA CA G1	`2023-03-24` - `2024-03-23`	a year	crt.sh
*.bookeo.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-08` - `2024-03-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mastermindescapegames.com/august-buy-voucher/
Frame ID: EE372835987566CD309D1131A1D50560
Requests: 35 HTTP requests in this frame

Frame: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default751&xdm_p=1
Frame ID: 54F0D1165AC173EE5CA4248BD8ABA445
Requests: 3 HTTP requests in this frame

Frame: https://www-1557q.bookeo.com/bookeo/startroute_415577FJ9CH155E5DC1680?ralias=true&axiomframed=true&inwidget=true&a=415577FJ9CH155E5DC1680&startmode=buyvoucher&aguid=415577FJ9CH155E5DC1680&axiom_bid=utejxjtwwjlceunr&w=299269885&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&m=252e3b1d1a1b
Frame ID: F58DFDF6305DE26F9B0242612F90154E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

August Buy Voucher - Mastermind Escape Rooms

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001Y0UxzbHmze5C8eZLQTwzdWIrzPc8ZLBT31QCrljq3pxAJvEDiUSNEdbKUaRG6BPo... HTTP 302
https://mastermindescapegames.com/august-buy-voucher/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

51
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1397 kB
Transfer

3690 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Mastermind-Escape-Games-GA-1722277701335819/

Search URL Search Domain Scan URL

URL: https://twitter.com/MMEscapeGames

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mastermindescapegames/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7UZe24wV3KbNYUtd6vcxg/featured

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001Y0UxzbHmze5C8eZLQTwzdWIrzPc8ZLBT31QCrljq3pxAJvEDiUSNEdbKUaRG6BPoTsTTNRLwbUF3hGRKwO5zknZu4SQ103hJql3gNexFvNFGm5m7Zii5W2EcCGVUrDftD4u96r19XOyf1VsorQKAv4ac_Y8P7jvJlDNTd0xw9Zbei8vicwffcpSxhpSqPc0o&c=aLQGmy607PDqk9UXMv77-fZdV2wlgR7zkbEmx95VsbOj_Y8NWcdYGA==&ch=tttz22Ib6zAcIfCcb1YqOU7IhxzUIIj7DGyBVoyfbG3I-3lYzDo0cQ== HTTP 302
https://mastermindescapegames.com/august-buy-voucher/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mastermindescapegames.com/august-buy-voucher/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001Y0UxzbHmze5C8eZLQTwzdWIrzPc8ZLBT31QCrljq3pxAJvEDiUSNEdbKUaRG6BPoTsTTNRLwbUF3hGRKwO5zknZu4SQ103hJql3gNexFvNFGm5m7Zii5W2EcCGVUrDftD4u96r19XOyf1VsorQKAv4ac_Y8P7jvJlDNTd...
https://mastermindescapegames.com/august-buy-voucher/

20 KB
6 KB

196ms
33ms

Document
text/html

185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache / PHP/7.4.33
Resource Hash: af796a1ab8a01a89ddcf86427a79568a4d60fb4715e77055e6d310f90fff261f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, s-maxage=216000 max-age=86400
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 16 Feb 2024 01:09:21 GMT
expires: Sat, 17 Feb 2024 01:08:18 GMT
hummingbird-cache: Served
link: <https://mastermindescapegames.com/wp-json/>; rel="https://api.w.org/", <https://mastermindescapegames.com/wp-json/wp/v2/pages/9428>; rel="alternate"; type="application/json", <https://mastermindescapegames.com/?p=9428>; rel=shortlink
server: Apache
vary: Accept-Encoding X-StackProtect-Limiter-Role,Accept-Encoding
x-cache-enabled: true
x-cdn-cache-status: HIT
x-origin-cache-status: HIT
x-powered-by: PHP/7.4.33
x-provided-by: StackCDN
x-stackcache-cacheable: yes
x-via: ASH1

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 16 Feb 2024 01:09:21 GMT
Location: https://mastermindescapegames.com/august-buy-voucher/
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 113ms
53ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3fae66817fd4e202ea4ddd9fd69a3bcc6c0eb80d3d6163a4522589f36827bd3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 01:09:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
3 KB 104ms
44ms Stylesheet
text/css 142.250.65.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic%7CPT+Sans%3A400italic%2C700italic%2C400%2C700%7CLato%3A300italic%2C300%7CMuli%3A300%2C300italic&ver=1.0

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f10.1e100.net

Software

ESF /

Resource Hash

bdf1da1fe405fcd109383d584c4edfbbe63a1ba281d8c40f5ea1ee3fb257fd51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 01:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 01:09:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 01:09:21 GMT

GET
H2 200 67ad3c90-67ac-446c-a6f7-15d1c4d98f63.css
hb.wpmucdn.com/mastermindescapegames.com/ 269 KB
50 KB 105ms
46ms Stylesheet
text/css 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/67ad3c90-67ac-446c-a6f7-15d1c4d98f63.css
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: ee9cfefbf86baf5ba013b1d619e5e430115bd6b2ce9ea4b0f0df3e655f52fbae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/15/2024 14:45:20
cdn-pullzone: 1101156
last-modified: Thu, 15 Feb 2024 06:24:59 GMT
server: BunnyCDN-NY1-885
x-amz-meta-hb-minify: minify=0.0%, origSize=109898
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"e41d2aabba5473b78bc3aa2c4e20ee85"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f4ec83386236261373623da401f9fd4d
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 34dddaa3-f6a5-46cc-a407-814aa29d0407.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 99 KB
37 KB 92ms
34ms Script
application/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/34dddaa3-f6a5-46cc-a407-814aa29d0407.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/15/2024 14:45:20
cdn-pullzone: 1101156
last-modified: Thu, 15 Feb 2024 06:25:00 GMT
server: BunnyCDN-NY1-885
x-amz-meta-hb-minify: minify=0.0%, origSize=87553
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"4f37101ff3ee8f069d1ca3852ffbbf18"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 38788bb9674f79503a1beff1fe2aa853
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 e1ac0235-875b-4248-94fc-6c8b0b02a248.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 134 KB
43 KB 105ms
46ms Script
application/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/e1ac0235-875b-4248-94fc-6c8b0b02a248.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 1717563adc25178aca7302724a4329aa4e4aabb9e3ae93f892a9990c9d05fea1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/15/2024 14:45:20
cdn-pullzone: 1101156
last-modified: Thu, 15 Feb 2024 06:25:02 GMT
server: BunnyCDN-NY1-885
x-amz-meta-hb-minify: minify=1.5%, origSize=21070
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"b8654eb821c84782d605bf8cbcfee519"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 6e5f652d5edf16495f6323d56d196a72
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 nav-logo.jpg
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 5 KB
5 KB 34ms
33ms Image
image/jpeg 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/nav-logo.jpg
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: e4f0da36ba04aac07d40d906e0f76ed04dc1ee86c56ffdf5c2306980277c7039

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "1419-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/jpeg
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5145
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 responsive-menu-icon.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 237 B
502 B 35ms
35ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/responsive-menu-icon.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 67c14596c1956697b6f7dd0f7f67cb4f50118d70608ca2a16dee3364d679535d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "ed-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 237
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:56 GMT

GET
H2 200 widget.js Show response
bookeo.com/ 111 KB
24 KB 124ms
37ms Script
text/javascript 167.88.120.152
RAMNODE

General

Check archive.org

Show headers Download Go to

Full URL

https://bookeo.com/widget.js?a=415577FJ9CH155E5DC1680&startmode=buyvoucher

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.88.120.152 , United States, ASN3842 (RAMNODE, US),

Reverse DNS

east-terms.com

Software

Resource Hash

06500202b97c8db0db10135d4d90f1d041d688bc3a0dec52408a9c02c9b15b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/footer/ 57 KB
58 KB 33ms
33ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/footer/logo.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 2b1e0ecdd104445637dac412934d2e088639b151908a25afece5d0cfa31df03f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "e5de-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 58846
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 TA-Award2023.jpg
mastermindescapegames.com/wp-content/uploads/2023/12/ 66 KB
67 KB 35ms
34ms Image
image/jpeg 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2023/12/TA-Award2023.jpg
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: b1619d3df21b66e8c20bd61a03d42c9d8eb6f371f2c3713dbd6c38005a341053

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
last-modified: Sat, 16 Dec 2023 21:38:00 GMT
server: Apache
etag: "109dc-60ca754b036fc"
x-cdn-cache-status: HIT
content-type: image/jpeg
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 68060
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 icon-facebook.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 344 B
610 B 37ms
36ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-facebook.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 140884f9d4db6142c411cc9b0249c7b3661ad04d7c1c76b538bc7d4a6a1896fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "158-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 344
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 icon-twitter.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 370 B
636 B 45ms
44ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-twitter.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: d5479f9f1e8b9af94b2320d3deaab72e3a71c5adc6dffb1d39c5b4487bd6e407

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:19 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "172-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 370
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 icon-insta.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 335 B
601 B 35ms
35ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-insta.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: a19e9cf0b99054e9c1a6fdc2289491c63a3fef977ad661b1d2532a575a99874c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "14f-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 335
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 youtube-icon.png
mastermindescapegames.com/wp-content/uploads/2016/06/ 1 KB
2 KB 35ms
35ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/06/youtube-icon.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 50b9097027b8ceb680e172b8ed6ad7f8495c4642f8fa6f5c2c01470dbc307495

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:19 GMT
last-modified: Tue, 14 Jun 2016 19:24:21 GMT
server: Apache
etag: "5fa-53541f3ae8340"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1530
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 e336e7b1-5976-4114-9129-eadd5c692082.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 57 KB
20 KB 25ms
24ms Script
application/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/e336e7b1-5976-4114-9129-eadd5c692082.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 73c87f36b805db1de70262fdb381b78500767d72c2a0a09dbcc5c1efc8b02954

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/15/2024 14:45:20
cdn-pullzone: 1101156
last-modified: Thu, 15 Feb 2024 06:25:02 GMT
server: BunnyCDN-NY1-885
x-amz-meta-hb-minify: minify=0.0%, origSize=57925
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"cc3ea88605b54322a605c2796fb8a804"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: d2bf72d8ffee76cd4d1ec2484dbfeffa
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 90ms
27ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic%7CPT+Sans%3A400italic%2C700italic%2C400%2C700%7CLato%3A300italic%2C300%7CMuli%3A300%2C300italic&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 19:36:19 GMT
x-content-type-options: nosniff
age: 19982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 19:36:19 GMT

GET
H2 200 location-selector-arrow.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 170 B
436 B 36ms
35ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/location-selector-arrow.png
Requested by: Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/mastermindescapegames.com/67ad3c90-67ac-446c-a6f7-15d1c4d98f63.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 7ca40cacffbd24fd9488767a3989a1b8364fba4170659edffa0b8ebd6ca955e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hb.wpmucdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "aa-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 170
x-origin-cache-status: MISS
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:16:19 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 75ms
43ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:28:36 GMT
x-content-type-options: nosniff
age: 16845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 20:28:36 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 93ms
62ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:10:34 GMT
x-content-type-options: nosniff
age: 61127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 08:10:34 GMT

GET
H2 200 jizdRExUiTo99u79D0e8fOydLxUd.woff2
fonts.gstatic.com/s/ptsans/v17/ 32 KB
32 KB 84ms
53ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizdRExUiTo99u79D0e8fOydLxUd.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:01:01 GMT
x-content-type-options: nosniff
age: 36500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32964
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:01:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
92 KB 51ms
49ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bca61ceede1bba137900c2d8ed1bd5882c8a72b6832d9e7b27a6567eb00522ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:09:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 01:09:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 85ms
25ms Script
text/javascript 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Feb 2024 00:06:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3759
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 16 Feb 2024 02:06:43 GMT

GET
H2 200 7Aulp_0qiz-aVz7u3PJLcUMYOFmQkEk30eg.woff2
fonts.gstatic.com/s/muli/v29/ 18 KB
18 KB 57ms
56ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Aulp_0qiz-aVz7u3PJLcUMYOFmQkEk30eg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

dfc55d536c0d9bed29a8396fc392f874410e2feae0ad97d081fb0b6b880e3f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 09:02:16 GMT
x-content-type-options: nosniff
age: 144425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18564
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:42:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 09:02:16 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 58ms
58ms Font
font/woff2 142.250.81.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 15:26:18 GMT
x-content-type-options: nosniff
age: 34983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 15:26:18 GMT

GET
H/1.1 200
OK -misc-widgetProvider.html Show response
www-1557q.bookeo.com/ Frame 54F0 702 B
845 B 178ms
36ms Document
text/html 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default751&xdm_p=1

Requested by

Host: bookeo.com
URL: https://bookeo.com/widget.js?a=415577FJ9CH155E5DC1680&startmode=buyvoucher

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

7ef886b540dadd3bdd1c11f7e701ff881f805570b7d25dd68cbac80a3ad45473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mastermindescapegames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 363
Content-Type: text/html;charset=utf-8
Date: Fri, 16 Feb 2024 01:09:22 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1557q_18daf75fe53

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 89ms
37ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je42e0v890886590za200&_p=1708045761761&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1983258032.1708045762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708045762&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&dt=August%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&tfd=706
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 01:09:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 106ms
40ms Ping
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P32SMH4GWQ&cid=1983258032.1708045762&gtm=45je42e0v890886590za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 01:09:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 148ms
90ms Image
image/gif 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P32SMH4GWQ&cid=1983258032.1708045762&gtm=45je42e0v890886590za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=684182488

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 01:09:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 39ms
39ms XHR
text/plain 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1869118490&t=pageview&_s=1&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&ul=en-us&de=UTF-8&dt=August%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1127124940&gjid=1258023629&cid=1983258032.1708045762&tid=UA-84554046-2&_gid=1320494976.1708045762&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=119910205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mastermindescapegames.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 01:09:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 47ms
39ms XHR
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-84554046-2&cid=1983258032.1708045762&jid=1127124940&gjid=1258023629&_gid=1320494976.1708045762&_u=YADAAUAAAAAAACAAI~&z=1520672422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mastermindescapegames.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Feb 2024 01:09:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK easyXDM.min.js Show response
www-1557q.bookeo.com/bookeo/js-14.4.35/widgetcomm/ Frame 54F0 99 KB
19 KB 52ms
52ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/js-14.4.35/widgetcomm/easyXDM.min.js

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default751&xdm_p=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default751&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18daf75fe7b
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 19528
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1557q.bookeo.com/bookeo/js-14.4.35/ Frame 54F0 733 KB
204 KB 91ms
37ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/js-14.4.35/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

7f6cb7fd97c648dc296aa4c6c8689ffee046ea9cf2917a4311cc3e7d8f22d00d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default751&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18daf75feb1
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 208255
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 153ms
90ms Image
image/gif 142.251.41.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-84554046-2&cid=1983258032.1708045762&jid=1127124940&_u=YADAAUAAAAAAACAAI~&z=1236298675

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 01:09:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 90ms
89ms Image
image/gif 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-84554046-2&cid=1983258032.1708045762&jid=1127124940&_u=YADAAUAAAAAAACAAI~&z=1236298675

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 01:09:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK startroute_415577FJ9CH155E5DC1680 Show response
www-1557q.bookeo.com/bookeo/ Frame F58D 15 KB
4 KB 56ms
56ms Document
text/html 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/startroute_415577FJ9CH155E5DC1680?ralias=true&axiomframed=true&inwidget=true&a=415577FJ9CH155E5DC1680&startmode=buyvoucher&aguid=415577FJ9CH155E5DC1680&axiom_bid=utejxjtwwjlceunr&w=299269885&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&m=252e3b1d1a1b

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/js-14.4.35/bundle_customer_ui2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

8dda1bd16592f2b802d118582e286da7fa2ce119384352f43380a58ee615a248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default751&xdm_p=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 3002
Content-Type: text/html;charset=utf-8
Date: Fri, 16 Feb 2024 01:09:22 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1557q_18daf75ff2d

GET
H/1.1 200
OK css
www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/ Frame F58D 22 KB
2 KB 84ms
82ms Stylesheet
text/css 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/startroute_415577FJ9CH155E5DC1680?ralias=true&axiomframed=true&inwidget=true&a=415577FJ9CH155E5DC1680&startmode=buyvoucher&aguid=415577FJ9CH155E5DC1680&axiom_bid=utejxjtwwjlceunr&w=299269885&t=dXCqD0y7aRXMsonv6YljxslHYAylhblnGCLobrTKn4A%3D&c=02r&m=252e3b1d1a1b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

7adacb7acf53beaf8238a298258f92fa112e6b513222964af3de35352a356fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Bookeo-ResponseId: 1557q_18daf75ff6a
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400, no-transform
Expires: Sat, 17 Feb 2024 01:09:22 GMT

GET
H/1.1 200
OK bundle_customer_ui2.css
www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/ Frame F58D 227 KB
38 KB 53ms
52ms Stylesheet
text/css 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/bundle_customer_ui2.css?bp_a=415577FJ9CH155E5DC1680&bp_v=1645057281307

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

2b954304f664a19991cc9cfd4788386990c00cc8b579823bec00a5f19c8dcba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18daf75ff6a
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 38395
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1557q.bookeo.com/bookeo/js-14.4.35/ Frame F58D 733 KB
204 KB 96ms
36ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/js-14.4.35/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

7f6cb7fd97c648dc296aa4c6c8689ffee046ea9cf2917a4311cc3e7d8f22d00d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18daf75ffa5
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 208255
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK axiom_en_US.js Show response
www-1557q.bookeo.com/bookeo/js-14.4.35/i18n/ Frame F58D 68 KB
14 KB 100ms
34ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/js-14.4.35/i18n/axiom_en_US.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

8079786fbd0feb7430edc912b35269847527a8d9eaa0f3e026e0b395717f508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18daf75ffaa
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 13557
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK cbpreferences.js Show response
www-1557q.bookeo.com/bookeo/dynjs/ Frame F58D 13 KB
6 KB 103ms
37ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/dynjs/cbpreferences.js?ver=1705591969343&aid=1366329&languageCode=en_US&v=14.4.35

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

ee0e2caa68b054767efe3ee44ec27ea7d82cb484478e4be402029404fb10802b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18daf75ffac
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 6047
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK select-arrow-round-light.png
www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/cssimages/ Frame F58D 289 B
652 B 33ms
32ms Image
image/png 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/cssimages/select-arrow-round-light.png

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/bundle_customer_ui2.css?bp_a=415577FJ9CH155E5DC1680&bp_v=1645057281307

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/bundle_customer_ui2.css?bp_a=415577FJ9CH155E5DC1680&bp_v=1645057281307
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 04 Feb 2024 03:35:28 GMT
X-Bookeo-ResponseId: 1557q_18daf760013
Content-Type: image/png;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Accept-Ranges: bytes
Content-Length: 289
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/ Frame F58D 47 KB
47 KB 52ms
51ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Sat, 15 Feb 2025 01:09:22 GMT
Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18daf760013
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/ Frame F58D 35 KB
35 KB 37ms
37ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Sat, 15 Feb 2025 01:09:22 GMT
Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18daf76001a
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/ Frame F58D 16 KB
16 KB 34ms
33ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Sat, 15 Feb 2025 01:09:22 GMT
Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18daf76001b
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/ Frame F58D 46 KB
46 KB 53ms
52ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Sat, 15 Feb 2025 01:09:22 GMT
Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18daf76001b
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/ Frame F58D 21 KB
21 KB 58ms
33ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

131c390d2291abc752740f06581a01baf1774279764ad0d3c08f45c5a33c4772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Sat, 15 Feb 2025 01:09:22 GMT
Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18daf760034
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/ Frame F58D 26 KB
26 KB 67ms
33ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/NqLVxHJQ/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Sat, 15 Feb 2025 01:09:22 GMT
Date: Fri, 16 Feb 2024 01:09:22 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18daf76003d
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 37ms
35ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je42e0v890886590za200&_p=1708045761761&gcd=13l3l3l3l1&npa=0&dma=0&cid=1983258032.1708045762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1708045762&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&dt=August%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&en=scroll&epn.percent_scrolled=90&_et=5&tfd=1210
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 01:09:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 36ms
35ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je42e0v890886590za200&_p=1708045761761&gcd=13l3l3l3l1&npa=0&dma=0&cid=1983258032.1708045762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=3&dp=%2Fbookeo%2Fbooking-type&dt=%2Fbookeo%2Fbooking-type&sid=1708045762&sct=1&seg=1&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&en=page_view&_c=1&_ee=1&_et=487&tfd=1210
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 01:09:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
27ms Image
image/gif 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1869118490&t=pageview&_s=2&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&dp=%2Fbookeo%2Fbooking-type&ul=en-us&de=UTF-8&dt=%2Fbookeo%2Fbooking-type&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACACI~&jid=&gjid=&cid=1983258032.1708045762&tid=UA-84554046-2&_gid=1320494976.1708045762&gtm=457e42e0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=415080044

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 00:14:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3313
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mastermindescapegames.com/	1970-01-21 04:03:25	Name: _ga Value: GA1.2.1983258032.1708045762
.mastermindescapegames.com/	1970-01-20 18:28:52	Name: _gid Value: GA1.2.1320494976.1708045762
.mastermindescapegames.com/	1970-01-20 18:27:25	Name: _gat_gtag_UA_84554046_2 Value: 1
www-1557q.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID Value: 25sczyrquvew9u8oqhjfs85j74339
www-1557q.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID2 Value: WJ6NPLCWTEJ6ATKUHNF37PKTKLWUMX9P
.mastermindescapegames.com/	1970-01-21 04:03:25	Name: _ga_P32SMH4GWQ Value: GS1.1.1708045762.1.1.1708045762.60.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://bookeo.com/widget.js?a=415577FJ9CH155E5DC1680&startmode=buyvoucher(Line 489) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bookeo.com
fonts.googleapis.com
fonts.gstatic.com
hb.wpmucdn.com
mastermindescapegames.com
r20.rs6.net
stats.g.doubleclick.net
www-1557q.bookeo.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
138.199.40.58
142.250.31.156
142.250.65.163
142.250.65.170
142.250.81.227
142.251.40.168
142.251.40.238
142.251.41.4
167.88.120.152
172.82.131.10
185.151.30.166
208.75.122.11
216.239.32.181
001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0
06500202b97c8db0db10135d4d90f1d041d688bc3a0dec52408a9c02c9b15b28
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
131c390d2291abc752740f06581a01baf1774279764ad0d3c08f45c5a33c4772
140884f9d4db6142c411cc9b0249c7b3661ad04d7c1c76b538bc7d4a6a1896fe
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1717563adc25178aca7302724a4329aa4e4aabb9e3ae93f892a9990c9d05fea1
2b1e0ecdd104445637dac412934d2e088639b151908a25afece5d0cfa31df03f
2b954304f664a19991cc9cfd4788386990c00cc8b579823bec00a5f19c8dcba8
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fae66817fd4e202ea4ddd9fd69a3bcc6c0eb80d3d6163a4522589f36827bd3e
50b9097027b8ceb680e172b8ed6ad7f8495c4642f8fa6f5c2c01470dbc307495
67c14596c1956697b6f7dd0f7f67cb4f50118d70608ca2a16dee3364d679535d
6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72
73c87f36b805db1de70262fdb381b78500767d72c2a0a09dbcc5c1efc8b02954
7adacb7acf53beaf8238a298258f92fa112e6b513222964af3de35352a356fda
7ca40cacffbd24fd9488767a3989a1b8364fba4170659edffa0b8ebd6ca955e0
7ef886b540dadd3bdd1c11f7e701ff881f805570b7d25dd68cbac80a3ad45473
7f6cb7fd97c648dc296aa4c6c8689ffee046ea9cf2917a4311cc3e7d8f22d00d
8079786fbd0feb7430edc912b35269847527a8d9eaa0f3e026e0b395717f508a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8dda1bd16592f2b802d118582e286da7fa2ce119384352f43380a58ee615a248
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
a19e9cf0b99054e9c1a6fdc2289491c63a3fef977ad661b1d2532a575a99874c
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
af796a1ab8a01a89ddcf86427a79568a4d60fb4715e77055e6d310f90fff261f
b1619d3df21b66e8c20bd61a03d42c9d8eb6f371f2c3713dbd6c38005a341053
bca61ceede1bba137900c2d8ed1bd5882c8a72b6832d9e7b27a6567eb00522ed
bdf1da1fe405fcd109383d584c4edfbbe63a1ba281d8c40f5ea1ee3fb257fd51
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1
d5479f9f1e8b9af94b2320d3deaab72e3a71c5adc6dffb1d39c5b4487bd6e407
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc55d536c0d9bed29a8396fc392f874410e2feae0ad97d081fb0b6b880e3f10
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f0da36ba04aac07d40d906e0f76ed04dc1ee86c56ffdf5c2306980277c7039
ee0e2caa68b054767efe3ee44ec27ea7d82cb484478e4be402029404fb10802b
ee9cfefbf86baf5ba013b1d619e5e430115bd6b2ce9ea4b0f0df3e655f52fbae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

mastermindescapegames.com Open in urlscan Pro 185.151.30.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

1397 kBTransfer

3690 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mastermindescapegames.com Open in urlscan Pro
185.151.30.166 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1397 kB
Transfer

3690 kB
Size

6
Cookies

51 HTTP transactions
0 data transactions