mastermindescapegames.com Open in urlscan Pro
185.151.30.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001_SQNYnPwNhwBsts-DUe1MX77QzSq6_j0ur9AErHrhz2gLtBQx8MEXIoA7jIoeXVFCoWyzRWxWJGmzXOum1cb...
Effective URL:
https://mastermindescapegames.com/schaumburg-buy-voucher/
Submission: On January 12 via api (January 12th 2024, 1:10:05 am UTC) from CA — Scanned from CA

Summary HTTP 52 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 52 HTTP transactions. The main IP is 185.151.30.166, located in United Kingdom and belongs to TWENTYI, GB. The main domain is mastermindescapegames.com.
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.

This is the only time mastermindescapegames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
10	185.151.30.166 185.151.30.166	48254 (TWENTYI) (TWENTYI)
2	142.251.111.97 142.251.111.97	15169 (GOOGLE) (GOOGLE)
1	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
4	37.19.207.34 37.19.207.34	60068 (CDN77 ^_^) (CDN77 ^_^)
1	168.235.82.161 168.235.82.161	3842 (RAMNODE) (RAMNODE)
3	172.253.122.102 172.253.122.102	15169 (GOOGLE) (GOOGLE)
6	172.253.115.94 172.253.115.94	15169 (GOOGLE) (GOOGLE)
17	66.151.242.42 66.151.242.42	12179 (INTERNAP-...) (INTERNAP-2BLK)
3	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
2	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
2	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
1	142.251.16.104 142.251.16.104	15169 (GOOGLE) (GOOGLE)
52	12

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.151.30.166 (United Kingdom)

ASN48254 (TWENTYI, GB)
PTR: 185-151-30-166.ptr4.stackcp.net

mastermindescapegames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.111.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 37-19-207-34.bunnyinfra.net

hb.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.235.82.161 (United States)

ASN3842 (RAMNODE, US)
PTR: 168-235-82-161.cloud.ramnode.com

bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 66.151.242.42 (Chicago, United States)

ASN12179 (INTERNAP-2BLK, US)

www-1554p.bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	bookeo.com bookeo.com — Cisco Umbrella Rank: 167551 www-1554p.bookeo.com	722 KB
10	mastermindescapegames.com mastermindescapegames.com	140 KB
6	gstatic.com fonts.gstatic.com	211 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 266 www.google.com — Cisco Umbrella Rank: 6	758 B
4	wpmucdn.com hb.wpmucdn.com — Cisco Umbrella Rank: 87729	150 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8688	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 184	411 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	159 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 17412	375 B
52	11

	Domain	Requested by
17	www-1554p.bookeo.com	bookeo.com www-1554p.bookeo.com
10	mastermindescapegames.com	mastermindescapegames.com hb.wpmucdn.com
6	fonts.gstatic.com	fonts.googleapis.com
4	hb.wpmucdn.com	mastermindescapegames.com
3	analytics.google.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com mastermindescapegames.com
2	www.google.ca	mastermindescapegames.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	mastermindescapegames.com www.googletagmanager.com
1	www.google.com	mastermindescapegames.com
1	bookeo.com	mastermindescapegames.com
1	fonts.googleapis.com	mastermindescapegames.com
1	r20.rs6.net	1 redirects
52	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.mastermindescapegames.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.wpmucdn.com RapidSSL TLS RSA CA G1	`2023-03-24` - `2024-03-23`	a year	crt.sh
*.bookeo.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-08` - `2024-03-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mastermindescapegames.com/schaumburg-buy-voucher/
Frame ID: 6920E8BDA95984BD5E7979DD519C6133
Requests: 35 HTTP requests in this frame

Frame: https://www-1554p.bookeo.com/-misc-widgetProvider.html?aguid=415549HKLPR152F674209A&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default4316&xdm_p=1
Frame ID: 5CF635014A372B40B25C40D2D6765798
Requests: 3 HTTP requests in this frame

Frame: https://www-1554p.bookeo.com/bookeo/startroute_415549HKLPR152F674209A?ralias=true&axiomframed=true&inwidget=true&a=415549HKLPR152F674209A&startmode=buyvoucher&aguid=415549HKLPR152F674209A&axiom_bid=cyanepnnehunjytk&w=-1641371158&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&m=252a23213139
Frame ID: E7891E54114859CD37086C5327915087
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Schaumburg Buy Voucher - Mastermind Escape Rooms

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001_SQNYnPwNhwBsts-DUe1MX77QzSq6_j0ur9AErHrhz2gLtBQx8MEXIoA7jIoeXVF... HTTP 302
https://mastermindescapegames.com/schaumburg-buy-voucher/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

52
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1408 kB
Transfer

3707 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Mastermind-Escape-Games-GA-1722277701335819/

Search URL Search Domain Scan URL

URL: https://twitter.com/MMEscapeGames

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mastermindescapegames/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7UZe24wV3KbNYUtd6vcxg/featured

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001_SQNYnPwNhwBsts-DUe1MX77QzSq6_j0ur9AErHrhz2gLtBQx8MEXIoA7jIoeXVFCoWyzRWxWJGmzXOum1cbdBQjwqm-YEPRbar4RYxEqEpq-JUDaJOiwkBpMRysDp3TlYKjxxhA9zKFRW66F-MhqNa9PY2oh5uVwxv3JSVjwJ3XnyLBwLC-Hby-nC6dsV0y&c=wGqiq2WAzGJXAHPQ_NhP0WxQE3PbkhJ4iNWjvcDA2HrXPmm5TbfPaQ==&ch=81b-UGYkbr_DOZ1bBYqHJntKCKMSrupmVs-PLbSQMrCKOuOqqvmTWA== HTTP 302
https://mastermindescapegames.com/schaumburg-buy-voucher/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mastermindescapegames.com/schaumburg-buy-voucher/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001_SQNYnPwNhwBsts-DUe1MX77QzSq6_j0ur9AErHrhz2gLtBQx8MEXIoA7jIoeXVFCoWyzRWxWJGmzXOum1cbdBQjwqm-YEPRbar4RYxEqEpq-JUDaJOiwkBpMRysDp3TlYKjxxhA9zKFRW66F-MhqNa9PY2oh5uVwxv3J...
https://mastermindescapegames.com/schaumburg-buy-voucher/

20 KB
6 KB

892ms
657ms

Document
text/html

185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache / PHP/7.4.33
Resource Hash: de1c134161558b8f9506c69d39924a8f5b0357c645636564cd58bf169e6cb3d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, s-maxage=216000 max-age=86400
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 01:09:41 GMT
expires: Sat, 13 Jan 2024 01:02:24 GMT
hummingbird-cache: Served
link: <https://mastermindescapegames.com/wp-json/>; rel="https://api.w.org/", <https://mastermindescapegames.com/wp-json/wp/v2/pages/9431>; rel="alternate"; type="application/json", <https://mastermindescapegames.com/?p=9431>; rel=shortlink
server: Apache
vary: Accept-Encoding Accept-Encoding
x-cache-enabled: true
x-cdn-cache-status: MISS
x-origin-cache-status: HIT
x-powered-by: PHP/7.4.33
x-provided-by: StackCDN
x-stackcache-cacheable: yes
x-via: SEA1

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 12 Jan 2024 01:09:48 GMT
Location: https://mastermindescapegames.com/schaumburg-buy-voucher/
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 467ms
162ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3a51238784b86e5628c9411813a419d13ab5486a2c9cdbe0206a31cb1d63dca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jan 2024 01:09:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
3 KB 453ms
148ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic%7CPT+Sans%3A400italic%2C700italic%2C400%2C700%7CLato%3A300italic%2C300%7CMuli%3A300%2C300italic&ver=1.0

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

cb9d86e360da167a4c1fd313b60cc9fab3fd1c99e53e256d33723964f78f6f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 01:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 01:09:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 01:09:49 GMT

GET
H2 200 d5e1e07c-1030-4ad5-a66f-1d4c8459f324.css
hb.wpmucdn.com/mastermindescapegames.com/ 269 KB
50 KB 534ms
226ms Stylesheet
text/css 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/d5e1e07c-1030-4ad5-a66f-1d4c8459f324.css
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: ee9cfefbf86baf5ba013b1d619e5e430115bd6b2ce9ea4b0f0df3e655f52fbae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:49 GMT
content-encoding: br
cdn-edgestorageid: 925
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/11/2024 03:25:14
cdn-pullzone: 1101156
last-modified: Thu, 11 Jan 2024 02:42:46 GMT
server: BunnyCDN-ASB1-925
x-amz-meta-hb-minify: minify=0.0%, origSize=109898
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"e41d2aabba5473b78bc3aa2c4e20ee85"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c037b96917a11cc187bd4e9f7ce25b14
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6bc7f6ea-3018-44fc-8a15-a9e892f2a9dd.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 99 KB
37 KB 611ms
303ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/6bc7f6ea-3018-44fc-8a15-a9e892f2a9dd.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:49 GMT
content-encoding: br
cdn-edgestorageid: 925
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/11/2024 03:25:14
cdn-pullzone: 1101156
last-modified: Thu, 11 Jan 2024 02:42:47 GMT
server: BunnyCDN-ASB1-925
x-amz-meta-hb-minify: minify=0.0%, origSize=87553
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"4f37101ff3ee8f069d1ca3852ffbbf18"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 0c5e50af2a95e7a75843f81c5cbeaff4
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 5058656f-46ed-4d7b-85a5-cb11ec93e3ef.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 134 KB
43 KB 612ms
305ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/5058656f-46ed-4d7b-85a5-cb11ec93e3ef.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 1717563adc25178aca7302724a4329aa4e4aabb9e3ae93f892a9990c9d05fea1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:49 GMT
content-encoding: br
cdn-edgestorageid: 925
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/11/2024 03:25:14
cdn-pullzone: 1101156
last-modified: Thu, 11 Jan 2024 02:42:49 GMT
server: BunnyCDN-ASB1-925
x-amz-meta-hb-minify: minify=1.5%, origSize=21070
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"b8654eb821c84782d605bf8cbcfee519"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 8431c9a9fa42b6138aa0cf4a9000da26
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 nav-logo.jpg
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 5 KB
5 KB 91ms
82ms Image
image/jpeg 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/nav-logo.jpg
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: e4f0da36ba04aac07d40d906e0f76ed04dc1ee86c56ffdf5c2306980277c7039

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/schaumburg-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "1419-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/jpeg
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5145
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 responsive-menu-icon.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 237 B
502 B 91ms
83ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/responsive-menu-icon.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 67c14596c1956697b6f7dd0f7f67cb4f50118d70608ca2a16dee3364d679535d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/schaumburg-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "ed-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 237
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:56 GMT

GET
H2 200 widget.js Show response
bookeo.com/ 111 KB
24 KB 509ms
193ms Script
text/javascript 168.235.82.161
RAMNODE

General

Check archive.org

Show headers Download Go to

Full URL

https://bookeo.com/widget.js?a=415549HKLPR152F674209A&startmode=buyvoucher

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

168.235.82.161 , United States, ASN3842 (RAMNODE, US),

Reverse DNS

168-235-82-161.cloud.ramnode.com

Software

Resource Hash

f4dbd65bd17727b451b7326139dbe973d9ccb416c581a908cb240694e948375e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/footer/ 57 KB
58 KB 121ms
121ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/footer/logo.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 2b1e0ecdd104445637dac412934d2e088639b151908a25afece5d0cfa31df03f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/schaumburg-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "e5de-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 58846
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 TA-Award2023.jpg
mastermindescapegames.com/wp-content/uploads/2023/12/ 66 KB
67 KB 90ms
90ms Image
image/jpeg 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2023/12/TA-Award2023.jpg
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: b1619d3df21b66e8c20bd61a03d42c9d8eb6f371f2c3713dbd6c38005a341053

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/schaumburg-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Sat, 16 Dec 2023 21:38:00 GMT
server: Apache
etag: "109dc-60ca754b036fc"
x-cdn-cache-status: HIT
content-type: image/jpeg
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 68060
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 icon-facebook.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 344 B
610 B 131ms
131ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-facebook.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 140884f9d4db6142c411cc9b0249c7b3661ad04d7c1c76b538bc7d4a6a1896fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/schaumburg-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "158-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 344
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 icon-twitter.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 370 B
636 B 128ms
128ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-twitter.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: d5479f9f1e8b9af94b2320d3deaab72e3a71c5adc6dffb1d39c5b4487bd6e407

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/schaumburg-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "172-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 370
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 icon-insta.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 335 B
601 B 78ms
78ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-insta.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: a19e9cf0b99054e9c1a6fdc2289491c63a3fef977ad661b1d2532a575a99874c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/schaumburg-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "14f-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 335
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 youtube-icon.png
mastermindescapegames.com/wp-content/uploads/2016/06/ 1 KB
2 KB 77ms
77ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/06/youtube-icon.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 50b9097027b8ceb680e172b8ed6ad7f8495c4642f8fa6f5c2c01470dbc307495

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/schaumburg-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Tue, 14 Jun 2016 19:24:21 GMT
server: Apache
etag: "5fa-53541f3ae8340"
x-cdn-cache-status: HIT
content-type: image/png
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1530
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 2e923ff5-0960-41b8-9632-4e7435e1fe14.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 57 KB
20 KB 154ms
153ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/2e923ff5-0960-41b8-9632-4e7435e1fe14.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 73c87f36b805db1de70262fdb381b78500767d72c2a0a09dbcc5c1efc8b02954

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:50 GMT
content-encoding: br
cdn-edgestorageid: 925
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/11/2024 03:25:14
cdn-pullzone: 1101156
last-modified: Thu, 11 Jan 2024 02:42:49 GMT
server: BunnyCDN-ASB1-925
x-amz-meta-hb-minify: minify=0.0%, origSize=57925
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"cc3ea88605b54322a605c2796fb8a804"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 39b5eebfdc4e0cf7edc5f9991894df9e
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 170ms
152ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

14364ecb51532a35a3ecb1f636b8a530b7e6e43f60f116e5499cbb190788fa1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jan 2024 01:09:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 546ms
142ms Script
text/javascript 172.253.122.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 23:39:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5402
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Jan 2024 01:39:49 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 493ms
140ms Font
font/woff2 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic%7CPT+Sans%3A400italic%2C700italic%2C400%2C700%7CLato%3A300italic%2C300%7CMuli%3A300%2C300italic&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 03:39:45 GMT
x-content-type-options: nosniff
age: 595805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 03:39:45 GMT

GET
H2 200 location-selector-arrow.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 170 B
435 B 75ms
74ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/location-selector-arrow.png
Requested by: Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/mastermindescapegames.com/d5e1e07c-1030-4ad5-a66f-1d4c8459f324.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 7ca40cacffbd24fd9488767a3989a1b8364fba4170659edffa0b8ebd6ca955e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hb.wpmucdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:09:41 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "aa-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: SEA1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 170
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:16:19 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 564ms
384ms Font
font/woff2 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:11:30 GMT
x-content-type-options: nosniff
age: 241100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 06:11:30 GMT

GET
H2 200 jizdRExUiTo99u79D0e8fOydLxUd.woff2
fonts.gstatic.com/s/ptsans/v17/ 32 KB
32 KB 547ms
380ms Font
font/woff2 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizdRExUiTo99u79D0e8fOydLxUd.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 14:55:35 GMT
x-content-type-options: nosniff
age: 468855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32964
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 14:55:35 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 429ms
263ms Font
font/woff2 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 14:54:52 GMT
x-content-type-options: nosniff
age: 468898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 14:54:52 GMT

GET
H2 200 7Aulp_0qiz-aVz7u3PJLcUMYOFmQkEk30eg.woff2
fonts.gstatic.com/s/muli/v29/ 18 KB
18 KB 279ms
256ms Font
font/woff2 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Aulp_0qiz-aVz7u3PJLcUMYOFmQkEk30eg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

dfc55d536c0d9bed29a8396fc392f874410e2feae0ad97d081fb0b6b880e3f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 14:58:26 GMT
x-content-type-options: nosniff
age: 468684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18564
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:42:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 14:58:26 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 255ms
233ms Font
font/woff2 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:34:52 GMT
x-content-type-options: nosniff
age: 200098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 17:34:52 GMT

GET
H/1.1 200
OK -misc-widgetProvider.html Show response
www-1554p.bookeo.com/ Frame 5CF6 702 B
846 B 597ms
102ms Document
text/html 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/-misc-widgetProvider.html?aguid=415549HKLPR152F674209A&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default4316&xdm_p=1

Requested by

Host: bookeo.com
URL: https://bookeo.com/widget.js?a=415549HKLPR152F674209A&startmode=buyvoucher

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

750faf424bf17ccc99826a64335bb478efba878da1a95c77a13edb9ae5c070b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mastermindescapegames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 364
Content-Type: text/html;charset=utf-8
Date: Fri, 12 Jan 2024 01:09:51 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1554p_18cfb37dbe2

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 242ms
81ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je41a0v890886590&_p=1705021789161&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1910169811.1705021791&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705021791&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Fschaumburg-buy-voucher%2F&dt=Schaumburg%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&tfd=3959
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:09:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 439ms
156ms Ping
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P32SMH4GWQ&cid=1910169811.1705021791&gtm=45je41a0v890886590&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:09:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 434ms
154ms Image
image/gif 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P32SMH4GWQ&cid=1910169811.1705021791&gtm=45je41a0v890886590&aip=1&dma=0&gcd=11l1l1l1l1&z=247516314

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:09:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK easyXDM.min.js Show response
www-1554p.bookeo.com/bookeo/js-14.4.22/widgetcomm/ Frame 5CF6 99 KB
19 KB 207ms
206ms Script
text/javascript 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/js-14.4.22/widgetcomm/easyXDM.min.js

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/-misc-widgetProvider.html?aguid=415549HKLPR152F674209A&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default4316&xdm_p=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1554p.bookeo.com/-misc-widgetProvider.html?aguid=415549HKLPR152F674209A&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default4316&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:51 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2024 10:25:55 GMT
X-Bookeo-ResponseId: 1554p_18cfb37ddb6
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 19528
Expires: Wed, 08 Jan 2025 10:25:55 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1554p.bookeo.com/bookeo/js-14.4.22/ Frame 5CF6 733 KB
204 KB 391ms
183ms Script
text/javascript 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/js-14.4.22/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

4f6953530ba3eb85b7c69cc03f743f7d3bd37f11beb7803eafb1f5af82a0b61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1554p.bookeo.com/-misc-widgetProvider.html?aguid=415549HKLPR152F674209A&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default4316&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:51 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2024 10:25:55 GMT
X-Bookeo-ResponseId: 1554p_18cfb37de86
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 208241
Expires: Wed, 08 Jan 2025 10:25:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 161ms
160ms XHR
text/plain 172.253.122.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=893271672&t=pageview&_s=1&dl=https%3A%2F%2Fmastermindescapegames.com%2Fschaumburg-buy-voucher%2F&ul=en-us&de=UTF-8&dt=Schaumburg%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1949070476&gjid=2012109165&cid=1910169811.1705021791&tid=UA-84554046-2&_gid=261150268.1705021792&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1793228178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mastermindescapegames.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:09:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 150ms
149ms XHR
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-84554046-2&cid=1910169811.1705021791&jid=1949070476&gjid=2012109165&_gid=261150268.1705021792&_u=YADAAUAAAAAAACAAI~&z=813237351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mastermindescapegames.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Jan 2024 01:09:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 463ms
148ms Image
image/gif 142.251.16.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-84554046-2&cid=1910169811.1705021791&jid=1949070476&_u=YADAAUAAAAAAACAAI~&z=2032563836

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:09:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 186ms
169ms Image
image/gif 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-84554046-2&cid=1910169811.1705021791&jid=1949070476&_u=YADAAUAAAAAAACAAI~&z=2032563836

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:09:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK startroute_415549HKLPR152F674209A Show response
www-1554p.bookeo.com/bookeo/ Frame E789 19 KB
4 KB 161ms
160ms Document
text/html 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/startroute_415549HKLPR152F674209A?ralias=true&axiomframed=true&inwidget=true&a=415549HKLPR152F674209A&startmode=buyvoucher&aguid=415549HKLPR152F674209A&axiom_bid=cyanepnnehunjytk&w=-1641371158&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&m=252a23213139

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/js-14.4.22/bundle_customer_ui2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

297b158a2f4bd543e9e13bc7363a412bc124a55c0831e20087d892c7f5feeb1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1554p.bookeo.com/-misc-widgetProvider.html?aguid=415549HKLPR152F674209A&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default4316&xdm_p=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 3360
Content-Type: text/html;charset=utf-8
Date: Fri, 12 Jan 2024 01:09:52 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1554p_18cfb37e16d

GET
H/1.1 200
OK css
www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/ Frame E789 22 KB
2 KB 431ms
182ms Stylesheet
text/css 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/startroute_415549HKLPR152F674209A?ralias=true&axiomframed=true&inwidget=true&a=415549HKLPR152F674209A&startmode=buyvoucher&aguid=415549HKLPR152F674209A&axiom_bid=cyanepnnehunjytk&w=-1641371158&t=egb9qsmSn86GZAMctIBQD4egFltdBQwnSwWmWl64jlE%3D&c=03a&m=252a23213139

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

e7c2d3f1279a21f8a0914cd5cf0e62e7a546315794fefb01c64819d0b24208c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1554p.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Bookeo-ResponseId: 1554p_18cfb37e323
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400, no-transform
Expires: Sat, 13 Jan 2024 01:09:53 GMT

GET
H/1.1 200
OK bundle_customer_ui2.css
www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/ Frame E789 227 KB
38 KB 500ms
252ms Stylesheet
text/css 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/bundle_customer_ui2.css?bp_a=415549HKLPR152F674209A&bp_v=1691698336392

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

69ae5ebeb81683375bae66e21310c6b2545edc120c057b81a3863804ee0d7dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1554p.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2024 10:25:55 GMT
X-Bookeo-ResponseId: 1554p_18cfb37e316
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 38391
Expires: Wed, 08 Jan 2025 10:25:55 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1554p.bookeo.com/bookeo/js-14.4.22/ Frame E789 733 KB
204 KB 668ms
215ms Script
text/javascript 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/js-14.4.22/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

4f6953530ba3eb85b7c69cc03f743f7d3bd37f11beb7803eafb1f5af82a0b61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1554p.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2024 10:25:55 GMT
X-Bookeo-ResponseId: 1554p_18cfb37e3fc
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 208241
Expires: Wed, 08 Jan 2025 10:25:55 GMT

GET
H/1.1 200
OK axiom_en_US.js Show response
www-1554p.bookeo.com/bookeo/js-14.4.22/i18n/ Frame E789 68 KB
14 KB 683ms
211ms Script
text/javascript 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/js-14.4.22/i18n/axiom_en_US.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

8079786fbd0feb7430edc912b35269847527a8d9eaa0f3e026e0b395717f508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1554p.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2024 10:25:55 GMT
X-Bookeo-ResponseId: 1554p_18cfb37e425
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 13557
Expires: Wed, 08 Jan 2025 10:25:55 GMT

GET
H/1.1 200
OK cbpreferences.js Show response
www-1554p.bookeo.com/bookeo/dynjs/ Frame E789 13 KB
6 KB 673ms
149ms Script
text/javascript 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/dynjs/cbpreferences.js?ver=1704832020607&aid=780045&languageCode=en_US&v=14.4.22

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

15e234e8642c9e0f17cdbfac5a83130fd412b8e61692595e9baec86fafe13ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1554p.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2024 10:25:55 GMT
X-Bookeo-ResponseId: 1554p_18cfb37e461
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 6042
Expires: Wed, 08 Jan 2025 10:25:55 GMT

GET
H/1.1 200
OK select-arrow-round-light.png
www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/cssimages/ Frame E789 289 B
652 B 128ms
128ms Image
image/png 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/cssimages/select-arrow-round-light.png

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/bundle_customer_ui2.css?bp_a=415549HKLPR152F674209A&bp_v=1691698336392

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/bundle_customer_ui2.css?bp_a=415549HKLPR152F674209A&bp_v=1691698336392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:53 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 09 Jan 2024 10:15:25 GMT
X-Bookeo-ResponseId: 1554p_18cfb37e689
Content-Type: image/png;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Accept-Ranges: bytes
Content-Length: 289
Expires: Wed, 08 Jan 2025 10:25:55 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/ Frame E789 47 KB
47 KB 223ms
223ms Font
font/woff2 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

d5c27d359f87d61f94e7890b0bf8bfc55aa37c6c9835980c6469afd5cd02cc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700
Origin: https://www-1554p.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires: Sat, 11 Jan 2025 01:09:53 GMT
Date: Fri, 12 Jan 2024 01:09:53 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1554p_18cfb37e698
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK emu.ttf
www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/cssfonts/ Frame E789 21 KB
13 KB 164ms
164ms Font
application/octet-stream 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/cssfonts/emu.ttf

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/bundle_customer_ui2.css?bp_a=415549HKLPR152F674209A&bp_v=1691698336392

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

0fda8015d7310e7366d1909b488ac5597053822a76c4999ec3120b7af0890c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1554p.bookeo.com/bookeo/css-14.4.22/customerui2/bundle_customer_ui2.css?bp_a=415549HKLPR152F674209A&bp_v=1691698336392
Origin: https://www-1554p.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 01:09:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2024 10:15:25 GMT
X-Bookeo-ResponseId: 1554p_18cfb37e698
Vary: Accept-Encoding, User-Agent
Cache-Control: public, max-age=7776000, no-transform
Accept-Ranges: bytes
Content-Length: 13087
Expires: Wed, 08 Jan 2025 10:25:55 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/ Frame E789 35 KB
35 KB 194ms
179ms Font
font/woff2 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

4d1e987c2e6857f17109aa27f0a57c01b701a5ac3cd053c64adb19bac0f8f0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700
Origin: https://www-1554p.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires: Sat, 11 Jan 2025 01:09:54 GMT
Date: Fri, 12 Jan 2024 01:09:54 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1554p_18cfb37e6f0
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/ Frame E789 16 KB
16 KB 263ms
248ms Font
font/woff2 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

c66be1a223af66261ae55f0897d4daa91514e0310de6a3dbaf399bd5de3400c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700
Origin: https://www-1554p.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires: Sat, 11 Jan 2025 01:09:54 GMT
Date: Fri, 12 Jan 2024 01:09:54 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1554p_18cfb37e6ff
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/ Frame E789 46 KB
46 KB 206ms
167ms Font
font/woff2 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

ef64eac7a5af49d144dd588a1c1ddc1a70c31c7751592405a2b92084659c24ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700
Origin: https://www-1554p.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires: Sat, 11 Jan 2025 01:09:54 GMT
Date: Fri, 12 Jan 2024 01:09:54 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1554p_18cfb37e709
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2
www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/ Frame E789 21 KB
21 KB 257ms
180ms Font
font/woff2 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

f84bf8483437ef6a9dacf7ef9ace5029411f841fadd48154a5d7b658cd575cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700
Origin: https://www-1554p.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires: Sat, 11 Jan 2025 01:09:54 GMT
Date: Fri, 12 Jan 2024 01:09:54 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1554p_18cfb37e73f
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/ Frame E789 26 KB
26 KB 706ms
254ms Font
font/woff2 66.151.242.42
INTERNAP-2BLK

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: www-1554p.bookeo.com
URL: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.151.242.42 Chicago, United States, ASN12179 (INTERNAP-2BLK, US),

Reverse DNS

Software

Resource Hash

94dd79564f3a23c62b6ca2075ecf5b5b60cb676d3eab93cb79d4f1f59241dc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1554p.bookeo.com/bookeo/googlefonts/YE8w7CrY/css?family=Open+Sans:300,400,600,700
Origin: https://www-1554p.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires: Sat, 11 Jan 2025 01:09:54 GMT
Date: Fri, 12 Jan 2024 01:09:54 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1554p_18cfb37e8b0
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 322ms
152ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je41a0v890886590&_p=1705021789161&gcd=11l1l1l1l1&dma=0&cid=1910169811.1705021791&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1705021791&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Fschaumburg-buy-voucher%2F&dt=Schaumburg%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&en=scroll&epn.percent_scrolled=90&_et=110&tfd=6639
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:09:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 320ms
151ms Ping
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je41a0v890886590&_p=1705021789161&gcd=11l1l1l1l1&dma=0&cid=1910169811.1705021791&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=3&dp=%2Fbookeo%2Fbooking-type&dt=%2Fbookeo%2Fbooking-type&sid=1705021791&sct=1&seg=1&dl=https%3A%2F%2Fmastermindescapegames.com%2Fschaumburg-buy-voucher%2F&en=page_view&_c=1&_ee=1&_et=2465&tfd=6641
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 01:09:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 230ms
150ms Image
image/gif 172.253.122.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=893271672&t=pageview&_s=2&dl=https%3A%2F%2Fmastermindescapegames.com%2Fschaumburg-buy-voucher%2F&dp=%2Fbookeo%2Fbooking-type&ul=en-us&de=UTF-8&dt=%2Fbookeo%2Fbooking-type&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACACI~&jid=&gjid=&cid=1910169811.1705021791&tid=UA-84554046-2&_gid=261150268.1705021792&gtm=457e41a0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=2080624236

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/schaumburg-buy-voucher/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:03:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36387
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www-1554p.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID Value: u5fd504x52m11r06hozhztbm22860
.mastermindescapegames.com/	1970-01-21 03:13:01	Name: _ga Value: GA1.2.1910169811.1705021791
.mastermindescapegames.com/	1970-01-20 17:38:28	Name: _gid Value: GA1.2.261150268.1705021792
.mastermindescapegames.com/	1970-01-20 17:37:01	Name: _gat_gtag_UA_84554046_2 Value: 1
www-1554p.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID2 Value: UFTPX6PFYWEU34C3TFYNXPECUT6RTCCY
.mastermindescapegames.com/	1970-01-21 03:13:01	Name: _ga_P32SMH4GWQ Value: GS1.1.1705021791.1.1.1705021794.57.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://bookeo.com/widget.js?a=415549HKLPR152F674209A&startmode=buyvoucher(Line 489) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bookeo.com
fonts.googleapis.com
fonts.gstatic.com
hb.wpmucdn.com
mastermindescapegames.com
r20.rs6.net
stats.g.doubleclick.net
www-1554p.bookeo.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
142.251.111.97
142.251.16.104
168.235.82.161
172.253.115.94
172.253.122.102
172.253.122.95
172.253.63.155
172.253.63.94
185.151.30.166
208.75.122.11
216.239.38.181
37.19.207.34
66.151.242.42
001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0
0fda8015d7310e7366d1909b488ac5597053822a76c4999ec3120b7af0890c68
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
140884f9d4db6142c411cc9b0249c7b3661ad04d7c1c76b538bc7d4a6a1896fe
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14364ecb51532a35a3ecb1f636b8a530b7e6e43f60f116e5499cbb190788fa1a
15e234e8642c9e0f17cdbfac5a83130fd412b8e61692595e9baec86fafe13ac4
1717563adc25178aca7302724a4329aa4e4aabb9e3ae93f892a9990c9d05fea1
297b158a2f4bd543e9e13bc7363a412bc124a55c0831e20087d892c7f5feeb1d
2b1e0ecdd104445637dac412934d2e088639b151908a25afece5d0cfa31df03f
3a51238784b86e5628c9411813a419d13ab5486a2c9cdbe0206a31cb1d63dca1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4d1e987c2e6857f17109aa27f0a57c01b701a5ac3cd053c64adb19bac0f8f0ab
4f6953530ba3eb85b7c69cc03f743f7d3bd37f11beb7803eafb1f5af82a0b61c
50b9097027b8ceb680e172b8ed6ad7f8495c4642f8fa6f5c2c01470dbc307495
67c14596c1956697b6f7dd0f7f67cb4f50118d70608ca2a16dee3364d679535d
69ae5ebeb81683375bae66e21310c6b2545edc120c057b81a3863804ee0d7dde
73c87f36b805db1de70262fdb381b78500767d72c2a0a09dbcc5c1efc8b02954
750faf424bf17ccc99826a64335bb478efba878da1a95c77a13edb9ae5c070b9
7ca40cacffbd24fd9488767a3989a1b8364fba4170659edffa0b8ebd6ca955e0
8079786fbd0feb7430edc912b35269847527a8d9eaa0f3e026e0b395717f508a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
94dd79564f3a23c62b6ca2075ecf5b5b60cb676d3eab93cb79d4f1f59241dc2e
a19e9cf0b99054e9c1a6fdc2289491c63a3fef977ad661b1d2532a575a99874c
b1619d3df21b66e8c20bd61a03d42c9d8eb6f371f2c3713dbd6c38005a341053
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1
c66be1a223af66261ae55f0897d4daa91514e0310de6a3dbaf399bd5de3400c8
cb9d86e360da167a4c1fd313b60cc9fab3fd1c99e53e256d33723964f78f6f6d
d5479f9f1e8b9af94b2320d3deaab72e3a71c5adc6dffb1d39c5b4487bd6e407
d5c27d359f87d61f94e7890b0bf8bfc55aa37c6c9835980c6469afd5cd02cc1f
de1c134161558b8f9506c69d39924a8f5b0357c645636564cd58bf169e6cb3d2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc55d536c0d9bed29a8396fc392f874410e2feae0ad97d081fb0b6b880e3f10
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f0da36ba04aac07d40d906e0f76ed04dc1ee86c56ffdf5c2306980277c7039
e7c2d3f1279a21f8a0914cd5cf0e62e7a546315794fefb01c64819d0b24208c9
ee9cfefbf86baf5ba013b1d619e5e430115bd6b2ce9ea4b0f0df3e655f52fbae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64eac7a5af49d144dd588a1c1ddc1a70c31c7751592405a2b92084659c24ce
f4dbd65bd17727b451b7326139dbe973d9ccb416c581a908cb240694e948375e
f84bf8483437ef6a9dacf7ef9ace5029411f841fadd48154a5d7b658cd575cdc
fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

mastermindescapegames.com Open in urlscan Pro 185.151.30.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

1408 kBTransfer

3707 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mastermindescapegames.com Open in urlscan Pro
185.151.30.166 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1408 kB
Transfer

3707 kB
Size

6
Cookies

52 HTTP transactions
0 data transactions