gbuteamrotator.ptcrewards.com Open in urlscan Pro
173.225.21.58  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gbuteamrotator.ptcrewards.com/	18 KB 5 KB	684ms 197ms	Document text/html	173.225.21.58 DF-TUKWILA01
General Check archive.org Show headers Download Go to Full URL https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.225.21.58 , United States, ASN3361 (DF-TUKWILA01, US), Reverse DNS web158.ultrawebhosting.com Software nginx / Resource Hash 8335a2e455bcbda4d38d2a575cb5fae929e7b3311e4fa15d2aa901d807ea58b1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 4910 content-type text/html date Sat, 13 Jan 2024 23:08:14 GMT last-modified Thu, 14 Dec 2023 22:29:10 GMT server nginx vary Accept-Encoding,User-Agent
GET H2	200	styl.css lllpg.com/	7 KB 2 KB	356ms 232ms	Stylesheet text/css	2606:4700:3031::ac43:8ca4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lllpg.com/styl.css?v=36 Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8ca4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50a41e4996f2d9e611cdcdbb2c8ac106e4372cac5d76cf2cfd471c4682ff4612 Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT content-encoding gzip cf-cache-status REVALIDATED cf-bgj minify last-modified Mon, 11 Dec 2023 13:07:02 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=9601 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z5uL%2BZdALQiRbBu33pULbXgNXG8d1LNGFhIm88Fsz%2FURZ38Xci6pX7Ev%2BuJuxEbccrhDX6%2FqblEP7Iu0trswB%2FW2Aukddx4lGY8ZzjSIOz65q3qWP8yuva9q3xAA2ZPa5tN%2BtYnrW4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 84514cd68a414bc3-BUF alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	32 KB 3 KB	172ms 49ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2251f43a792c621c02274070fbdb53702c5c6e5ebe3b9613eb6c0ececa814cf0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 13 Jan 2024 23:08:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 13 Jan 2024 23:08:15 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Jan 2024 23:08:15 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.15.4/css/	58 KB 13 KB	174ms 51ms	Stylesheet text/css	2606:4700:e2::ac40:8c0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.15.4/css/all.css Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:45:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 62689 etag W/"ecd507b3125edc4d2a03aa6ae5d07da9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTPpwPzQXiJWbgcbgfpkZBzCfB19jFoRqwm1qet2Odx%2BNYmXw6fV2dIb2RxKaUqBCFOcEmzXTmXCTwuuyheStjTQbxksalkYRGANWE51BcmIo4cshgA88NTyeegesuQNQUpOMTIAyS0WCeNXG1DKOEuI"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 84514cd68b3e41ba-EWR alt-svc h3=":443"; ma=86400
GET H2	200	v4-shims.css use.fontawesome.com/releases/v5.15.4/css/	26 KB 4 KB	175ms 53ms	Stylesheet text/css	2606:4700:e2::ac40:8c0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910 Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:45:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1084266 etag W/"a034d3c71bee546f625877d7932917f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhGAehO%2FvqCVs2hgxHJum5gl7MKmwFvR0CfDhcrFpK8engYox63yO5DxPnWoiBZWKXwSWZW1W58EJI4rqqDBiHIhG4O6w%2Fg1zcMgPxItcTeA%2FnEGELpJ%2F9es%2BIsIBJWrEhBTsO3erNXVzLyJbYsk2cVc"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 84514cd68b3d41ba-EWR alt-svc h3=":443"; ma=86400
GET H2	200	animate.min.css lllpg.com/	94 KB 6 KB	167ms 45ms	Stylesheet text/css	2606:4700:3031::ac43:8ca4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lllpg.com/animate.min.css?v=2 Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8ca4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7391e2e933546fa6834fd409412ae3a0b5c3be77edea6e0e18d1947411f8d6c8 Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 22 Oct 2023 09:03:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 70 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZu%2F72vDlHl7hnuqxA5U1UfOWlUgSPG7dZ1aXRP6ULMk0tzRgZxBbKhVyiNb6njc%2F45qHCcnxkkz5Xj%2F8OXJDylYc69E1uh8%2FAAIbQ%2Fj87COz%2FBJjVlxXatail8H8CivAG8wpQPcIlY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 84514cd68a3f4bc3-BUF alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/	84 KB 27 KB	154ms 34ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4463670 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 26909 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-14e4a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhvbcTqB64rDf1YZPZyLDGJfVhn1Z7XwO45c8ZIAu11ImHB5q7rd4c9fcCK3amKKKRpaSVATBuyQeVljfBvEgiROdzzfsHiANFWs1aXfK40Ne5hU0lzNv9Py0cTGGT%2BiWeZBo1nRiEy6enhGPySeiUXC"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84514cd68a404bc3-BUF expires Thu, 02 Jan 2025 23:08:15 GMT
GET H2	200	jquery-ui.min.js Show response cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/	248 KB 56 KB	157ms 38ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 763691 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57137 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-3dee5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsjlGatJvavyzJl6DOPtC89uWPyNkOjtXoK5pcUsVFUUwkj7MPPb37hBXhrtIKLVR6Z9rpCscNs9s13y%2BLWD4Rnuc8vQkwhoLOVYI4IpXQdKIei9nmSeCI7D3FDF%2Bo%2Bv%2BdaQ99orXGh4in29rbVhu1%2BL"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84514cd68a3e4bc3-BUF expires Thu, 02 Jan 2025 23:08:15 GMT
GET H2	200	js.js Show response lllpg.com/	9 KB 3 KB	166ms 47ms	Script application/javascript	2606:4700:3031::ac43:8ca4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lllpg.com/js.js?v=35 Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8ca4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c08022b1b353769cb76e2bf32451b1fef7daa2101c2353eb14479dfb13b12ae Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 31 Aug 2023 06:21:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6820 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BfUPs%2BgT5DkfgEGydH%2B%2FTpT4ASSQe92fDrD%2BdGPatK7AIvN2kSy4a%2FXC8EAvrjgL5XYI7RcQDltFTYjaF3sstKdxyodD8FSDc7z2EjYkzh9qYKx2jA%2FQlar9cQGt31l7oxarF0liQU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 84514cd68a424bc3-BUF alt-svc h3=":443"; ma=86400
GET H2	200	cd.js Show response lllpg.com/	11 KB 3 KB	162ms 44ms	Script application/javascript	2606:4700:3031::ac43:8ca4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lllpg.com/cd.js?v=1 Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8ca4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 491e710710106ba541ef5c38f1b8484207fa05e41c505885a826a6cc1e803ec6 Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 31 Aug 2023 06:21:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 70 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1gezzHJ5EC1Z87HX8Ww%2BOstVvLINLC9ORvTT0G5JCExhMecdqax7cbmpE%2BRZwh7Jc%2BZmRoJyq1NJlm8wbUC4W886QMLKwqR8r6o7DzNfu42cZSWAMGbgK5YSKbcEj5tU6HkrJlqHdQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 84514cd68a434bc3-BUF alt-svc h3=":443"; ma=86400
GET H2	200	gbu468.png gbuteamrotator.com/images/	8 KB 8 KB	336ms 153ms	Image image/png	173.225.21.58 DF-TUKWILA01
General Check archive.org Show headers Download Go to Show image Full URL https://gbuteamrotator.com/images/gbu468.png Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.225.21.58 , United States, ASN3361 (DF-TUKWILA01, US), Reverse DNS web158.ultrawebhosting.com Software nginx / Resource Hash 62aed87a6a53a54f42e2d996a5d113df3f6cf2b2330e9c506ab9bc70cf7ebdec Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT cache-control max-age=864000, max-age=864000 last-modified Thu, 14 Dec 2023 22:08:56 GMT server nginx accept-ranges bytes content-length 7994 content-type image/png
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	172ms 55ms	Script text/javascript	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Sat, 13 Jan 2024 23:08:15 GMT
GET H/1.1	200 OK	player.js Show response player.vimeo.com/api/	37 KB 12 KB	147ms 40ms	Script application/javascript	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/api/player.js Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline' Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers expires Sat, 13 Jan 2024 18:26:24 GMT Date Sat, 13 Jan 2024 23:08:15 GMT content-security-policy default-src 'none'; style-src 'unsafe-inline' Content-Encoding gzip CF-Cache-Status DYNAMIC Via 1.1 varnish Age 711 X-Cache HIT Connection keep-alive x-backend-server player-backend-edge-entry Content-Length 11228 X-Served-By cache-yyz4557-YYZ x-player-backend g Server cloudflare X-Timer S1705187296.949595,VS0,VE0 Vary Accept-Encoding Content-Type application/javascript;charset=utf-8 access-control-allow-origin * cache-control max-age=1800 x-bapp-server Accept-Ranges bytes CF-RAY 84514cd79c72542b-YYZ X-Cache-Hits 250
GET H2	200	jsbottom.js Show response lllpg.com/	13 KB 3 KB	234ms 233ms	Script application/javascript	2606:4700:3031::ac43:8ca4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lllpg.com/jsbottom.js?v=27 Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8ca4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 770ba7142b91d6f45485bd9b61eb3b23795745e267cedd8b1e9183e3177c3942 Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 23:08:16 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Fri, 22 Dec 2023 02:06:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AM9iROptRalVxFTmZcWTZR4fUXyRmuKBpefYFc95acdossNKCa8YC9DHes53iJa4Lt07gZjT%2FA%2BiHIsuG5a94Pj1hH862%2FBmbR555RfRKwx2cXpfBITMF7QnXXAGkwCBuU%2B6YnY03I%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 84514cd7eac44bc3-BUF alt-svc h3=":443"; ma=86400
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/	216 KB 67 KB	33ms 31ms	Script text/javascript	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/80b90bfd/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://gbuteamrotator.ptcrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 21:26:57 GMT content-encoding br x-content-type-options nosniff age 6079 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68600 x-xss-protection 0 last-modified Wed, 10 Jan 2024 02:46:49 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 12 Jan 2025 21:26:57 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	150ms 33ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:46:45 GMT x-content-type-options nosniff age 296491 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 12:46:45 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	213ms 97ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 20:31:16 GMT x-content-type-options nosniff age 355020 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 20:31:16 GMT
GET H2	200	XRXV3I6Li01BKofINeaB.woff2 fonts.gstatic.com/s/nunito/v26/	38 KB 38 KB	175ms 60ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 09:15:38 GMT x-content-type-options nosniff age 49958 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39124 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:02:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jan 2025 09:15:38 GMT
GET H2	200	RrQfboBx-C5_XxrBbg.woff2 fonts.gstatic.com/s/acme/v25/	8 KB 8 KB	190ms 75ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/acme/v25/RrQfboBx-C5_XxrBbg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:06:16 GMT x-content-type-options nosniff age 298920 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8236 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:26:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 12:06:16 GMT
GET H2	200	qWcyB624q4L_C4jGQ9IK0O_dFlnrtREl.woff2 fonts.gstatic.com/s/hammersmithone/v17/	19 KB 19 KB	196ms 81ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/hammersmithone/v17/qWcyB624q4L_C4jGQ9IK0O_dFlnrtREl.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7fec385668dd8696487a02bb35060f6bea3b91dca953bf942b95ad6e4bd73a5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sat, 13 Jan 2024 02:28:08 GMT x-content-type-options nosniff age 74408 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19612 x-xss-protection 0 last-modified Thu, 21 Apr 2022 16:23:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Jan 2025 02:28:08 GMT
GET H2	200	m8JWjfRfY7WVjVi2E-K9H6RCTm4.woff2 fonts.gstatic.com/s/cutivemono/v20/	20 KB 20 KB	148ms 34ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cutivemono/v20/m8JWjfRfY7WVjVi2E-K9H6RCTm4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6dd84c2fc735188403aa78de990dc765792fd9413bfd3d126e59580015c91532 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 15:35:18 GMT x-content-type-options nosniff age 372778 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20720 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:35:04 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 15:35:18 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	206ms 92ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 19:41:38 GMT x-content-type-options nosniff age 357998 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 19:41:38 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	224ms 111ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 08:15:11 GMT x-content-type-options nosniff age 312785 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 08:15:11 GMT
GET H2	200	e3t5euGtX-Co5MNzeAOqinEYx2zCrdZJ.woff2 fonts.gstatic.com/s/abhayalibre/v14/	21 KB 21 KB	259ms 146ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/abhayalibre/v14/e3t5euGtX-Co5MNzeAOqinEYx2zCrdZJ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 280d8155a402144e64924c1054936c0b67c5358d8a13b5ed65c6a12348d00c25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 22:49:33 GMT x-content-type-options nosniff age 346723 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21564 x-xss-protection 0 last-modified Tue, 02 May 2023 14:58:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 22:49:33 GMT
GET H2	200	1Ptgg87LROyAm3Kz-C8.woff2 fonts.gstatic.com/s/anton/v25/	18 KB 18 KB	235ms 123ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 17:45:28 GMT x-content-type-options nosniff age 364968 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18796 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:21:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 17:45:28 GMT
GET H2	200	zrfm0H3Lx-P2Xvs2ArDfBi8.woff2 fonts.gstatic.com/s/ranchers/v17/	24 KB 24 KB	212ms 99ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ranchers/v17/zrfm0H3Lx-P2Xvs2ArDfBi8.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1807730a2a1c0fec3b86d41282ffedc1df412c26847cd413fb0b2dcb05334dc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 12:05:27 GMT x-content-type-options nosniff age 298969 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24384 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:56:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 12:05:27 GMT
GET H2	200	e3tmeuGtX-Co5MNzeAOqinEQfEnX.woff2 fonts.gstatic.com/s/abhayalibre/v14/	21 KB 21 KB	146ms 118ms	Font font/woff2	2607:f8b0:4006:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/abhayalibre/v14/e3tmeuGtX-Co5MNzeAOqinEQfEnX.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,700|Oswald:400,700|Caveat:400,700|Caveat+Brush:400,700|Poppins:400,700|Hammersmith+One:400,700|Roboto:400,700|Kalam:400,700|Allura:400,700|Acme:400,700|Cabin:400,700|Anton:400,700|Abhaya+Libre:400,700|Courier+Prime:400,700|Cutive+Mono:400,700|Nunito:400,700|Ranchers:400,700|Permanent+Marker:400,700|Audiowide:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c36e530004dc8118872aedf92281acfdfa3ac8aa6a277324237603201367b6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gbuteamrotator.ptcrewards.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 09 Jan 2024 15:35:08 GMT x-content-type-options nosniff age 372788 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21232 x-xss-protection 0 last-modified Tue, 02 May 2023 15:04:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 08 Jan 2025 15:35:08 GMT
GET H2	200	set.html Show response pixel.leadsleap.net/ Frame 60C4	2 KB 968 B	417ms 182ms	Document text/html	2606:4700:3032::6815:99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.leadsleap.net/set.html?n1=lllpga168515&v1=283793.15&n2=lllpgb168515&v2=283793.15&n3=lllpgca152434&v3=168515.283793.15&n4=lllpgcb152434&v4=168515.283793.15 Requested by Host: gbuteamrotator.ptcrewards.com URL: https://gbuteamrotator.ptcrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:99 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97ca62715031d14115abd058e5354ee17d7cb9917564f2634ea5fb6f63f2ab5f Request headers Referer https://gbuteamrotator.ptcrewards.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84514cdaf8b34bd5-BUF content-encoding br content-type text/html date Sat, 13 Jan 2024 23:08:16 GMT last-modified Thu, 01 Oct 2020 11:41:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoXKqSQ44XTow98DEQJbgra803F%2FdtEEW6X2SbyqNQqKmm0zy%2F8OZVE5Tw09yNdH0trZRgX4F50iX07F4z%2FwEfYWsWIFuv%2BI0QCpH64OLCzYVTyns14%2B5F1qEc5u4ttjmfwtoeNLQx%2F46KLBg97iKXLm"}],"group":"cf-nel","max_age":604800} server cloudflare

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery string| llcv_dm number| llcv_d string| llcv_c string| llcv_r string| llcv_i number| statid number| tableid string| adbaron string| listid string| listurl string| listurlnew string| thisip number| adbarcounton number| llcv_tcL number| llcv_tcN number| llcv_tc number| llcv_tcA number| llcv_ta number| llcv_cs number| llcv_jf number| llcv_lf number| lltanimating function| llshowvideo function| fnifm function| fnhf function| fnabr function| fnctdn function| fncdt function| fnsc function| fnitv object| il number| tcount function| fnintvl object| interval function| makeTimer number| tl object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| pl number| pr function| scrolltoform function| rsz number| ytcount object| ytplayer function| onYouTubeIframeAPIReady string| x number| sdelay number| thispl number| thispr

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: c9WQ7vSD0W0
			.youtube.com/	1970-01-20 21:58:59	Name: VISITOR_INFO1_LIVE Value: DCGK2dzAJww
			.vimeo.com/	1970-01-20 17:39:49	Name: __cf_bm Value: oV7cOORWHllbiIEnvKG1kNT.bFBFYaJ5_fxBvXpTQv0-1705187295-1-Ae1fcDCIYLPaZbWfu8sGZ3bOjB/XIjhBV5p9cNQw5q6uj9gsE9BRs+uwbY9UacC7vQztLpieSRfZhey5Vl7JNFE=
			.pixel.leadsleap.net/	1970-01-20 17:41:13	Name: lllpga168515 Value: 283793.15
			.pixel.leadsleap.net/	1970-01-20 17:41:13	Name: lllpgb168515 Value: 283793.15
			.pixel.leadsleap.net/	1970-01-20 17:41:13	Name: lllpgca152434 Value: 168515.283793.15
			.pixel.leadsleap.net/	1970-01-20 17:41:13	Name: lllpgcb152434 Value: 168515.283793.15

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gbuteamrotator.com
gbuteamrotator.ptcrewards.com
lllpg.com
pixel.leadsleap.net
player.vimeo.com
use.fontawesome.com
www.youtube.com
162.159.138.60
173.225.21.58
2606:4700:3031::ac43:8ca4
2606:4700:3032::6815:99
2606:4700::6811:190e
2606:4700:e2::ac40:8c0d
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::5d
2607:f8b0:4006:817::2003
012836af0a51bc628cc3eb10b36ac2b6a1dc5c6b118f95c6e5c0a66bb2c14966
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0c08022b1b353769cb76e2bf32451b1fef7daa2101c2353eb14479dfb13b12ae
1807730a2a1c0fec3b86d41282ffedc1df412c26847cd413fb0b2dcb05334dc2
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
2251f43a792c621c02274070fbdb53702c5c6e5ebe3b9613eb6c0ececa814cf0
280d8155a402144e64924c1054936c0b67c5358d8a13b5ed65c6a12348d00c25
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
491e710710106ba541ef5c38f1b8484207fa05e41c505885a826a6cc1e803ec6
4c36e530004dc8118872aedf92281acfdfa3ac8aa6a277324237603201367b6f
50a41e4996f2d9e611cdcdbb2c8ac106e4372cac5d76cf2cfd471c4682ff4612
62aed87a6a53a54f42e2d996a5d113df3f6cf2b2330e9c506ab9bc70cf7ebdec
6dd84c2fc735188403aa78de990dc765792fd9413bfd3d126e59580015c91532
7391e2e933546fa6834fd409412ae3a0b5c3be77edea6e0e18d1947411f8d6c8
770ba7142b91d6f45485bd9b61eb3b23795745e267cedd8b1e9183e3177c3942
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fec385668dd8696487a02bb35060f6bea3b91dca953bf942b95ad6e4bd73a5d
8335a2e455bcbda4d38d2a575cb5fae929e7b3311e4fa15d2aa901d807ea58b1
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
97ca62715031d14115abd058e5354ee17d7cb9917564f2634ea5fb6f63f2ab5f
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
bb814ac86e7f409154ced702b9f3543761d09410e837ec728242e6b980a26aa0
ca5a691ea0a5a7485c48827ef56c36cb4414693c72ef5f6a0067e5c9d3e00261
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885