mastermindescapegames.com Open in urlscan Pro
185.151.30.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001_SQNYnPwNhwBsts-DUe1MX77QzSq6_j0ur9AErHrhz2gLtBQx8MEXIoA7jIoeXVFKoc4LETdhn0jgdg376GA...
Effective URL:
https://mastermindescapegames.com/sandy-springs-buy-voucher/
Submission: On January 26 via api (January 26th 2024, 6:10:19 am UTC) from CA — Scanned from CA

Summary HTTP 52 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 52 HTTP transactions. The main IP is 185.151.30.166, located in United Kingdom and belongs to TWENTYI, GB. The main domain is mastermindescapegames.com.
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.

This is the only time mastermindescapegames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
10	185.151.30.166 185.151.30.166	48254 (TWENTYI) (TWENTYI)
2	142.251.163.97 142.251.163.97	15169 (GOOGLE) (GOOGLE)
1	142.251.16.95 142.251.16.95	15169 (GOOGLE) (GOOGLE)
4	37.19.207.34 37.19.207.34	60068 (CDN77 ^_^) (CDN77 ^_^)
1	168.235.82.161 168.235.82.161	3842 (RAMNODE) (RAMNODE)
3	172.253.62.113 172.253.62.113	15169 (GOOGLE) (GOOGLE)
6	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
16	170.75.144.130 170.75.144.130	46261 (QUICKPACKET) (QUICKPACKET)
4	172.253.122.138 172.253.122.138	15169 (GOOGLE) (GOOGLE)
2	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
2	172.253.63.94 172.253.63.94	15169 (GOOGLE) (GOOGLE)
1	142.251.16.104 142.251.16.104	15169 (GOOGLE) (GOOGLE)
52	12

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.151.30.166 (United Kingdom)

ASN48254 (TWENTYI, GB)
PTR: 185-151-30-166.ptr4.stackcp.net

mastermindescapegames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 37-19-207-34.bunnyinfra.net

hb.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.235.82.161 (United States)

ASN3842 (RAMNODE, US)
PTR: 168-235-82-161.cloud.ramnode.com

bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.62.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 170.75.144.130 (Ashburn, United States)

ASN46261 (QUICKPACKET, US)
PTR: srv-1552q.bookeo.com

www-1552q.bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.122.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f138.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	bookeo.com bookeo.com — Cisco Umbrella Rank: 160385 www-1552q.bookeo.com	708 KB
10	mastermindescapegames.com mastermindescapegames.com	140 KB
6	gstatic.com fonts.gstatic.com	211 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	830 B
4	wpmucdn.com hb.wpmucdn.com — Cisco Umbrella Rank: 45433	150 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9185	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	411 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	159 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 7448	378 B
52	11

	Domain	Requested by
16	www-1552q.bookeo.com	bookeo.com www-1552q.bookeo.com
10	mastermindescapegames.com	mastermindescapegames.com hb.wpmucdn.com
6	fonts.gstatic.com	fonts.googleapis.com
4	analytics.google.com	www.googletagmanager.com
4	hb.wpmucdn.com	mastermindescapegames.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com mastermindescapegames.com
2	www.google.ca	mastermindescapegames.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	mastermindescapegames.com www.googletagmanager.com
1	www.google.com	mastermindescapegames.com
1	bookeo.com	mastermindescapegames.com
1	fonts.googleapis.com	mastermindescapegames.com
1	r20.rs6.net	1 redirects
52	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.mastermindescapegames.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.wpmucdn.com RapidSSL TLS RSA CA G1	`2023-03-24` - `2024-03-23`	a year	crt.sh
*.bookeo.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-08` - `2024-03-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Frame ID: 7EE602D478C7062BC8CB0DDAD6AB0BE0
Requests: 36 HTTP requests in this frame

Frame: https://www-1552q.bookeo.com/-misc-widgetProvider.html?aguid=415526C6PRX150F3390A9B&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default2571&xdm_p=1
Frame ID: 2F0432F02B7DEBAB17ADB1B842A5516E
Requests: 3 HTTP requests in this frame

Frame: https://www-1552q.bookeo.com/bookeo/startroute_415526C6PRX150F3390A9B?ralias=true&axiomframed=true&inwidget=true&a=415526C6PRX150F3390A9B&startmode=buyvoucher&aguid=415526C6PRX150F3390A9B&axiom_bid=xfrxnjmmwkctrcnc&w=-1879425362&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&m=253f24211e29
Frame ID: 74866F5993F4467B1E3A9FE23592840D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sandy Springs Buy Voucher - Mastermind Escape Rooms

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001_SQNYnPwNhwBsts-DUe1MX77QzSq6_j0ur9AErHrhz2gLtBQx8MEXIoA7jIoeXVF... HTTP 302
https://mastermindescapegames.com/sandy-springs-buy-voucher/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

52
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1395 kB
Transfer

3685 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Mastermind-Escape-Games-GA-1722277701335819/

Search URL Search Domain Scan URL

URL: https://twitter.com/MMEscapeGames

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mastermindescapegames/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7UZe24wV3KbNYUtd6vcxg/featured

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001_SQNYnPwNhwBsts-DUe1MX77QzSq6_j0ur9AErHrhz2gLtBQx8MEXIoA7jIoeXVFKoc4LETdhn0jgdg376GA8XnlOpuqcbEJmp2irxEMMqdBSyIRO4WInpYxPvkMDdbbn_kgIcFGdUyDiYkXq0xNMGxphRN6OLrIJg-bnFSDNgVhyyqkZ3xx8Wqij9Spe0XN&c=wGqiq2WAzGJXAHPQ_NhP0WxQE3PbkhJ4iNWjvcDA2HrXPmm5TbfPaQ==&ch=81b-UGYkbr_DOZ1bBYqHJntKCKMSrupmVs-PLbSQMrCKOuOqqvmTWA== HTTP 302
https://mastermindescapegames.com/sandy-springs-buy-voucher/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mastermindescapegames.com/sandy-springs-buy-voucher/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001_SQNYnPwNhwBsts-DUe1MX77QzSq6_j0ur9AErHrhz2gLtBQx8MEXIoA7jIoeXVFKoc4LETdhn0jgdg376GA8XnlOpuqcbEJmp2irxEMMqdBSyIRO4WInpYxPvkMDdbbn_kgIcFGdUyDiYkXq0xNMGxphRN6OLrIJg-bn...
https://mastermindescapegames.com/sandy-springs-buy-voucher/

20 KB
6 KB

687ms
399ms

Document
text/html

185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache / PHP/7.4.33
Resource Hash: 3921d959aa76e61d4542e55b0c1a240dfe9128947b2b5f5731b17068725ae70e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, s-maxage=216000 max-age=86400
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 06:10:09 GMT
expires: Fri, 26 Jan 2024 11:49:32 GMT
link: <https://mastermindescapegames.com/wp-json/>; rel="https://api.w.org/", <https://mastermindescapegames.com/wp-json/wp/v2/pages/9426>; rel="alternate"; type="application/json", <https://mastermindescapegames.com/?p=9426>; rel=shortlink
server: Apache
vary: Accept-Encoding Accept-Encoding
x-cache-enabled: true
x-cdn-cache-status: MISS
x-origin-cache-status: HIT
x-powered-by: PHP/7.4.33
x-provided-by: StackCDN
x-stackcache-cacheable: yes
x-via: ASH1

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 26 Jan 2024 06:10:12 GMT
Location: https://mastermindescapegames.com/sandy-springs-buy-voucher/
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 130ms
52ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b7f71eb6dc78a83f95e9b6e56345a8cf98e8be9bb00e9635aedf54dbede84fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 06:10:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
3 KB 123ms
47ms Stylesheet
text/css 142.251.16.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic%7CPT+Sans%3A400italic%2C700italic%2C400%2C700%7CLato%3A300italic%2C300%7CMuli%3A300%2C300italic&ver=1.0

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f95.1e100.net

Software

ESF /

Resource Hash

cb9d86e360da167a4c1fd313b60cc9fab3fd1c99e53e256d33723964f78f6f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 06:10:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 06:10:13 GMT

GET
H2 200 f6c32e63-ba95-4c88-9b5a-a076403f954d.css
hb.wpmucdn.com/mastermindescapegames.com/ 269 KB
50 KB 1128ms
50ms Stylesheet
text/css 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/f6c32e63-ba95-4c88-9b5a-a076403f954d.css
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: ee9cfefbf86baf5ba013b1d619e5e430115bd6b2ce9ea4b0f0df3e655f52fbae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:14 GMT
content-encoding: br
cdn-edgestorageid: 925
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/25/2024 11:52:10
cdn-pullzone: 1101156
last-modified: Thu, 25 Jan 2024 07:24:53 GMT
server: BunnyCDN-ASB1-925
x-amz-meta-hb-minify: minify=0.0%, origSize=109898
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"e41d2aabba5473b78bc3aa2c4e20ee85"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8a44a266ae5c22933fb4cef94b259e23
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 51042345-5773-46ec-afa2-fbe37ff6b5e0.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 99 KB
37 KB 1149ms
70ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/51042345-5773-46ec-afa2-fbe37ff6b5e0.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:14 GMT
content-encoding: br
cdn-edgestorageid: 925
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/25/2024 11:52:10
cdn-pullzone: 1101156
last-modified: Thu, 25 Jan 2024 07:24:54 GMT
server: BunnyCDN-ASB1-925
x-amz-meta-hb-minify: minify=0.0%, origSize=87553
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"4f37101ff3ee8f069d1ca3852ffbbf18"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 576e4aaf37dfe8b330b1f2847dca07f7
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 09d947b3-637a-43ea-8e71-3b8905821a36.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 134 KB
43 KB 1149ms
71ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/09d947b3-637a-43ea-8e71-3b8905821a36.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 1717563adc25178aca7302724a4329aa4e4aabb9e3ae93f892a9990c9d05fea1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:14 GMT
content-encoding: br
cdn-edgestorageid: 925
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/25/2024 11:52:10
cdn-pullzone: 1101156
last-modified: Thu, 25 Jan 2024 07:24:56 GMT
server: BunnyCDN-ASB1-925
x-amz-meta-hb-minify: minify=1.5%, origSize=21070
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"b8654eb821c84782d605bf8cbcfee519"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 0ec2c05c15f11e6a06ecce5b04eee943
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 nav-logo.jpg
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 5 KB
5 KB 39ms
38ms Image
image/jpeg 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/nav-logo.jpg
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: e4f0da36ba04aac07d40d906e0f76ed04dc1ee86c56ffdf5c2306980277c7039

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/sandy-springs-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "1419-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/jpeg
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5145
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 responsive-menu-icon.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 237 B
502 B 44ms
43ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/responsive-menu-icon.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 67c14596c1956697b6f7dd0f7f67cb4f50118d70608ca2a16dee3364d679535d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/sandy-springs-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "ed-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 237
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:56 GMT

GET
H2 200 widget.js Show response
bookeo.com/ 111 KB
24 KB 387ms
30ms Script
text/javascript 168.235.82.161
RAMNODE

General

Check archive.org

Show headers Download Go to

Full URL

https://bookeo.com/widget.js?a=415526C6PRX150F3390A9B&startmode=buyvoucher

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

168.235.82.161 , United States, ASN3842 (RAMNODE, US),

Reverse DNS

168-235-82-161.cloud.ramnode.com

Software

Resource Hash

e3300fcae9e3140f1645ac2016f830677016311337c75377b32d5652f05ce144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:13 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/footer/ 57 KB
58 KB 37ms
37ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/footer/logo.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 2b1e0ecdd104445637dac412934d2e088639b151908a25afece5d0cfa31df03f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/sandy-springs-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "e5de-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 58846
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 TA-Award2023.jpg
mastermindescapegames.com/wp-content/uploads/2023/12/ 66 KB
67 KB 38ms
37ms Image
image/jpeg 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2023/12/TA-Award2023.jpg
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: b1619d3df21b66e8c20bd61a03d42c9d8eb6f371f2c3713dbd6c38005a341053

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/sandy-springs-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Sat, 16 Dec 2023 21:38:00 GMT
server: Apache
etag: "109dc-60ca754b036fc"
x-cdn-cache-status: HIT
content-type: image/jpeg
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 68060
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 icon-facebook.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 344 B
610 B 38ms
37ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-facebook.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 140884f9d4db6142c411cc9b0249c7b3661ad04d7c1c76b538bc7d4a6a1896fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/sandy-springs-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "158-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 344
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 icon-twitter.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 370 B
636 B 39ms
39ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-twitter.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: d5479f9f1e8b9af94b2320d3deaab72e3a71c5adc6dffb1d39c5b4487bd6e407

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/sandy-springs-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "172-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 370
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 icon-insta.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 335 B
601 B 37ms
37ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-insta.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: a19e9cf0b99054e9c1a6fdc2289491c63a3fef977ad661b1d2532a575a99874c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/sandy-springs-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "14f-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 335
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 youtube-icon.png
mastermindescapegames.com/wp-content/uploads/2016/06/ 1 KB
2 KB 38ms
37ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/06/youtube-icon.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 50b9097027b8ceb680e172b8ed6ad7f8495c4642f8fa6f5c2c01470dbc307495

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/sandy-springs-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Tue, 14 Jun 2016 19:24:21 GMT
server: Apache
etag: "5fa-53541f3ae8340"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1530
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 6fa548be-0072-409d-9b45-dfc1bdb7b6d1.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 57 KB
20 KB 910ms
71ms Script
application/javascript 37.19.207.34
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/6fa548be-0072-409d-9b45-dfc1bdb7b6d1.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 73c87f36b805db1de70262fdb381b78500767d72c2a0a09dbcc5c1efc8b02954

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:14 GMT
content-encoding: br
cdn-edgestorageid: 925
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/25/2024 11:52:11
cdn-pullzone: 1101156
last-modified: Thu, 25 Jan 2024 07:24:56 GMT
server: BunnyCDN-ASB1-925
x-amz-meta-hb-minify: minify=0.0%, origSize=57925
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"cc3ea88605b54322a605c2796fb8a804"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 8e03633eb742a66c1e1eed178173d05c
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 56ms
56ms Script
application/javascript 142.251.163.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e5bf13e25fbabf1f37b94c6ea1dfbe44e0d6c176199134fb8cdd41e690f5c1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92735
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 06:10:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 365ms
37ms Script
text/javascript 172.253.62.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 05:39:16 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1858
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 26 Jan 2024 07:39:16 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 131ms
57ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic%7CPT+Sans%3A400italic%2C700italic%2C400%2C700%7CLato%3A300italic%2C300%7CMuli%3A300%2C300italic&ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:57:09 GMT
x-content-type-options: nosniff
age: 785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 05:57:09 GMT

GET
H2 200 location-selector-arrow.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 170 B
444 B 373ms
372ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/location-selector-arrow.png
Requested by: Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/mastermindescapegames.com/f6c32e63-ba95-4c88-9b5a-a076403f954d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 7ca40cacffbd24fd9488767a3989a1b8364fba4170659edffa0b8ebd6ca955e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hb.wpmucdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:09 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "aa-534d197ac1640"
x-cdn-cache-status: REVALIDATED
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 170
x-origin-cache-status: MISS
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:16:19 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 136ms
85ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:08 GMT
x-content-type-options: nosniff
age: 6
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:10:08 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 120ms
70ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:02:23 GMT
x-content-type-options: nosniff
age: 471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:02:23 GMT

GET
H2 200 jizdRExUiTo99u79D0e8fOydLxUd.woff2
fonts.gstatic.com/s/ptsans/v17/ 32 KB
32 KB 141ms
91ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizdRExUiTo99u79D0e8fOydLxUd.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:59:53 GMT
x-content-type-options: nosniff
age: 621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32964
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 05:59:53 GMT

GET
H2 200 7Aulp_0qiz-aVz7u3PJLcUMYOFmQkEk30eg.woff2
fonts.gstatic.com/s/muli/v29/ 18 KB
18 KB 144ms
95ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Aulp_0qiz-aVz7u3PJLcUMYOFmQkEk30eg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

dfc55d536c0d9bed29a8396fc392f874410e2feae0ad97d081fb0b6b880e3f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:14 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18564
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:42:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:10:14 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 86ms
36ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mastermindescapegames.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:51:42 GMT
x-content-type-options: nosniff
age: 1112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 05:51:42 GMT

GET
H/1.1 200
OK -misc-widgetProvider.html Show response
www-1552q.bookeo.com/ Frame 2F04 702 B
849 B 407ms
39ms Document
text/html 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/-misc-widgetProvider.html?aguid=415526C6PRX150F3390A9B&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default2571&xdm_p=1

Requested by

Host: bookeo.com
URL: https://bookeo.com/widget.js?a=415526C6PRX150F3390A9B&startmode=buyvoucher

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

596335ff298a307b6e4899ba0e9da3b8d51385da98a7c998337bd1af560e402d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mastermindescapegames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 366
Content-Type: text/html;charset=utf-8
Date: Fri, 26 Jan 2024 06:10:14 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1552q_18d4463e882

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 366ms
43ms Ping
text/plain 172.253.122.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je41o0v890886590&_p=1706249413190&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=564042830.1706249414&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AgAI&_s=1&sid=1706249414&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Fsandy-springs-buy-voucher%2F&dt=Sandy%20Springs%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&tfd=2211
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 368ms
44ms Ping
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P32SMH4GWQ&cid=564042830.1706249414&gtm=45je41o0v890886590&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 490ms
47ms Image
image/gif 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P32SMH4GWQ&cid=564042830.1706249414&gtm=45je41o0v890886590&aip=1&dma=0&gcd=11l1l1l1l1&z=1473734135

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 354ms
44ms Ping
text/plain 172.253.122.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je41o0v890886590&_p=1706249413190&gcd=11l1l1l1l1&dma=0&cid=564042830.1706249414&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAgI&_s=2&sid=1706249414&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Fsandy-springs-buy-voucher%2F&dt=Sandy%20Springs%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&cu=USD&en=gift_cards_sandy_springs&_c=1&epn.value=7&_et=11&tfd=2225
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 45ms
44ms XHR
text/plain 172.253.62.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=844091906&t=pageview&_s=1&dl=https%3A%2F%2Fmastermindescapegames.com%2Fsandy-springs-buy-voucher%2F&ul=en-us&de=UTF-8&dt=Sandy%20Springs%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=798817522&gjid=1770819816&cid=564042830.1706249414&tid=UA-84554046-2&_gid=1792900249.1706249415&_r=1&gtm=457e41o0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1002326110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mastermindescapegames.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK easyXDM.min.js Show response
www-1552q.bookeo.com/bookeo/js-14.4.24/widgetcomm/ Frame 2F04 99 KB
19 KB 56ms
55ms Script
text/javascript 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/js-14.4.24/widgetcomm/easyXDM.min.js

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/-misc-widgetProvider.html?aguid=415526C6PRX150F3390A9B&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default2571&xdm_p=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1552q.bookeo.com/-misc-widgetProvider.html?aguid=415526C6PRX150F3390A9B&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default2571&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:10:14 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 15 Jan 2024 09:03:51 GMT
X-Bookeo-ResponseId: 1552q_18d4463e8ad
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 19528
Expires: Tue, 14 Jan 2025 09:03:51 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1552q.bookeo.com/bookeo/js-14.4.24/ Frame 2F04 733 KB
204 KB 101ms
43ms Script
text/javascript 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/js-14.4.24/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

ebdb3da3ecfbeb24439bf44ac519aaf63509cef507303bf1ae20cdd455b78d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1552q.bookeo.com/-misc-widgetProvider.html?aguid=415526C6PRX150F3390A9B&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default2571&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:10:14 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 15 Jan 2024 09:03:51 GMT
X-Bookeo-ResponseId: 1552q_18d4463e8e6
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 208243
Expires: Tue, 14 Jan 2025 09:03:51 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 57ms
45ms XHR
text/plain 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-84554046-2&cid=564042830.1706249414&jid=798817522&gjid=1770819816&_gid=1792900249.1706249415&_u=YADAAUAAAAAAACAAI~&z=1695957573

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mastermindescapegames.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 26 Jan 2024 06:10:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 372ms
48ms Image
image/gif 142.251.16.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-84554046-2&cid=564042830.1706249414&jid=798817522&_u=YADAAUAAAAAAACAAI~&z=1549926305

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 118ms
46ms Image
image/gif 172.253.63.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-84554046-2&cid=564042830.1706249414&jid=798817522&_u=YADAAUAAAAAAACAAI~&z=1549926305

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK startroute_415526C6PRX150F3390A9B Show response
www-1552q.bookeo.com/bookeo/ Frame 7486 16 KB
4 KB 87ms
86ms Document
text/html 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/startroute_415526C6PRX150F3390A9B?ralias=true&axiomframed=true&inwidget=true&a=415526C6PRX150F3390A9B&startmode=buyvoucher&aguid=415526C6PRX150F3390A9B&axiom_bid=xfrxnjmmwkctrcnc&w=-1879425362&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&m=253f24211e29

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/js-14.4.24/bundle_customer_ui2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

70fde780e5cf874e4878ed8465a3a66b029136434911b4894f0ad6f086420856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1552q.bookeo.com/-misc-widgetProvider.html?aguid=415526C6PRX150F3390A9B&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default2571&xdm_p=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 3065
Content-Type: text/html;charset=utf-8
Date: Fri, 26 Jan 2024 06:10:15 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1552q_18d4463e973

GET
H/1.1 200
OK css
www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/ Frame 7486 22 KB
2 KB 38ms
36ms Stylesheet
text/plain 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/startroute_415526C6PRX150F3390A9B?ralias=true&axiomframed=true&inwidget=true&a=415526C6PRX150F3390A9B&startmode=buyvoucher&aguid=415526C6PRX150F3390A9B&axiom_bid=xfrxnjmmwkctrcnc&w=-1879425362&t=1vpRfdGaUrCYWUoUcGFYurKIWLu3iT8GTuhopcFGjK0%3D&c=03a&m=253f24211e29

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

443c8feb0a9de2959a19df755caece8505fb707ba7a7d66fa8f0e463c1eb9594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1552q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Bookeo-ResponseId: 1552q_18d4463e9ce
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Cache-Control: public, max-age=86400, no-transform
Expires: Sat, 27 Jan 2024 06:10:15 GMT

GET
H/1.1 200
OK bundle_customer_ui2.css
www-1552q.bookeo.com/bookeo/css-14.4.24/customerui2/ Frame 7486 227 KB
38 KB 74ms
36ms Stylesheet
text/css 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/css-14.4.24/customerui2/bundle_customer_ui2.css?bp_a=415526C6PRX150F3390A9B&bp_v=1645057471623

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

2b954304f664a19991cc9cfd4788386990c00cc8b579823bec00a5f19c8dcba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1552q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 15 Jan 2024 09:03:51 GMT
X-Bookeo-ResponseId: 1552q_18d4463e9f3
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 38395
Expires: Tue, 14 Jan 2025 09:03:51 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1552q.bookeo.com/bookeo/js-14.4.24/ Frame 7486 733 KB
204 KB 127ms
56ms Script
text/javascript 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/js-14.4.24/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

ebdb3da3ecfbeb24439bf44ac519aaf63509cef507303bf1ae20cdd455b78d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1552q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 15 Jan 2024 09:03:51 GMT
X-Bookeo-ResponseId: 1552q_18d4463ea15
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 208243
Expires: Tue, 14 Jan 2025 09:03:51 GMT

GET
H/1.1 200
OK axiom_en_US.js Show response
www-1552q.bookeo.com/bookeo/js-14.4.24/i18n/ Frame 7486 68 KB
14 KB 123ms
52ms Script
text/javascript 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/js-14.4.24/i18n/axiom_en_US.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

8079786fbd0feb7430edc912b35269847527a8d9eaa0f3e026e0b395717f508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1552q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 15 Jan 2024 09:03:51 GMT
X-Bookeo-ResponseId: 1552q_18d4463ea15
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 13557
Expires: Tue, 14 Jan 2025 09:03:51 GMT

GET
H/1.1 200
OK cbpreferences.js Show response
www-1552q.bookeo.com/bookeo/dynjs/ Frame 7486 13 KB
6 KB 112ms
41ms Script
text/javascript 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/dynjs/cbpreferences.js?ver=1705591996695&aid=725679&languageCode=en_US&v=14.4.24

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

a4ef1a70998573eb1b17c8555c77ec995ee71914961fe3586627d1b3b0393443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1552q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 15 Jan 2024 09:03:51 GMT
X-Bookeo-ResponseId: 1552q_18d4463ea15
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 5998
Expires: Tue, 14 Jan 2025 09:03:51 GMT

GET
H/1.1 200
OK select-arrow-round-light.png
www-1552q.bookeo.com/bookeo/css-14.4.24/customerui2/cssimages/ Frame 7486 289 B
652 B 37ms
36ms Image
image/png 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-1552q.bookeo.com/bookeo/css-14.4.24/customerui2/cssimages/select-arrow-round-light.png

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/css-14.4.24/customerui2/bundle_customer_ui2.css?bp_a=415526C6PRX150F3390A9B&bp_v=1645057471623

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1552q.bookeo.com/bookeo/css-14.4.24/customerui2/bundle_customer_ui2.css?bp_a=415526C6PRX150F3390A9B&bp_v=1645057471623
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 14 Jan 2024 16:51:55 GMT
X-Bookeo-ResponseId: 1552q_18d4463eaa7
Content-Type: image/png;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Accept-Ranges: bytes
Content-Length: 289
Expires: Tue, 14 Jan 2025 09:03:51 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/ Frame 7486 47 KB
47 KB 75ms
75ms Font
font/woff2 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

d5c27d359f87d61f94e7890b0bf8bfc55aa37c6c9835980c6469afd5cd02cc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700
Origin: https://www-1552q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: Sat, 25 Jan 2025 06:10:15 GMT
Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1552q_18d4463eaa7
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/ Frame 7486 35 KB
35 KB 58ms
55ms Font
font/woff2 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

4d1e987c2e6857f17109aa27f0a57c01b701a5ac3cd053c64adb19bac0f8f0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700
Origin: https://www-1552q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: Sat, 25 Jan 2025 06:10:15 GMT
Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1552q_18d4463eab2
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/ Frame 7486 16 KB
16 KB 39ms
37ms Font
font/woff2 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

c66be1a223af66261ae55f0897d4daa91514e0310de6a3dbaf399bd5de3400c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700
Origin: https://www-1552q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: Sat, 25 Jan 2025 06:10:15 GMT
Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1552q_18d4463eab2
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/ Frame 7486 46 KB
46 KB 64ms
36ms Font
font/woff2 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

ef64eac7a5af49d144dd588a1c1ddc1a70c31c7751592405a2b92084659c24ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700
Origin: https://www-1552q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: Sat, 25 Jan 2025 06:10:15 GMT
Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1552q_18d4463eacc
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2
www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/ Frame 7486 21 KB
21 KB 76ms
37ms Font
font/woff2 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

f84bf8483437ef6a9dacf7ef9ace5029411f841fadd48154a5d7b658cd575cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700
Origin: https://www-1552q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: Sat, 25 Jan 2025 06:10:15 GMT
Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1552q_18d4463ead8
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/ Frame 7486 26 KB
26 KB 108ms
40ms Font
font/woff2 170.75.144.130
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: www-1552q.bookeo.com
URL: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.75.144.130 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1552q.bookeo.com

Software

Resource Hash

94dd79564f3a23c62b6ca2075ecf5b5b60cb676d3eab93cb79d4f1f59241dc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1552q.bookeo.com/bookeo/googlefonts/9ly3kNO*/css?family=Open+Sans:300,400,600,700
Origin: https://www-1552q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: Sat, 25 Jan 2025 06:10:15 GMT
Date: Fri, 26 Jan 2024 06:10:15 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1552q_18d4463eaf4
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 46ms
44ms Ping
text/plain 172.253.122.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je41o0v890886590&_p=1706249413190&gcd=11l1l1l1l1&dma=0&cid=564042830.1706249414&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=3&sid=1706249414&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Fsandy-springs-buy-voucher%2F&dt=Sandy%20Springs%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&en=scroll&epn.percent_scrolled=90&_et=2&tfd=3042
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 45ms
44ms Ping
text/plain 172.253.122.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je41o0v890886590&_p=1706249413190&gcd=11l1l1l1l1&dma=0&cid=564042830.1706249414&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=4&dp=%2Fbookeo%2Fbooking-type&dt=%2Fbookeo%2Fbooking-type&sid=1706249414&sct=1&seg=1&dl=https%3A%2F%2Fmastermindescapegames.com%2Fsandy-springs-buy-voucher%2F&en=page_view&_c=1&_ee=1&_et=801&tfd=3043
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:10:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 172.253.62.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=844091906&t=pageview&_s=2&dl=https%3A%2F%2Fmastermindescapegames.com%2Fsandy-springs-buy-voucher%2F&dp=%2Fbookeo%2Fbooking-type&ul=en-us&de=UTF-8&dt=%2Fbookeo%2Fbooking-type&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACACI~&jid=&gjid=&cid=564042830.1706249414&tid=UA-84554046-2&_gid=1792900249.1706249415&gtm=457e41o0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1130655042

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/sandy-springs-buy-voucher/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 00:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21938
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mastermindescapegames.com/	1970-01-21 03:33:29	Name: _ga Value: GA1.2.564042830.1706249414
.mastermindescapegames.com/	1970-01-20 17:58:55	Name: _gid Value: GA1.2.1792900249.1706249415
.mastermindescapegames.com/	1970-01-20 17:57:29	Name: _gat_gtag_UA_84554046_2 Value: 1
www-1552q.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID Value: 9z9kfj3bnmuy213gvymuvgeq154663
www-1552q.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID2 Value: 9JA77EKFMYRNHRT9F9HJWF6EJP3H7ATX
.mastermindescapegames.com/	1970-01-21 03:33:29	Name: _ga_P32SMH4GWQ Value: GS1.1.1706249414.1.1.1706249415.59.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://bookeo.com/widget.js?a=415526C6PRX150F3390A9B&startmode=buyvoucher(Line 489) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bookeo.com
fonts.googleapis.com
fonts.gstatic.com
hb.wpmucdn.com
mastermindescapegames.com
r20.rs6.net
stats.g.doubleclick.net
www-1552q.bookeo.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
142.251.16.104
142.251.16.95
142.251.163.94
142.251.163.97
168.235.82.161
170.75.144.130
172.253.122.138
172.253.62.113
172.253.63.155
172.253.63.94
185.151.30.166
208.75.122.11
37.19.207.34
001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
140884f9d4db6142c411cc9b0249c7b3661ad04d7c1c76b538bc7d4a6a1896fe
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1717563adc25178aca7302724a4329aa4e4aabb9e3ae93f892a9990c9d05fea1
2b1e0ecdd104445637dac412934d2e088639b151908a25afece5d0cfa31df03f
2b954304f664a19991cc9cfd4788386990c00cc8b579823bec00a5f19c8dcba8
3921d959aa76e61d4542e55b0c1a240dfe9128947b2b5f5731b17068725ae70e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
443c8feb0a9de2959a19df755caece8505fb707ba7a7d66fa8f0e463c1eb9594
4d1e987c2e6857f17109aa27f0a57c01b701a5ac3cd053c64adb19bac0f8f0ab
50b9097027b8ceb680e172b8ed6ad7f8495c4642f8fa6f5c2c01470dbc307495
596335ff298a307b6e4899ba0e9da3b8d51385da98a7c998337bd1af560e402d
67c14596c1956697b6f7dd0f7f67cb4f50118d70608ca2a16dee3364d679535d
70fde780e5cf874e4878ed8465a3a66b029136434911b4894f0ad6f086420856
73c87f36b805db1de70262fdb381b78500767d72c2a0a09dbcc5c1efc8b02954
7ca40cacffbd24fd9488767a3989a1b8364fba4170659edffa0b8ebd6ca955e0
8079786fbd0feb7430edc912b35269847527a8d9eaa0f3e026e0b395717f508a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
94dd79564f3a23c62b6ca2075ecf5b5b60cb676d3eab93cb79d4f1f59241dc2e
a19e9cf0b99054e9c1a6fdc2289491c63a3fef977ad661b1d2532a575a99874c
a4ef1a70998573eb1b17c8555c77ec995ee71914961fe3586627d1b3b0393443
b1619d3df21b66e8c20bd61a03d42c9d8eb6f371f2c3713dbd6c38005a341053
b7f71eb6dc78a83f95e9b6e56345a8cf98e8be9bb00e9635aedf54dbede84fe3
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1
c66be1a223af66261ae55f0897d4daa91514e0310de6a3dbaf399bd5de3400c8
cb9d86e360da167a4c1fd313b60cc9fab3fd1c99e53e256d33723964f78f6f6d
d5479f9f1e8b9af94b2320d3deaab72e3a71c5adc6dffb1d39c5b4487bd6e407
d5c27d359f87d61f94e7890b0bf8bfc55aa37c6c9835980c6469afd5cd02cc1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc55d536c0d9bed29a8396fc392f874410e2feae0ad97d081fb0b6b880e3f10
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9
e3300fcae9e3140f1645ac2016f830677016311337c75377b32d5652f05ce144
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f0da36ba04aac07d40d906e0f76ed04dc1ee86c56ffdf5c2306980277c7039
e5bf13e25fbabf1f37b94c6ea1dfbe44e0d6c176199134fb8cdd41e690f5c1e5
ebdb3da3ecfbeb24439bf44ac519aaf63509cef507303bf1ae20cdd455b78d06
ee9cfefbf86baf5ba013b1d619e5e430115bd6b2ce9ea4b0f0df3e655f52fbae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64eac7a5af49d144dd588a1c1ddc1a70c31c7751592405a2b92084659c24ce
f84bf8483437ef6a9dacf7ef9ace5029411f841fadd48154a5d7b658cd575cdc
fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

mastermindescapegames.com Open in urlscan Pro 185.151.30.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

0 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

1395 kBTransfer

3685 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mastermindescapegames.com Open in urlscan Pro
185.151.30.166 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1395 kB
Transfer

3685 kB
Size

6
Cookies

52 HTTP transactions
0 data transactions