irl.competition-365.com Open in urlscan Pro
2606:4700:30::681c:849  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://trk.traffikflow.com/5be2b329b6920d37b31699ab?source=61376&p1=a406fa5042144ef69b91620ab03e90d5f493 Page URL
2. https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	5be2b329b6920d37b31699ab Show response trk.traffikflow.com/	1 KB 1 KB	75ms 21ms	Document text/html	35.201.98.21 Google LLC
General Check archive.org Show headers Download Go to Full URL https://trk.traffikflow.com/5be2b329b6920d37b31699ab?source=61376&p1=a406fa5042144ef69b91620ab03e90d5f493 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.201.98.21 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 21.98.201.35.bc.googleusercontent.com Software nginx / Resource Hash 0e1864220534a97d1965408818d3b51bc4fb8f7a41e76b82123962f430026591 Request headers :method GET :authority trk.traffikflow.com :scheme https :path /5be2b329b6920d37b31699ab?source=61376&p1=a406fa5042144ef69b91620ab03e90d5f493 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 server nginx date Sat, 29 Dec 2018 13:32:09 GMT content-type text/html content-length 1187 x-rt 4 set-cookie __vnativetracking=703c8158-92fa-40e9-93c8-1aa20d6d0554; expires=Sun, 29 Dec 2019 13:32:10 GMT; path=/; HttpOnly __vnativeverify_v3=SMrDLnjff5j6qGZrjEyC3rglXhNEoHYS1EtqgG4mcPw; expires=Sun, 30 Dec 2018 13:32:10 GMT; path=/; HttpOnly via 1.1 google alt-svc clear
GET H2	200	blue.gif trk.traffikflow.com/a/v/	1 B 87 B	17ms 16ms	Image text/plain	35.201.98.21 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://trk.traffikflow.com/a/v/blue.gif?ps=MjU=&ans=NTU=&cd=IsJGa9u_CPmKQKpfXc7h19sb8vqKiJvQlg9phPhEF0r46C-z30yzRtKg7STiHFnGYUFsgM92oIAfXyGV9pLK82sdJ9WnzwaiqOytGzSWGUHCfKLt5rR_wNga0uWZ3VB1tceQU-pk2JnlxkjFu_IZZp3-Q2g8BWlY86yHYizbv0BUbTBc6sqUNrD8cMc9N-iQF_BJaSWH7yA9Mb40GW4_JAU5PeyAgbaJPrGHp0w8LfiX0keGY-2ONFN1sd546jHw-oJGnoe7VYBdXgQMxTX_9jmxlI1KoKxCCuiLwDT_P2aWSCofABycjEow42jsjVCN_Ujh-v5UrRRU9mxMTnY8MNpWBcXNWoXEyAm_SSYjxlA Requested by Host: trk.traffikflow.com URL: https://trk.traffikflow.com/5be2b329b6920d37b31699ab?source=61376&p1=a406fa5042144ef69b91620ab03e90d5f493 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.201.98.21 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 21.98.201.35.bc.googleusercontent.com Software nginx / Resource Hash Request headers :path /a/v/blue.gif?ps=MjU=&ans=NTU=&cd=IsJGa9u_CPmKQKpfXc7h19sb8vqKiJvQlg9phPhEF0r46C-z30yzRtKg7STiHFnGYUFsgM92oIAfXyGV9pLK82sdJ9WnzwaiqOytGzSWGUHCfKLt5rR_wNga0uWZ3VB1tceQU-pk2JnlxkjFu_IZZp3-Q2g8BWlY86yHYizbv0BUbTBc6sqUNrD8cMc9N-iQF_BJaSWH7yA9Mb40GW4_JAU5PeyAgbaJPrGHp0w8LfiX0keGY-2ONFN1sd546jHw-oJGnoe7VYBdXgQMxTX_9jmxlI1KoKxCCuiLwDT_P2aWSCofABycjEow42jsjVCN_Ujh-v5UrRRU9mxMTnY8MNpWBcXNWoXEyAm_SSYjxlA pragma no-cache cookie __vnativetracking=703c8158-92fa-40e9-93c8-1aa20d6d0554; __vnativeverify_v3=SMrDLnjff5j6qGZrjEyC3rglXhNEoHYS1EtqgG4mcPw accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority trk.traffikflow.com referer https://trk.traffikflow.com/ :scheme https :method GET Referer https://trk.traffikflow.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 29 Dec 2018 13:32:09 GMT via 1.1 google server nginx content-type text/plain; charset=utf-8 status 200 alt-svc clear content-length 1 x-rt 0
GET H2	200	Primary Request / Show response irl.competition-365.com/	6 KB 2 KB	258ms 201ms	Document text/html	2606:4700:30::681c:849 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Requested by Host: trk.traffikflow.com URL: https://trk.traffikflow.com/5be2b329b6920d37b31699ab?source=61376&p1=a406fa5042144ef69b91620ab03e90d5f493 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:849 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 71dd08c97c2d6bee2259a68ab9d77f9313fa5bf7f828be7edc73b1ded3c451ca Request headers :method GET :authority irl.competition-365.com :scheme https :path /?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://trk.traffikflow.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://trk.traffikflow.com/ Response headers status 200 date Sat, 29 Dec 2018 13:32:10 GMT content-type text/html;charset=UTF-8 set-cookie __cfduid=dd3ecef53374c55e24d52718661415e251546090330; expires=Sun, 29-Dec-19 13:32:10 GMT; path=/; domain=.competition-365.com; HttpOnly; Secure tid=5c27775ab931a3044ce0ea42 pid=58f9cb5ab6920d191b772659 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 490ca1972b2063d3-FRA content-encoding br
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.3/css/	139 KB 20 KB	70ms 23ms	Stylesheet text/css	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.3/css/bootstrap.min.css Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash 3c2b31ee53b21a1c869b3b0ee4c197873c15e94a4d4e535fd69e95eb0d82a694 Request headers Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 29 Dec 2018 13:32:11 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:34:09 GMT access-control-allow-origin * etag "1544639649" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 status 200 cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 20463
GET H2	200	css fonts.googleapis.com/	7 KB 767 B	19ms 16ms	Stylesheet text/css	2a00:1450:4001:816::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Abel|News+Cycle|Oswald:200,300,400,500 Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 96f1d7db02565fcc316d507d40f0f4e87508ac08c2a1f6be097de7d3a11e32fb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Sat, 29 Dec 2018 13:32:10 GMT server ESF access-control-allow-origin * date Sat, 29 Dec 2018 13:32:10 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin x-xss-protection 1; mode=block expires Sat, 29 Dec 2018 13:32:10 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.2.1/	85 KB 30 KB	9ms 6ms	Script text/javascript	2a00:1450:4001:821::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 21 Dec 2018 06:07:16 GMT content-encoding gzip x-content-type-options nosniff age 717894 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 30306 x-xss-protection 1; mode=block last-modified Fri, 24 Mar 2017 20:55:54 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Dec 2019 06:07:16 GMT
GET H2	200	dunnes.css irl.competition-365.com/css/	2 KB 1001 B	73ms 70ms	Stylesheet text/css	2606:4700:30::681c:849 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://irl.competition-365.com/css/dunnes.css Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:849 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 6246a0662a4015dbf45602ff51f380dd2ee3b50db319d66c62077852bbfcfcec Request headers :path /css/dunnes.css pragma no-cache cookie __cfduid=dd3ecef53374c55e24d52718661415e251546090330; tid=5c27775ab931a3044ce0ea42; pid=58f9cb5ab6920d191b772659 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority irl.competition-365.com referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 :scheme https :method GET Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 29 Dec 2018 13:32:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Nov 2018 13:23:15 GMT server cloudflare etag W/"5be97ec3-9fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-polished origSize=2558 cf-bgj minify cf-ray 490ca1987c2a63d3-FRA expires Sat, 29 Dec 2018 17:32:11 GMT
GET H/1.1	200 OK	jquery-ui.css code.jquery.com/ui/1.12.1/themes/base/	35 KB 9 KB	21ms 19ms	Stylesheet text/css	205.185.208.52 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip052.ssl.hwcdn.net Software nginx / Resource Hash 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0 Request headers Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 29 Dec 2018 13:32:10 GMT Content-Encoding gzip Last-Modified Wed, 14 Sep 2016 16:34:16 GMT Server nginx ETag W/"57d97c08-8c85" Vary Accept-Encoding X-HW 1546090327.dop011.pa1.shc,1546090330.dop011.pa1.t,1546090330.cds038.pa1.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 8323
GET H2	200	dunnes450_Web.png irl.competition-365.com/images/	998 KB 999 KB	205ms 202ms	Image image/png	2606:4700:30::681c:849 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://irl.competition-365.com/images/dunnes450_Web.png Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:849 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7f285f37048c35bce3f98cae1041ff449e30e13f01b2eb53e52627bb1e3ce810 Request headers :path /images/dunnes450_Web.png pragma no-cache cookie __cfduid=dd3ecef53374c55e24d52718661415e251546090330; tid=5c27775ab931a3044ce0ea42; pid=58f9cb5ab6920d191b772659 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority irl.competition-365.com referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 :scheme https :method GET Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 29 Dec 2018 13:32:11 GMT cf-cache-status HIT last-modified Mon, 12 Nov 2018 13:23:15 GMT server cloudflare etag "5be97ec3-f98d1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 490ca1987c2b63d3-FRA content-length 1022161 expires Sat, 29 Dec 2018 17:32:11 GMT
GET H2	200	dunnes450_Mob.png irl.competition-365.com/images/	390 KB 391 KB	192ms 189ms	Image image/png	2606:4700:30::681c:849 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://irl.competition-365.com/images/dunnes450_Mob.png Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:849 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 15eeebfe8b2bb6802b1c78284b644c81339fa44998bdbf4ed43ad76928ef172f Request headers :path /images/dunnes450_Mob.png pragma no-cache cookie __cfduid=dd3ecef53374c55e24d52718661415e251546090330; tid=5c27775ab931a3044ce0ea42; pid=58f9cb5ab6920d191b772659 accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority irl.competition-365.com referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 :scheme https :method GET Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 29 Dec 2018 13:32:11 GMT cf-cache-status HIT last-modified Mon, 12 Nov 2018 13:23:15 GMT server cloudflare etag "5be97ec3-61808" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 490ca1987c2c63d3-FRA content-length 399368 expires Sat, 29 Dec 2018 17:32:11 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	51 KB 15 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding content-length 14861 x-xss-protection 0 pragma public x-fb-debug QdddlOj53ovH8y53zafhY2hO0FHxnm3hs6dbMkdr6ZKRb6wp1wDP22PjPg9HqxzgSndtzK+DDk59iYP0XruUvQ== date Sat, 29 Dec 2018 13:32:11 GMT x-frame-options DENY access-control-allow-methods OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://connect.facebook.net access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control public, max-age=1200 access-control-allow-credentials true content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	TK3hWkUHHAIjg75-6hwTus9CAZek1w.woff2 fonts.gstatic.com/s/oswald/v16/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81a::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v16/TK3hWkUHHAIjg75-6hwTus9CAZek1w.woff2 Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash e286bbb75f45bbdb2da37534d2afd6cab0e9041b453ff584b3f49db505fa32f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Abel|News+Cycle|Oswald:200,300,400,500 Origin https://irl.competition-365.com Response headers date Thu, 20 Dec 2018 18:19:03 GMT x-content-type-options nosniff last-modified Tue, 07 Nov 2017 15:18:46 GMT server sffe age 760388 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9584 x-xss-protection 1; mode=block expires Fri, 20 Dec 2019 18:19:03 GMT
GET H2	200	TK3iWkUHHAIjg752GT8Gl-1PKw.woff2 fonts.gstatic.com/s/oswald/v16/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81a::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2 Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash a26fd52082f9c6c191e6f75ca86d82544f74ec979da9c64406a89bea6247a9e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Abel|News+Cycle|Oswald:200,300,400,500 Origin https://irl.competition-365.com Response headers date Fri, 21 Dec 2018 05:58:16 GMT x-content-type-options nosniff last-modified Tue, 07 Nov 2017 15:18:49 GMT server sffe age 718435 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9324 x-xss-protection 1; mode=block expires Sat, 21 Dec 2019 05:58:16 GMT
GET H2	200	TK3hWkUHHAIjg75-1h4Tus9CAZek1w.woff2 fonts.gstatic.com/s/oswald/v16/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81a::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v16/TK3hWkUHHAIjg75-1h4Tus9CAZek1w.woff2 Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash b34961a0713cec2bbc3af2b9dd098891e8c050d7c2981df6cdf347a4e4be397b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Abel|News+Cycle|Oswald:200,300,400,500 Origin https://irl.competition-365.com Response headers date Fri, 21 Dec 2018 05:51:55 GMT x-content-type-options nosniff last-modified Tue, 07 Nov 2017 15:18:34 GMT server sffe age 718816 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9588 x-xss-protection 1; mode=block expires Sat, 21 Dec 2019 05:51:55 GMT
GET H2	200	1184206998380485 Show response connect.facebook.net/signals/config/	181 KB 43 KB	39ms 39ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1184206998380485?v=2.8.35&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 6d3208d471b1a652e0a071a53dd9ba8fe1420e48149b24642723dfc84b3702e7 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding x-xss-protection 0 pragma public x-fb-debug g4bkzdh3oDrgQSsNQ3hX512dDyYJnlgt/QYk0nCmJXNDpYT7iRuezqij70C+7OAmGVleusntnEUwrndIwMQLYg== date Sat, 29 Dec 2018 13:32:11 GMT x-frame-options DENY access-control-allow-methods OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://connect.facebook.net access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control public, max-age=1200 access-control-allow-credentials true content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 247 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1184206998380485&ev=PageView&dl=https%3A%2F%2Firl.competition-365.com%2F%3Fcitr%3DUUFQSGJPHY0%26transaction_id%3D5c27775ab931a3044ce0ea42%26info1%3D58f9cb5ab6920d191b772659%26info2%3D61376&rl=https%3A%2F%2Ftrk.traffikflow.com%2F&if=false&ts=1546090331145&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1546090331143.1787841895&it=1546090331081&coo=false Requested by Host: irl.competition-365.com URL: https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Request headers Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 29 Dec 2018 13:32:11 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 content-length 44 expires Sat, 29 Dec 2018 13:32:11 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 147 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1184206998380485&ev=Microdata&dl=https%3A%2F%2Firl.competition-365.com%2F%3Fcitr%3DUUFQSGJPHY0%26transaction_id%3D5c27775ab931a3044ce0ea42%26info1%3D58f9cb5ab6920d191b772659%26info2%3D61376&rl=https%3A%2F%2Ftrk.traffikflow.com%2F&if=false&ts=1546090332648&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22DUNNES%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1546090331143.1787841895&it=1546090331081&coo=false&es=automatic Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Request headers Referer https://irl.competition-365.com/?citr=UUFQSGJPHY0&transaction_id=5c27775ab931a3044ce0ea42&info1=58f9cb5ab6920d191b772659&info2=61376 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 29 Dec 2018 13:32:12 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 content-length 44 expires Sat, 29 Dec 2018 13:32:12 GMT

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| fbq function| _fbq function| iconClick function| show function| SetCaretAtEnd object| __core-js_shared__

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.competition-365.com/	1970-01-18 21:28:18	Name: _fbp Value: fb.1.1546090331143.1787841895
			irl.competition-365.com/	1969-12-31 23:59:59	Name: tid Value: 5c27775ab931a3044ce0ea42
			irl.competition-365.com/	1969-12-31 23:59:59	Name: pid Value: 58f9cb5ab6920d191b772659
			.competition-365.com/	1970-01-19 06:13:46	Name: __cfduid Value: dd3ecef53374c55e24d52718661415e251546090330

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
irl.competition-365.com
maxcdn.bootstrapcdn.com
trk.traffikflow.com
www.facebook.com
205.185.208.52
209.197.3.15
2606:4700:30::681c:849
2a00:1450:4001:816::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:821::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.201.98.21
0e1864220534a97d1965408818d3b51bc4fb8f7a41e76b82123962f430026591
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15eeebfe8b2bb6802b1c78284b644c81339fa44998bdbf4ed43ad76928ef172f
3c2b31ee53b21a1c869b3b0ee4c197873c15e94a4d4e535fd69e95eb0d82a694
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
6246a0662a4015dbf45602ff51f380dd2ee3b50db319d66c62077852bbfcfcec
6d3208d471b1a652e0a071a53dd9ba8fe1420e48149b24642723dfc84b3702e7
71dd08c97c2d6bee2259a68ab9d77f9313fa5bf7f828be7edc73b1ded3c451ca
7f285f37048c35bce3f98cae1041ff449e30e13f01b2eb53e52627bb1e3ce810
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
96f1d7db02565fcc316d507d40f0f4e87508ac08c2a1f6be097de7d3a11e32fb
a26fd52082f9c6c191e6f75ca86d82544f74ec979da9c64406a89bea6247a9e9
b34961a0713cec2bbc3af2b9dd098891e8c050d7c2981df6cdf347a4e4be397b
e286bbb75f45bbdb2da37534d2afd6cab0e9041b453ff584b3f49db505fa32f4