tohavefuntoday.com Open in urlscan Pro
2606:4700:3033::6818:6b3e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jorsentese.com/login/link.php?M=10925737&N=10&L=2&F=H
Effective URL:
https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc...
Submission: On September 06 via api (September 6th 2020, 2:04:50 pm UTC) from BE

Summary HTTP 42 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 13 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3033::6818:6b3e, located in United States and belongs to CLOUDFLARENET, US. The main domain is tohavefuntoday.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2020. Valid for: a year.

This is the only time tohavefuntoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	178.213.50.250 178.213.50.250	43108 (GARM-AS) (GARM-AS)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	35.157.125.133 35.157.125.133	16509 (AMAZON-02) (AMAZON-02)
1 1	3.212.127.216 3.212.127.216	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.200.180.197 18.200.180.197	16509 (AMAZON-02) (AMAZON-02)
22	2606:4700:303... 2606:4700:3033::6818:6b3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::621 2a04:4e42::621	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
42	13

1 178.213.50.250 (Latvia) 1 redirects

ASN43108 (GARM-AS, GB)
PTR: host.jorsentese.com

jorsentese.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

bitinvestltd.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.125.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com

trackingthebird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mactional-detions.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.127.216 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-127-216.compute-1.amazonaws.com

webapplepie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.180.197 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-180-197.eu-west-1.compute.amazonaws.com

track.click999.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3033::6818:6b3e (United States)

ASN13335 (CLOUDFLARENET, US)

tohavefuntoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::621 (Ascension Island)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	tohavefuntoday.com tohavefuntoday.com	212 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	119 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	page.link 1 redirects bitinvestltd.page.link	12 KB
1	doubleclick.net stats.g.doubleclick.net	86 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	polyfill.io polyfill.io	567 B
1	googleapis.com fonts.googleapis.com	574 B
1	click999.com 1 redirects track.click999.com	773 B
1	webapplepie.com webapplepie.com Failed	771 B
1	mactional-detions.icu mactional-detions.icu	785 B
1	trackingthebird.com trackingthebird.com	2 KB
1	jorsentese.com 1 redirects jorsentese.com	237 B
42	13

	Domain	Requested by
22	tohavefuntoday.com	mactional-detions.icu tohavefuntoday.com
6	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.gstatic.com	bitinvestltd.page.link www.gstatic.com
2	bitinvestltd.page.link	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	tohavefuntoday.com
1	polyfill.io	tohavefuntoday.com
1	fonts.googleapis.com	tohavefuntoday.com
1	track.click999.com	1 redirects
1	webapplepie.com
1	mactional-detions.icu	trackingthebird.com
1	trackingthebird.com	www.gstatic.com
1	jorsentese.com	1 redirects
42	14

This site contains links to these domains. Also see Links.

Domain
jetigames.com

Subject Issuer	Validity	Valid
*.page.link GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
trackingthebird.com Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
mactional-detions.icu Let's Encrypt Authority X3	`2020-09-03` - `2020-12-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-17` - `2021-04-17`	8 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Frame ID: 34F618D5F316002E2CD6BACD4458804C
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://jorsentese.com/login/link.php?M=10925737&N=10&L=2&F=H HTTP 302
https://bitinvestltd.page.link/3Xou Page URL
https://bitinvestltd.page.link/3Xou?_imcp=1 HTTP 302
https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039 Page URL
https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4OD... Page URL
https://webapplepie.com/?a=100674&c=108894&s1=f51765a2-e3f9-4c22-823f-71efbea3d039&s2=whnrus60uqnpu6... HTTP 302
https://track.click999.com/go.php?id=613qv8dpcbrcg9jc1g58&clickid=93468452&pubid=100674 HTTP 302
https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iY... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Page Statistics

42
Requests

98 %
HTTPS

73 %
IPv6

13
Domains

14
Subdomains

13
IPs

6
Countries

399 kB
Transfer

937 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://jetigames.com/pricing/
Title: Pricing Plan

Search URL Search Domain Scan URL

URL: https://jetigames.com/terms-conditions/
Title: terms and conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jorsentese.com/login/link.php?M=10925737&N=10&L=2&F=H HTTP 302
https://bitinvestltd.page.link/3Xou Page URL
https://bitinvestltd.page.link/3Xou?_imcp=1 HTTP 302
https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039 Page URL
https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWY1MTc2NWEyLWUzZjktNGMyMi04MjNmLTcxZWZiZWEzZDAzOSZzMj13aG5ydXM2MHVxbnB1Nm8xaWJtZ292NXU&ts=1599401073624&hash=n1U84uaMzVL5wYxaSZqr1z5vxEHpVEU7Ptab3FdtxF0&rm=DJ Page URL
https://webapplepie.com/?a=100674&c=108894&s1=f51765a2-e3f9-4c22-823f-71efbea3d039&s2=whnrus60uqnpu6o1ibmgov5u HTTP 302
https://track.click999.com/go.php?id=613qv8dpcbrcg9jc1g58&clickid=93468452&pubid=100674 HTTP 302
https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://jorsentese.com/login/link.php?M=10925737&N=10&L=2&F=H HTTP 302
https://bitinvestltd.page.link/3Xou

Request Chain 4

https://bitinvestltd.page.link/3Xou?_imcp=1 HTTP 302
https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

3Xou Show response
bitinvestltd.page.link/
Redirect Chain

http://jorsentese.com/login/link.php?M=10925737&N=10&L=2&F=H
https://bitinvestltd.page.link/3Xou

35 KB
11 KB

77ms
30ms

Document
text/html

2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bitinvestltd.page.link/3Xou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42098685ae7efb38ad55259141502852204ccb82aeb4198f405445ba6099981e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b4Ajs7qNO3zhkfrjzhDdDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-b4Ajs7qNO3zhkfrjzhDdDQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: bitinvestltd.page.link
:scheme: https
:path: /3Xou
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 06 Sep 2020 14:04:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-b4Ajs7qNO3zhkfrjzhDdDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-b4Ajs7qNO3zhkfrjzhDdDQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Date: Sun, 06 Sep 2020 14:04:33 GMT
Server: Apache
Location: https://bitinvestltd.page.link/3Xou
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4LrfPkpjoGSAiymb4OWHUmevip3Q/ 142 KB
50 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4LrfPkpjoGSAiymb4OWHUmevip3Q/m=_b,_tp

Requested by

Host: bitinvestltd.page.link
URL: https://bitinvestltd.page.link/3Xou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56011ffe063ec0272926bd3dd25c8a45cb4b88cc676e0418ac85e111dd359035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitinvestltd.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 15:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425191
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51258
x-xss-protection: 0
last-modified: Mon, 17 Aug 2020 23:36:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Sep 2021 15:58:02 GMT

GET
H3-Q050 200 m=wmwg8b Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/ck=boq-devplatform.DurableDeepLinkUi.SLbU4VKkW_w.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewd... 34 KB
13 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/ck=boq-devplatform.DurableDeepLinkUi.SLbU4VKkW_w.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP52bkguKtfJ6pD-JeC_GBAgbRbwQA/m=wmwg8b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4LrfPkpjoGSAiymb4OWHUmevip3Q/m=_b,_tp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6960267ddc2f2fe78d666b70c2a3663c11b0dc49150af387c75e691b410f8568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitinvestltd.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 17:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420553
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12727
x-xss-protection: 0
last-modified: Mon, 17 Aug 2020 21:32:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Sep 2021 17:15:20 GMT

GET
H3-Q050 200 m=KjEEgd Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/ck=boq-devplatform.DurableDeepLinkUi.SLbU4VKkW_w.L.B1.O/am=BA/d=1/exm=_b,_tp,wmwg8b/excm=_b,_t... 18 KB
6 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/ck=boq-devplatform.DurableDeepLinkUi.SLbU4VKkW_w.L.B1.O/am=BA/d=1/exm=_b,_tp,wmwg8b/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP52bkguKtfJ6pD-JeC_GBAgbRbwQA/m=KjEEgd

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd2b68f6a627ec5e152dcb2a02301220333b82231d0126fa1eb8630c9483f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bitinvestltd.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 17:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 420553
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6349
x-xss-protection: 0
last-modified: Mon, 17 Aug 2020 21:32:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Sep 2021 17:15:20 GMT

GET
H/1.1

200

Cookie set f51765a2-e3f9-4c22-823f-71efbea3d039 Show response
trackingthebird.com/
Redirect Chain

https://bitinvestltd.page.link/3Xou?_imcp=1
https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039

842 B
2 KB

152ms
39ms

Document
text/html

35.157.125.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4LrfPkpjoGSAiymb4OWHUmevip3Q/m=_b,_tp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.125.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0a51bb1e83ef10e5ed56ce1c77f53ac863b1fb5757e857ad7f0b39949966585b

Request headers

Host: trackingthebird.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://bitinvestltd.page.link/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bitinvestltd.page.link/3Xou

Response headers

Server: nginx
Date: Sun, 06 Sep 2020 14:04:33 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 842
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: f51765a2-e3f9-4c22-823f-71efbea3d039-v4=f51765a2-e3f9-4c22-823f-71efbea3d039; Max-Age=86400; Expires=Mon, 07-Sep-2020 14:04:33 GMT; Domain=trackingthebird.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=G1rj2AOuSMltvRDqWbZSBirO0lIblbq2oFegj0%2BfeLFWfDMlsfTDzRwJMe0e8XipTyrBxciCNhCec9hB57rYzyXz%2FsKa5aUmLQbH58sO%2F3poXcqxoSKkNHIlPuC4km2OyNYjc9FqCkkWtluDjkX1nA%3D%3D; Max-Age=31536000; Expires=Mon, 06-Sep-2021 14:04:33 GMT; Domain=trackingthebird.com; Path=/; Secure; HttpOnly;SameSite=None

Redirect headers

status: 302
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 06 Sep 2020 14:04:33 GMT
location: https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039
content-security-policy: script-src 'report-sample' 'nonce-fX7yaKER18Cg2zL+grJk4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-fX7yaKER18Cg2zL+grJk4A' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200 redirect
mactional-detions.icu/ 512 B
785 B 130ms
42ms Document
text/html 35.157.125.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWY1MTc2NWEyLWUzZjktNGMyMi04MjNmLTcxZWZiZWEzZDAzOSZzMj13aG5ydXM2MHVxbnB1Nm8xaWJtZ292NXU&ts=1599401073624&hash=n1U84uaMzVL5wYxaSZqr1z5vxEHpVEU7Ptab3FdtxF0&rm=DJ
Requested by: Host: trackingthebird.com
URL: https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.125.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: mactional-detions.icu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://trackingthebird.com/f51765a2-e3f9-4c22-823f-71efbea3d039

Response headers

Server: nginx
Date: Sun, 06 Sep 2020 14:04:33 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 512
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

GET /
webapplepie.com/ 0
0

GET
H2

200

Primary Request / Show response
tohavefuntoday.com/offer/
Redirect Chain

https://webapplepie.com/?a=100674&c=108894&s1=f51765a2-e3f9-4c22-823f-71efbea3d039&s2=whnrus60uqnpu6o1ibmgov5u
https://track.click999.com/go.php?id=613qv8dpcbrcg9jc1g58&clickid=93468452&pubid=100674
https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jM...

11 KB
4 KB

151ms
112ms

Document
text/html

2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Requested by: Host: mactional-detions.icu
URL: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWY1MTc2NWEyLWUzZjktNGMyMi04MjNmLTcxZWZiZWEzZDAzOSZzMj13aG5ydXM2MHVxbnB1Nm8xaWJtZ292NXU&ts=1599401073624&hash=n1U84uaMzVL5wYxaSZqr1z5vxEHpVEU7Ptab3FdtxF0&rm=DJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e0a3dd6cd65b43a04a429d09d5134d7902b68cefe43d432ba97cd782b22aa78

Request headers

:method: GET
:authority: tohavefuntoday.com
:scheme: https
:path: /offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWY1MTc2NWEyLWUzZjktNGMyMi04MjNmLTcxZWZiZWEzZDAzOSZzMj13aG5ydXM2MHVxbnB1Nm8xaWJtZ292NXU&ts=1599401073624&hash=n1U84uaMzVL5wYxaSZqr1z5vxEHpVEU7Ptab3FdtxF0&rm=DJ
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWY1MTc2NWEyLWUzZjktNGMyMi04MjNmLTcxZWZiZWEzZDAzOSZzMj13aG5ydXM2MHVxbnB1Nm8xaWJtZ292NXU&ts=1599401073624&hash=n1U84uaMzVL5wYxaSZqr1z5vxEHpVEU7Ptab3FdtxF0&rm=DJ

Response headers

status: 200
date: Sun, 06 Sep 2020 14:04:34 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8ca8b3129b8ec38a7c8a521b726e584e1599401074; expires=Tue, 06-Oct-20 14:04:34 GMT; path=/; domain=.tohavefuntoday.com; HttpOnly; SameSite=Lax cid=c2a273d40cc3e10bb1379e1b4c93eeffea97445e; expires=Sun, 06-Sep-2020 14:09:34 GMT; Max-Age=300
cf-cache-status: DYNAMIC
cf-request-id: 050554b8690000d6f9d116d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5ce8bd6d794ed6f9-FRA
content-encoding: br

Redirect headers

status: 302
server: nginx
date: Sun, 06 Sep 2020 14:04:34 GMT
content-type: text/html; charset=UTF-8
location: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
set-cookie: uclick=bz3ztwy9; expires=Mon, 07-Sep-2020 14:04:34 GMT; Max-Age=86400; path=/; SameSite=None; Secure; uclickhash=bz3ztwy9-bz3ztwy9-ojdz-0-cibl-q5tw-fy0-fb0659; expires=Mon, 07-Sep-2020 14:04:34 GMT; Max-Age=86400; path=/; SameSite=None; Secure;
access-control-allow-headers: Content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *

GET
H2 200 bootstrap.min.css
tohavefuntoday.com/includes/styles/libs/ 157 KB
21 KB 154ms
151ms Stylesheet
text/css 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/styles/libs/bootstrap.min.css
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 16 May 2020 12:31:37 GMT
server: cloudflare
etag: W/"5ebfdd29-27293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5ce8bd6e4b4ad6f9-FRA
cf-request-id: 050554b8eb0000d6f9d1180200000001

GET
H2 200 styles.css
tohavefuntoday.com/offer/blue-sky/assets/ 4 KB
1 KB 99ms
96ms Stylesheet
text/css 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b7f1bbdb9950213784e17cca81e28619635f1dc99f83e7a9d0676ccf56a3f1

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Jun 2020 01:59:00 GMT
server: cloudflare
etag: W/"5ed5b264-14c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-polished: origSize=5314
cf-ray: 5ce8bd6e4b4cd6f9-FRA
cf-request-id: 050554b8eb0000d6f9d1181200000001
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
574 B 17ms
13ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Requested by

Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8df908269a3343a24faefda741524c1c20d9cb408cd02959c5aee0a9d592baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Sep 2020 14:04:34 GMT
server: ESF
date: Sun, 06 Sep 2020 14:04:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Sep 2020 14:04:34 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
567 B 23ms
6ms Script
text/javascript 2a04:4e42::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=fetch%2Cdefault

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 10066924
detected-user-agent: Chrome Mobile/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 May 2020 15:18:50 GMT
date: Sun, 06 Sep 2020 14:04:34 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 require.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 17 KB
6 KB 125ms
122ms Script
application/javascript 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 16 May 2020 04:34:25 GMT
server: cloudflare
etag: W/"5ebf6d51-451f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ce8bd6e4b4fd6f9-FRA
cf-request-id: 050554b8ec0000d6f9d1182200000001

GET
H2 200 security.png
tohavefuntoday.com/offer/blue-sky/assets/ 3 KB
3 KB 85ms
81ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/security.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5c6c733b615acb04432cce77d3bda74406d45a80556f0ee4193ab49776878e

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: MISS
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
etag: "5ed2cd14-c77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6e4b59d6f9-FRA
content-length: 3191
cf-request-id: 050554b8ed0000d6f9d1184200000001

GET
H2 200 cards-small.png
tohavefuntoday.com/offer/blue-sky/assets/ 4 KB
4 KB 95ms
92ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/cards-small.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9abf1dd8ab5f8a133c59bd0092a99121fb3518e63661105f0a03ba5d0bf810f7

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 31 May 2020 11:25:50 GMT
server: cloudflare
etag: "5ed3943e-111a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6e4b5bd6f9-FRA
content-length: 4378
cf-request-id: 050554b8ed0000d6f9d1185200000001

GET
H2 200 secure1.png
tohavefuntoday.com/offer/blue-sky/assets/ 2 KB
2 KB 92ms
89ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/secure1.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9451541c6bb6cc85c8d831ebe52791b3f76de10972fecc3caf3a4c458dbdc1c9

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: MISS
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
etag: "5ed2cd14-84d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6e4b5cd6f9-FRA
content-length: 2125
cf-request-id: 050554b8ee0000d6f9d1186200000001

GET
H2 200 secure2.png
tohavefuntoday.com/offer/blue-sky/assets/ 2 KB
2 KB 89ms
86ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/secure2.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0749d3b5d7396249ca9bc52e31462245fd8fe293be0c733070bb2370b65da5d8

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: MISS
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
etag: "5ed2cd14-88f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6e4b5dd6f9-FRA
content-length: 2191
cf-request-id: 050554b8ee0000d6f9d1187200000001

GET
H2 200 secure3.png
tohavefuntoday.com/offer/blue-sky/assets/ 2 KB
3 KB 86ms
84ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/secure3.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54cd0acb93bbf729ea013c730c072062cf24765eaad8e4d147246643e0fd049

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: MISS
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
etag: "5ed2cd14-9d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6e4b5fd6f9-FRA
content-length: 2515
cf-request-id: 050554b8ee0000d6f9d1188200000001

GET
H2 200 iphone11.png
tohavefuntoday.com/offer/blue-sky/images/iphone11/ 25 KB
25 KB 100ms
98ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/images/iphone11/iphone11.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c702997a29d382c007c727f6ceb5198c3b5a92f76e21d6a2904eb4f247e5ba1e

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 31 May 2020 04:13:15 GMT
server: cloudflare
etag: "5ed32edb-6236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6e4b60d6f9-FRA
content-length: 25142
cf-request-id: 050554b8ee0000d6f9d1189200000001

GET
H2 200 iphones.png
tohavefuntoday.com/offer/blue-sky/images/iphone11/ 20 KB
21 KB 110ms
108ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/images/iphone11/iphones.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d76c66e0efb70cea1c6f6e1a059be4cf1a181a3947b96bfaa5863fc0270a95

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: MISS
last-modified: Sun, 31 May 2020 04:13:05 GMT
server: cloudflare
etag: "5ed32ed1-51c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6e4b61d6f9-FRA
content-length: 20934
cf-request-id: 050554b8ee0000d6f9d118a200000001

GET
H2 200 iphone-bottom.png
tohavefuntoday.com/offer/blue-sky/images/iphone11/ 11 KB
11 KB 88ms
86ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/images/iphone11/iphone-bottom.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5bf5bd85160e3559fd442d5d3e0ab7218db6e2ac2ffaa6df3407ce5d165652

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 31 May 2020 04:12:56 GMT
server: cloudflare
etag: "5ed32ec8-2b93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6e4b6cd6f9-FRA
content-length: 11155
cf-request-id: 050554b8f10000d6f9d118c200000001

GET
H2 200 email-decode.min.js Show response
tohavefuntoday.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
870 B 11ms
8ms Script
application/javascript 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tohavefuntoday.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:34 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 01 Sep 2020 23:31:46 GMT
server: cloudflare
etag: W/"5f4ed9e2-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5ce8bd6e4b54d6f9-FRA
cf-request-id: 050554b8ed0000d6f9d1183200000001
expires: Tue, 08 Sep 2020 14:04:34 GMT

GET
H2 200 logo.png
tohavefuntoday.com/offer/blue-sky/assets/ 18 KB
18 KB 136ms
136ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/logo.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ca9c4fa1b4a4e126f99369449c0bac42c15d1f89c21c8466ce907b4f6083def

Request headers

Referer: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: MISS
last-modified: Sun, 31 May 2020 11:22:30 GMT
server: cloudflare
etag: "5ed39376-4683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6f4db9d6f9-FRA
content-length: 18051
cf-request-id: 050554b98f0000d6f9d1198200000001

GET
H2 200 bg-top.jpg
tohavefuntoday.com/offer/blue-sky/assets/ 23 KB
23 KB 100ms
100ms Image
image/jpeg 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/bg-top.jpg
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 474d9fc8906c9fe92c8b613460af908802861482eebd1e1631635bf3ab5553e6

Request headers

Referer: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: MISS
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
etag: "5ed2cd14-5c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6f4dbcd6f9-FRA
content-length: 23681
cf-request-id: 050554b98f0000d6f9d1199200000001

GET
H2 200 alert.png
tohavefuntoday.com/offer/blue-sky/assets/ 378 B
488 B 89ms
89ms Image
image/png 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/alert.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358a280c11bdd4dff5d84709691c8918551907abaecb34344f57820a5092693c

Request headers

Referer: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
cf-cache-status: MISS
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
etag: "5ed2cd14-17a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ce8bd6f4dc1d6f9-FRA
content-length: 378
cf-request-id: 050554b98f0000d6f9d119a200000001

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 529229
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:06 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:39 GMT
server: sffe
age: 529185
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:50 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 529233
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:02 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh7USSwaPGQ3q5d0N7w.woff2
fonts.gstatic.com/s/lato/v16/ 3 KB
3 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwaPGQ3q5d0N7w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aadb8d59b41e9d44940f8df2a4c0d4a95bc0b9ef760b5d0861655e4e40f11b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:09:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:43 GMT
server: sffe
age: 536076
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2888
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:09:59 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
fonts.gstatic.com/s/lato/v16/ 3 KB
3 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:06:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:44 GMT
server: sffe
age: 536290
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2888
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:06:25 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwaPGQ3q5d0N7w.woff2
fonts.gstatic.com/s/lato/v16/ 3 KB
3 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwaPGQ3q5d0N7w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9777cdc714f5f41e30b3ce3bef443895e7e454bc304e32bb97d20c4e3d78032e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:06:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:46 GMT
server: sffe
age: 536304
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2944
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:06:11 GMT

GET
H2 200 main.js Show response
tohavefuntoday.com/offer/blue-sky/assets/ 7 KB
2 KB 78ms
77ms Script
application/javascript 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/main.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9513971e461d43b690986b9787680058bd19e723b1b8d4c3493f4705f604d6

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Jun 2020 06:34:07 GMT
server: cloudflare
etag: W/"5ed5f2df-29e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-polished: origSize=10725
cf-ray: 5ce8bd6f9e62d6f9-FRA
cf-request-id: 050554b9c00000d6f9d119f200000001
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 87 KB
30 KB 126ms
126ms Script
application/javascript 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/jquery.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 31 May 2020 09:07:43 GMT
server: cloudflare
etag: W/"5ed373df-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ce8bd702f9bd6f9-FRA
cf-request-id: 050554ba140000d6f9d11b0200000001

GET
H2 200 parsley-card-validator.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 491 B
384 B 85ms
84ms Script
application/javascript 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/parsley-card-validator.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9138ebbe6343cc157e02d63f60fe287856ea799f750751db83b2b21c4276588d

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 May 2020 00:36:32 GMT
server: cloudflare
etag: W/"5ec47b90-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ce8bd702fb3d6f9-FRA
cf-request-id: 050554ba1b0000d6f9d11b2200000001

GET
H2 200 bootstrap.bundle.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 79 KB
20 KB 137ms
136ms Script
application/javascript 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/bootstrap.bundle.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 May 2020 16:52:01 GMT
server: cloudflare
etag: W/"5ebad431-13cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ce8bd71096fd6f9-FRA
cf-request-id: 050554baa20000d6f9d11b8200000001

GET
H2 200 parsley.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 42 KB
12 KB 131ms
131ms Script
application/javascript 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/parsley.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44767fe9276b724f7edac5b1083e4c9451fb86d725d1d3e615fa1fa3a617a6e

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 May 2020 05:37:15 GMT
server: cloudflare
etag: W/"5ec0cd8b-a715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ce8bd710975d6f9-FRA
cf-request-id: 050554baa30000d6f9d11b9200000001

GET
H2 200 util.js Show response
tohavefuntoday.com/includes/scripts/ 4 KB
2 KB 85ms
85ms Script
application/javascript 2606:4700:3033::6818:6b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/util.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:6b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c03df0d6293b4fb168d6663512a78c31c9434a2684e9b25665da7b79208794a

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 02 Jun 2020 06:34:07 GMT
server: cloudflare
etag: W/"5ed5f2df-185d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-polished: origSize=6237
cf-ray: 5ce8bd71eb5cd6f9-FRA
cf-request-id: 050554bb2c0000d6f9d11c1200000001
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-168088715-1

Requested by

Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57099f5ac5e9d1e626de7661ba2ad1cccef4fc1243624f3c39da05ab7be74594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 14:04:35 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35611
x-xss-protection: 0
last-modified: Sun, 06 Sep 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Sep 2020 14:04:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168088715-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 2935
date: Sun, 06 Sep 2020 13:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Sun, 06 Sep 2020 15:15:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=163202780&t=pageview&_s=1&dl=https%3A%2F%2Ftohavefuntoday.com%2Foffer%2F%3Feoc%3DN4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA%26egc%3DN4XyA%26edc%3DN4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs%2BgKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2%2BtsODkA%26a%3D237%26c%3D9f7d0bz3ztwy9393%26e%3D93468452%26f%3D%7Bt9%7D%26k%3D15bb99584051199a74%26l%3DCZ%26m%3D%7Bt1%7D%26p%3D100674%26s%3DAVI&dr=https%3A%2F%2Fmactional-detions.icu%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWY1MTc2NWEyLWUzZjktNGMyMi04MjNmLTcxZWZiZWEzZDAzOSZzMj13aG5ydXM2MHVxbnB1Nm8xaWJtZ292NXU%26ts%3D1599401073624%26hash%3Dn1U84uaMzVL5wYxaSZqr1z5vxEHpVEU7Ptab3FdtxF0%26rm%3DDJ&dp=%2F%3Feoc%3DN4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA%26egc%3DN4XyA%26edc%3DN4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs%2BgKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2%2BtsODkA%26a%3D237%26c%3D9f7d0bz3ztwy9393%26e%3D93468452%26f%3D%7Bt9%7D%26k%3D15bb99584051199a74%26l%3DCZ%26m%3D%7Bt1%7D%26p%3D100674%26s%3DAVI&ul=en-us&de=UTF-8&dt=iPhone%2011%20Pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=AVI&_u=IGBACUABBAAAAC~&jid=734002671&gjid=1034170431&cid=1046265826.1599401076&tid=UA-168088715-1&_gid=1509549460.1599401076&_r=1&gtm=2ou8q1&z=992243018

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Sep 2020 14:04:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://tohavefuntoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=163202780&t=pageview&_s=2&dl=https%3A%2F%2Ftohavefuntoday.com%2Foffer%2F%3Feoc%3DN4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA%26egc%3DN4XyA%26edc%3DN4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs%2BgKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2%2BtsODkA%26a%3D237%26c%3D9f7d0bz3ztwy9393%26e%3D93468452%26f%3D%7Bt9%7D%26k%3D15bb99584051199a74%26l%3DCZ%26m%3D%7Bt1%7D%26p%3D100674%26s%3DAVI&dr=https%3A%2F%2Fmactional-detions.icu%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWY1MTc2NWEyLWUzZjktNGMyMi04MjNmLTcxZWZiZWEzZDAzOSZzMj13aG5ydXM2MHVxbnB1Nm8xaWJtZ292NXU%26ts%3D1599401073624%26hash%3Dn1U84uaMzVL5wYxaSZqr1z5vxEHpVEU7Ptab3FdtxF0%26rm%3DDJ&dp=%2F%3Feoc%3DN4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA%26egc%3DN4XyA%26edc%3DN4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs%2BgKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2%2BtsODkA%26a%3D237%26c%3D9f7d0bz3ztwy9393%26e%3D93468452%26f%3D%7Bt9%7D%26k%3D15bb99584051199a74%26l%3DCZ%26m%3D%7Bt1%7D%26p%3D100674%26s%3DAVI&ul=en-us&de=UTF-8&dt=iPhone%2011%20Pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=AVI&_u=IGBACUABBAAAAC~&jid=&gjid=&cid=1046265826.1599401076&tid=UA-168088715-1&_gid=1509549460.1599401076&gtm=2ou8q1&z=343353100

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 21:16:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2652466
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-168088715-1&cid=1046265826.1599401076&jid=734002671&gjid=1034170431&_gid=1509549460.1599401076&_u=IGBACUAABAAAAC~&z=759925366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=9f7d0bz3ztwy9393&e=93468452&f={t9}&k=15bb99584051199a74&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 06 Sep 2020 14:04:35 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://tohavefuntoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webapplepie.com
URL: https://webapplepie.com/?a=100674&c=108894&s1=f51765a2-e3f9-4c22-823f-71efbea3d039&s2=whnrus60uqnpu6o1ibmgov5u

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tohavefuntoday.com/	1970-01-19 12:59:53	Name: __cfduid Value: d8ca8b3129b8ec38a7c8a521b726e584e1599401074
			tohavefuntoday.com/offer	1970-01-19 12:16:41	Name: cid Value: c2a273d40cc3e10bb1379e1b4c93eeffea97445e

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4LrfPkpjoGSAiymb4OWHUmevip3Q/m=_b,_tp(Line 406) Message: %c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api	log	URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.tBqYhZ_z9NQ.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4LrfPkpjoGSAiymb4OWHUmevip3Q/m=_b,_tp(Line 406) Message: %c%s font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b4Ajs7qNO3zhkfrjzhDdDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-b4Ajs7qNO3zhkfrjzhDdDQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitinvestltd.page.link
fonts.googleapis.com
fonts.gstatic.com
jorsentese.com
mactional-detions.icu
polyfill.io
stats.g.doubleclick.net
tohavefuntoday.com
track.click999.com
trackingthebird.com
webapplepie.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
webapplepie.com
178.213.50.250
18.200.180.197
2606:4700:3033::6818:6b3e
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:801::200e
2a00:1450:4001:808::2003
2a00:1450:4001:817::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81e::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c0c::9d
2a04:4e42::621
3.212.127.216
35.157.125.133
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06b7f1bbdb9950213784e17cca81e28619635f1dc99f83e7a9d0676ccf56a3f1
0749d3b5d7396249ca9bc52e31462245fd8fe293be0c733070bb2370b65da5d8
0a51bb1e83ef10e5ed56ce1c77f53ac863b1fb5757e857ad7f0b39949966585b
0e0a3dd6cd65b43a04a429d09d5134d7902b68cefe43d432ba97cd782b22aa78
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
358a280c11bdd4dff5d84709691c8918551907abaecb34344f57820a5092693c
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
42098685ae7efb38ad55259141502852204ccb82aeb4198f405445ba6099981e
474d9fc8906c9fe92c8b613460af908802861482eebd1e1631635bf3ab5553e6
4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81
56011ffe063ec0272926bd3dd25c8a45cb4b88cc676e0418ac85e111dd359035
57099f5ac5e9d1e626de7661ba2ad1cccef4fc1243624f3c39da05ab7be74594
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6960267ddc2f2fe78d666b70c2a3663c11b0dc49150af387c75e691b410f8568
6a9513971e461d43b690986b9787680058bd19e723b1b8d4c3493f4705f604d6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c03df0d6293b4fb168d6663512a78c31c9434a2684e9b25665da7b79208794a
6f5c6c733b615acb04432cce77d3bda74406d45a80556f0ee4193ab49776878e
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ca9c4fa1b4a4e126f99369449c0bac42c15d1f89c21c8466ce907b4f6083def
9138ebbe6343cc157e02d63f60fe287856ea799f750751db83b2b21c4276588d
9451541c6bb6cc85c8d831ebe52791b3f76de10972fecc3caf3a4c458dbdc1c9
9777cdc714f5f41e30b3ce3bef443895e7e454bc304e32bb97d20c4e3d78032e
9abf1dd8ab5f8a133c59bd0092a99121fb3518e63661105f0a03ba5d0bf810f7
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a44767fe9276b724f7edac5b1083e4c9451fb86d725d1d3e615fa1fa3a617a6e
a8df908269a3343a24faefda741524c1c20d9cb408cd02959c5aee0a9d592baf
aadb8d59b41e9d44940f8df2a4c0d4a95bc0b9ef760b5d0861655e4e40f11b6e
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
b54cd0acb93bbf729ea013c730c072062cf24765eaad8e4d147246643e0fd049
c702997a29d382c007c727f6ceb5198c3b5a92f76e21d6a2904eb4f247e5ba1e
cd2b68f6a627ec5e152dcb2a02301220333b82231d0126fa1eb8630c9483f650
cd5bf5bd85160e3559fd442d5d3e0ab7218db6e2ac2ffaa6df3407ce5d165652
d0d76c66e0efb70cea1c6f6e1a059be4cf1a181a3947b96bfaa5863fc0270a95
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

tohavefuntoday.com Open in urlscan Pro 2606:4700:3033::6818:6b3e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

98 %HTTPS

73 %IPv6

13 Domains

14 Subdomains

13 IPs

6 Countries

399 kBTransfer

937 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tohavefuntoday.com Open in urlscan Pro
2606:4700:3033::6818:6b3e Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

98 %
HTTPS

73 %
IPv6

13
Domains

14
Subdomains

13
IPs

6
Countries

399 kB
Transfer

937 kB
Size

2
Cookies

42 HTTP transactions
0 data transactions