www.mysponsoringsecrets.com Open in urlscan Pro
2606:4700:3032::6815:3206  Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

• https://pixel-geo.prfct.co/tagjs?a_id=80540&source=js_tag HTTP 302
• https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=80540&source=js_tag

Request Chain 60

• https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
• https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_mQ5Lv6XLai1OrY1hg

Request Chain 61

• https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
• https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_mQ5Lv6XLai1OrY1hg&sigv=1&esig=2~b63056c83475fe835c8eb127d035e1826e27baff

Request Chain 62

• https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_mQ5Lv6XLai1OrY1hg HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_mQ5Lv6XLai1OrY1hg

Request Chain 63

• https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_mQ5Lv6XLai1OrY1hg

Request Chain 64

• https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfbVE1THY2WExhaTFPclkxaGc HTTP 302
• https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 66

• https://secure.adnxs.com/seg?t=2&add=11769684 HTTP 307
• https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11769684

Request Chain 67

• https://secure.adnxs.com/seg?t=2&add=11608938 HTTP 307
• https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11608938

Request Chain 68

• https://www.facebook.com/tr/?id=1000811343263975&ev=Microdata&dl=https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz&rl=&if=false&ts=1615571549688&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Master%20Sponsoring%20Series%5Cn%22%2C%22meta%3Adescription%22%3A%224-Module%20Training%20Course%20entitled%20The%20Master%20Sponsoring%20Series.%20This%20training%20series%20will%20radically%20alter%20the%20course%20of%20your%20business%20and%20allow%20you%20to%20start%20sponsoring%20people%20on%20demand%20into%20your%20primary%20network%20marketing%20company.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1615571548182.1453824352&it=1615571547863&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
• https://cx.atdmt.com/?c=9462485528646163025&f=AYzTFr-LgBqHvKozCz2pxLWgw1A1-i4rSEE0pvseDl_xvRxbMqCjqMyBek5CdV5Fk7r7uQwAsFfm9tlOK9P162n2&id=1000811343263975&l=3&v=0

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.mysponsoringsecrets.com/	7 KB 3 KB	325ms 296ms	Document text/html	2606:4700:3032::6815:3206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:3206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c6cd46b4d814e7802ce69ca1bd9b84496cfcb660adda013a4080b0c4745ed12 Request headers :method GET :authority www.mysponsoringsecrets.com :scheme https :path /?m=jmanwinz pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-type text/html;charset=UTF-8 set-cookie __cfduid=d22c01ed9e55af19c3f84bf882789062d1615571546; expires=Sun, 11-Apr-21 17:52:26 GMT; path=/; domain=.mysponsoringsecrets.com; HttpOnly; SameSite=Lax cfid=bcfef798-2b44-40ee-b769-743a72de9f3d;Path=/;Domain=.mysponsoringsecrets.com;Expires=Thu, 01-Apr-2021 19:30:30 UTC;HTTPOnly cftoken=0;Path=/;Domain=.mysponsoringsecrets.com;Expires=Thu, 01-Apr-2021 19:30:30 UTC;HTTPOnly MLSP_AFF_ID=756088;Path=/;Domain=.mysponsoringsecrets.com;Expires=Sat, 12-Mar-2022 17:52:26 UTC MLSP_TRACKING_MEMBERPAGE_VIEW_1976225=1;Path=/;Domain=.mysponsoringsecrets.com;Expires=Sat, 12-Mar-2022 17:52:26 UTC JSESSIONID=UxpHhOkclwCoVsmP6naOLZo4fAo6DRxIp9EE96YR; path=/ cf-cache-status DYNAMIC cf-request-id 08c92a8a9a00002488641a2000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BbxVPrlOPD8avIfKQHvGLzqwKhf92v3JyxcXKIv93YnhSSdpbrybqnW6m%2Fb3yYN%2F4x0EJmquRvx6BTfdECYefFRIWSUzK5VfyjE0dkwJ%2FrlDDrFZ6k8bQzXfaJWM4vimroAaokhpK8c%3D"}],"group":"cf-nel"} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 62eee0575f112488-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery-ui.css ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/themes/ui-lightness/	31 KB 6 KB	7ms 6ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/themes/ui-lightness/jquery-ui.css Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9fd17840da032da4740c319d3a3727760e53cfd6fd874564c70873fce2e5f715 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 02:13:38 GMT content-encoding gzip x-content-type-options nosniff age 142729 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Mar 2022 02:13:38 GMT
GET H2	200	bootstrap.min.css netdna.bootstrapcdn.com/bootstrap/3.3.2/css/	114 KB 17 KB	34ms 15ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723, 617 age 167075 cdn-cachedat 2021-03-10 20:27:01 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08c92a8bdc00004e564696a000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:03:58 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 86513818a3fbc7eb63303a7182380aa3 cf-ray 62eee0596a384e56-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	style.css secure1.mlspcdn.net/themes/mysponsoringsecrets/	13 KB 14 KB	549ms 430ms	Stylesheet text/css	2600:9000:211e:a800:17:efbe:b740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure1.mlspcdn.net/themes/mysponsoringsecrets/style.css Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:a800:17:efbe:b740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 18835c29824d18074ef86a31cd141a475dfe8ebeb4ee6639851b904435d5bd10 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id null via 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront) last-modified Tue, 27 Feb 2018 19:15:23 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "5bf52fd0e365677d57c89c82d55e9959" x-cache RefreshHit from cloudfront content-type text/css date Fri, 12 Mar 2021 17:52:28 GMT accept-ranges bytes content-length 13602 x-amz-cf-id dIXPevWHqLiF2skk1D7q97cwj09PPMTyJ4Tgnqm9FoZMCmsB8ZPO9w==
GET H2	200	img-video.jpg secure1.mlspcdn.net/themes/mysponsoringsecrets/img/	106 KB 107 KB	661ms 545ms	Image image/jpeg	2600:9000:211e:a800:17:efbe:b740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://secure1.mlspcdn.net/themes/mysponsoringsecrets/img/img-video.jpg Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:a800:17:efbe:b740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b87b01a383c3e208f8169cc3a405b6605af8c979d42fa65fc90151fa0d1fb207 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:28 GMT via 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront) last-modified Tue, 27 Feb 2018 18:37:32 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "cf6c8561ac3dc23f291fc5a048428953" x-cache Miss from cloudfront x-amz-version-id null accept-ranges bytes content-type image/jpeg content-length 108701 x-amz-cf-id P3m2mlaJBFqBoo6TTpT5iqQ65imtfY8cWjqs7N0Bhag9ZjBYqHdubw==
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 742 B	20ms 17ms	Script text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 695977041d32bc01009199696f6c585bf5b7307c64e320dfb0c8aa758278de35 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 583 x-xss-protection 1; mode=block expires Fri, 12 Mar 2021 17:52:27 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.10.2/	91 KB 91 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 13:51:47 GMT x-content-type-options nosniff age 14440 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93100 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Mar 2022 13:51:47 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/	223 KB 59 KB	16ms 13ms	Script text/javascript	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 09 Mar 2021 15:13:37 GMT content-encoding gzip x-content-type-options nosniff age 268730 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60529 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Mar 2022 15:13:37 GMT
GET H2	200	bootstrap.min.js Show response netdna.bootstrapcdn.com/bootstrap/3.3.2/js/	35 KB 10 KB	30ms 14ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 632, 617 age 167079 cdn-cachedat 2021-03-10 20:26:29 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08c92a8bdc00004e56080de000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:03:58 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 08468fea7f18c65ba64dcd911d81bb76 cf-ray 62eee0596a3b4e56-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	jquery.fitvids.js Show response secure1.mlspcdn.net/bootstrap/js/	3 KB 3 KB	125ms 8ms	Script application/x-javascript	2600:9000:211e:a800:17:efbe:b740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure1.mlspcdn.net/bootstrap/js/jquery.fitvids.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:a800:17:efbe:b740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 71cdd9497e3967eb5387e8f5d48b6bdd76a191085a22eb33a8d6abc2fd38ec64 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id null via 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront) etag "a0afa095eb2e29fe798d20a48b9f1eb1" last-modified Thu, 26 Oct 2017 22:33:05 GMT server AmazonS3 age 38178 x-amz-meta-cb-modifiedtime Thu, 26 Oct 2017 21:15:22 GMT x-cache Hit from cloudfront content-type application/x-javascript date Fri, 12 Mar 2021 07:16:10 GMT x-amz-cf-pop FRA56-C2 accept-ranges bytes content-length 2781 x-amz-cf-id Nw4OJ3aV307BW6x0RAAAHQDMWOMFkb_9BuMS18tled4uHjP-ajgpaA==
GET H2	200	mlsp.fitvids.js Show response secure1.mlspcdn.net/bootstrap/js/	1 KB 2 KB	125ms 8ms	Script application/javascript	2600:9000:211e:a800:17:efbe:b740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure1.mlspcdn.net/bootstrap/js/mlsp.fitvids.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:a800:17:efbe:b740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3f3292f259383e858b1b0011387021a85fff77e2c83a269e8cf6b0a1d926568e Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 16W0kABc2Jc_Sajj8HsLwLF1rBPIpERX via 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront) last-modified Fri, 07 Dec 2018 02:26:56 GMT server AmazonS3 age 1158 etag "4bc405649979302416921947c7691cbf" x-cache Hit from cloudfront content-type application/javascript date Fri, 12 Mar 2021 17:44:59 GMT x-amz-cf-pop FRA56-C2 accept-ranges bytes content-length 1169 x-amz-cf-id _cm25Arfcx6_Un2mKocX44ZG5lNhSWzqtqyPhDo2RlZue4faOQR2Zg==
GET H2	200	jquery-countdown.js Show response secure1.mlspcdn.net/themes/common/js/	11 KB 11 KB	125ms 8ms	Script application/x-javascript	2600:9000:211e:a800:17:efbe:b740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure1.mlspcdn.net/themes/common/js/jquery-countdown.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:a800:17:efbe:b740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1420724070eb3a6d9829cefd052efcdf148bb1e02a68c925d19272b17e5fe4bd Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id null via 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront) etag "be73ea313e2199768c16b688f1759dfc" last-modified Thu, 26 Oct 2017 22:26:39 GMT server AmazonS3 age 40542 x-amz-meta-cb-modifiedtime Thu, 26 Oct 2017 20:03:14 GMT x-cache Hit from cloudfront content-type application/x-javascript date Fri, 12 Mar 2021 06:36:46 GMT x-amz-cf-pop FRA56-C2 accept-ranges bytes content-length 10769 x-amz-cf-id 9wP9Q6Kg8uCAZy5_zmOZGcxappc8qlcp-4sI3OjOxS5RR-GeSQHSjA==
GET H2	200	jquery.validate.min.js Show response ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/	21 KB 9 KB	369ms 92ms	Script application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/jquery.validate.min.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (wmi/FEAC) / Resource Hash f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding gzip x-content-type-options nosniff age 836928 x-cache HIT content-length 8497 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:42:30 GMT server ECAcc (wmi/FEAC) etag "6110c871d033d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	15ms 15ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,700,700i|Open+Sans+Condensed:300,700 Requested by Host: secure1.mlspcdn.net URL: https://secure1.mlspcdn.net/themes/mysponsoringsecrets/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4009265de8780b59d9d5b3b2cae87a0dceffa43f3e963592f9dd7362278f2463 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://secure1.mlspcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 12 Mar 2021 17:52:27 GMT server ESF date Fri, 12 Mar 2021 17:52:27 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 12 Mar 2021 17:52:27 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/	332 KB 130 KB	27ms 7ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8895b0ccbd3c0a0f087c1ce61e9c87c5afa43914a2849a3e5ed043482d4de444 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mysponsoringsecrets.com Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 13:22:31 GMT content-encoding gzip x-content-type-options nosniff age 16196 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132665 x-xss-protection 0 last-modified Mon, 08 Mar 2021 05:24:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 12 Mar 2022 13:22:31 GMT
GET H2	200	background-pattern.jpg secure1.mlspcdn.net/themes/mysponsoringsecrets/img/	56 KB 56 KB	404ms 404ms	Image image/jpeg	2600:9000:211e:a800:17:efbe:b740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://secure1.mlspcdn.net/themes/mysponsoringsecrets/img/background-pattern.jpg Requested by Host: secure1.mlspcdn.net URL: https://secure1.mlspcdn.net/themes/mysponsoringsecrets/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:a800:17:efbe:b740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4dcd33cadf8a702294b832bba4b648de75532590181055477faeca1f921f4be9 Request headers Referer https://secure1.mlspcdn.net/themes/mysponsoringsecrets/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id null via 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront) last-modified Tue, 27 Feb 2018 18:37:29 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "d8faf40190953171192952790844aeeb" x-cache RefreshHit from cloudfront content-type image/jpeg date Fri, 12 Mar 2021 17:52:28 GMT accept-ranges bytes content-length 57023 x-amz-cf-id jhnq3wcIJtza1qzNZ2IcJTCt6xtr7C32hG9twGvrYswBi0tTvbGaBA==
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	10ms 8ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,700,700i|Open+Sans+Condensed:300,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mysponsoringsecrets.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 19:41:25 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:52 GMT server sffe age 79862 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19172 x-xss-protection 0 expires Fri, 11 Mar 2022 19:41:25 GMT
GET H2	200	JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 20 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,700,700i|Open+Sans+Condensed:300,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31d8631496cacac8ccd260ac5fb41e3e217506304f90750fd96609d91ae8720f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mysponsoringsecrets.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 10 Mar 2021 21:07:23 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:26 GMT server sffe age 161104 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19916 x-xss-protection 0 expires Thu, 10 Mar 2022 21:07:23 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	10ms 9ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,700,700i|Open+Sans+Condensed:300,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mysponsoringsecrets.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 06 Mar 2021 10:28:37 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe age 545030 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19480 x-xss-protection 0 expires Sun, 06 Mar 2022 10:28:37 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/	19 KB 19 KB	12ms 11ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,700,700i|Open+Sans+Condensed:300,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.mysponsoringsecrets.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 10 Mar 2021 22:37:29 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:13:19 GMT server sffe age 155698 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18988 x-xss-protection 0 expires Thu, 10 Mar 2022 22:37:29 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	163 KB 54 KB	24ms 23ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NBGQ2X&l=dataLayer4E95533 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7297b768270b8ff1034fb6d4d8fe13a412dc4c4025fdcbe36b18804924a40589 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55659 x-xss-protection 0 last-modified Fri, 12 Mar 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 12 Mar 2021 17:52:27 GMT
GET H2	200	/ Show response www.myleadsystempro.com/ajax/affid/jmanwinz/ Frame 9D94	95 B 730 B	883ms 642ms	Document text/html	172.67.18.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.myleadsystempro.com/ajax/affid/jmanwinz/?usr=0 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.18.226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f440cf79a6f3c26048cd3606bd0ba8648c58c19f28d57eba095217ac14a25b34 Request headers :method GET :authority www.myleadsystempro.com :scheme https :path /ajax/affid/jmanwinz/?usr=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mysponsoringsecrets.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.mysponsoringsecrets.com/ Response headers date Fri, 12 Mar 2021 17:52:28 GMT content-type text/html;charset=UTF-8 set-cookie __cfduid=d3605998332e2d32f133d76b505dde1bc1615571548; expires=Sun, 11-Apr-21 17:52:28 GMT; path=/; domain=.myleadsystempro.com; HttpOnly; SameSite=Lax cfid=4cda8ff4-bbe0-46de-b2dc-509da98dcdb0;Path=/;Domain=.myleadsystempro.com;Expires=Thu, 01-Apr-2021 19:30:32 UTC;HTTPOnly cftoken=0;Path=/;Domain=.myleadsystempro.com;Expires=Thu, 01-Apr-2021 19:30:32 UTC;HTTPOnly MLSP_AFF_ID=756088;Path=/;Domain=.myleadsystempro.com;Expires=Sat, 12-Mar-2022 17:52:28 UTC JSESSIONID=lGHaxgr2gQTUHBkHZd1vcqwIw3K6QvUz4nhXAVSa; path=/ cf-cache-status DYNAMIC cf-request-id 08c92a8f8100004c0042b8b000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 62eee05f3a4b4c00-AMS content-encoding gzip
GET H3-Q050	200	anchor Show response www.google.com/recaptcha/api2/ Frame 66AC	19 KB 10 KB	53ms 40ms	Document text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 13990208bed6b517c6928e933a5875e775feb8ea3fdd59a62d8226133ca782ad Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-598PXAJInC9nRBXxzMEDRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.mysponsoringsecrets.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.mysponsoringsecrets.com/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Fri, 12 Mar 2021 17:52:27 GMT content-security-policy script-src 'report-sample' 'nonce-598PXAJInC9nRBXxzMEDRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10143 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	uc.js Show response consent.cookiebot.com/	72 KB 17 KB	198ms 8ms	Script application/javascript	2a02:26f0:7100::687e:24c9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/uc.js?cbid=ff33c627-6bc4-4a80-b21d-694621b44b90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBGQ2X&l=dataLayer4E95533 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24c9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash cbe40c8a351bcc833ee71354c44f8af859e683eeb969202d168b7ef0167da33c Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding gzip last-modified Wed, 10 Mar 2021 11:12:24 GMT server Microsoft-IIS/10.0 etag "05c323f9e15d71:0" vary Accept-Encoding content-type application/javascript cache-control public, max-age=437 accept-ranges bytes content-length 17437 expires Fri, 12 Mar 2021 17:59:44 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	25ms 5ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBGQ2X&l=dataLayer4E95533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 6592 date Fri, 12 Mar 2021 16:02:35 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Fri, 12 Mar 2021 18:02:35 GMT
GET H2	200	6412.js Show response script.crazyegg.com/pages/scripts/0018/	4 KB 2 KB	33ms 17ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0018/6412.js?448770 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBGQ2X&l=dataLayer4E95533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c254f63d7af0bcdd163966c1438330156b3b0068c28dbdd17582563593e3ae1 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding gzip cf-cache-status HIT age 1565 cf-polished origSize=4157 ce-version 11.1.244 cf-request-id 08c92a8eb1000097549124d000000001 timing-allow-origin * last-modified Fri, 12 Mar 2021 17:26:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 cf-ray 62eee05dea7b9754-FRA cf-bgj minify
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	32 KB 13 KB	480ms 155ms	Script text/javascript	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBGQ2X&l=dataLayer4E95533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash 08e8886e305db1744d2c9f1439f28abc73bef383f7a14da5f6e45e3f9e905cd0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:28 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12597 x-xss-protection 0 server cafe etag 5966996634223651104 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 12 Mar 2021 17:52:28 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	91 KB 24 KB	20ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23762 x-fb-rlafr 0 pragma public x-fb-debug 5VmkFLunxDWE5egqmtdx/I908YngiEQTK0DS+WL32w2FWXGp9HlETUTz2Un2VL3wQRh2iUVmuRlLssh3OvpmxA== x-fb-trip-id 2050670934 x-frame-options DENY date Fri, 12 Mar 2021 17:52:27 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	5aa04a1aea86b2f96f000006.js Show response tag.marinsm.com/serve/	10 KB 4 KB	459ms 214ms	Script text/javascript	199.232.52.65 FASTLY
General Check archive.org Show headers Download Go to Full URL https://tag.marinsm.com/serve/5aa04a1aea86b2f96f000006.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.52.65 Manchester, United Kingdom, ASN54113 (FASTLY, US), Reverse DNS Software Cowboy / Resource Hash 483380554116891af788ad63d2f786b4d40e70257eb1db4e3e9eec7ed099ac51 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 12 Mar 2021 17:52:28 GMT Via 1.1 vegur, 1.1 varnish X-Content-Type-Options nosniff Age 0 X-Cache MISS Connection keep-alive Content-Encoding gzip Content-Length 3561 X-Served-By cache-man4129-MAN Server Cowboy X-Timer S1615571548.143537,VS0,VE100 Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=1800 Accept-Ranges bytes X-Cache-Hits 0
GET H2	200	core.js Show response s.pinimg.com/ct/	1 KB 1 KB	46ms 14ms	Script application/javascript	2a04:4e42:9::84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/core.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3b55e27038f70b1b7cfae4116bf09fe3faf8cb97795673d1fd338113d0c0d53f Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT fastly-restarts 1 x-cdn fastly etag "7dfd742fa9951f09da578c3e4cfc7d96" vary Accept-Encoding, Origin access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-max-age 86400 cache-control max-age=7200 content-length 1142 access-control-expose-headers X-CDN
GET H2	200	w.js Show response d10lpsik1i8c69.cloudfront.net/	5 KB 3 KB	596ms 196ms	Script application/javascript	65.9.91.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d10lpsik1i8c69.cloudfront.net/w.js Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.91.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 610ab00f8de8912637a2f94ba8a2976e1eef3c240276657b55851f6f6d8163cb Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:45:36 GMT content-encoding gzip last-modified Mon, 08 Mar 2021 19:45:34 GMT server AmazonS3 age 413 etag W/"8e8d63ac39f7baa3ae59c19edea3f4a7" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 97101640da3dcba7a2d4a3d67a31b115.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop PRG50-C1 x-amz-cf-id qnBpky8OppC29ioAUAiBjACzN01OCKiqrBpVjRLP_oKYZlCbqIbITA==
GET H2	200	reactunified.bundle.js Show response a.deadlinefunnel.com/unified/	547 KB 179 KB	516ms 164ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6Ing3bkhFOVFcLzJcL3pTWkdKSEplbFYydz09IiwidmFsdWUiOiJZRmpPWFR4QnhESzdXNTJURitMdUpnPT0iLCJtYWMiOiI4YzNkZjcwNTQyNGVlMDQxODJkODk4MWQ3NjhmMjQ0MTViNmQxNTFhMmM3YzJhZTFjYmI3ZTgyZmRiMGFiZGE5In0=&pageFromUrl=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb20vP209am1hbndpbno=&parentPageFromUrl= Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software AmazonS3 / Resource Hash 60233e819443aec43166af260d57a4e50a28c2879a32f7a7710177b3b7f618c7 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:28 GMT content-encoding gzip last-modified Thu, 11 Mar 2021 10:25:54 GMT server AmazonS3 x-amz-request-id 62J537593FVQY4Z8 etag "936c35049034d583a7ba248d1a944498" x-hw 1615571548.cds012.lo4.hn,1615571548.cds214.lo4.c content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 183210 x-amz-id-2 VqTuk5VuKrt5BJPGVkWwno1E0KgSQqJZtH8rRs/xk5k+m+SMioZBpmFb0KQS2yFbph3KmEyyzcY=
GET H2	200	wr-ad556dd19891be9143a759528f150a60.js Show response widget.wickedreports.com/v2/3262/	372 B 701 B	648ms 242ms	Script text/javascript	65.9.96.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.wickedreports.com/v2/3262/wr-ad556dd19891be9143a759528f150a60.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBGQ2X&l=dataLayer4E95533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.96.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 06b17aeb523a1027815cd80f0dd8da29951382bff26ea68d012832f81a15a8ce Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 10:06:23 GMT via 1.1 d19bc25644fc0cb24d9e1c2cb87755cb.cloudfront.net (CloudFront) last-modified Fri, 06 Mar 2020 00:10:36 GMT server AmazonS3 age 27966 etag "23bffd41a57e71de0d320e991fc0c1d6" x-cache Hit from cloudfront content-type text/javascript x-amz-cf-pop PRG50-C1 accept-ranges bytes content-length 372 x-amz-cf-id SrklHrvmDkyjp-5lu4Mvk_esw5KgSQmrYmrPEM0gXCM0pSmZ7795Bw==
GET H3-Q050	200	styles__ltr.css www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/ Frame 66AC	50 KB 25 KB	33ms 20ms	Stylesheet text/css	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 15:24:02 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 08 Mar 2021 05:24:47 GMT server sffe age 8905 vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25479 x-xss-protection 0 expires Sat, 12 Mar 2022 15:24:02 GMT
GET H3-Q050	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/ Frame 66AC	332 KB 130 KB	35ms 22ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8895b0ccbd3c0a0f087c1ce61e9c87c5afa43914a2849a3e5ed043482d4de444 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 13:22:31 GMT content-encoding gzip x-content-type-options nosniff age 16196 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 132665 x-xss-protection 0 last-modified Mon, 08 Mar 2021 05:24:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 12 Mar 2022 13:22:31 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 454 B	41ms 14ms	XHR text/plain	2a00:1450:400c:c09::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-2552055-7&cid=1195863557.1615571548&jid=501755712&gjid=795409438&_gid=249970634.1615571548&_u=YGBAgEABAAAAAE~&z=1566878943 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 12 Mar 2021 17:52:27 GMT content-type text/plain access-control-allow-origin https://www.mysponsoringsecrets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 384 B	33ms 20ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j88&a=1037533416&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz&ul=en-us&de=UTF-8&dt=Master%20Sponsoring%20Series&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=501755712&gjid=795409438&cid=1195863557.1615571548&tid=UA-2552055-7&_gid=249970634.1615571548&gtm=2wg330NBGQ2X&z=2111309584 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 11:14:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 23889 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	1000811343263975 Show response connect.facebook.net/signals/config/	241 KB 70 KB	150ms 150ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1000811343263975?v=2.9.33&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b382bd96187dab0ef3dc238e29691a2c1db24d7c024133c9071b07b231434f1e Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-fb-rlafr 0 pragma public x-fb-debug koMlGqDpKyUFkyRkyTTxzPFUFv1FRtiZW3hZubXPRYn1dvwWVJWHdEk5aRiA8iUMqJEGP2y68J3D7f3W3/kS/Q== x-fb-trip-id 2050670934 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Fri, 12 Mar 2021 17:52:28 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 origin-trial AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ== cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	6412.json Show response script.crazyegg.com/pages/data-scripts/0018/	66 KB 11 KB	28ms 15ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0018/6412.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0018/6412.js?448770 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04f9f11c2db8acdd1f2c901840b3d5b4a87b7c7e67f91af68be0e38f9d400554 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding gzip cf-cache-status HIT age 1562 ce-version 11.1.244 content-length 11299 cf-request-id 08c92a8eec00004aaf93159000000001 timing-allow-origin * last-modified Fri, 12 Mar 2021 17:26:25 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes cf-ray 62eee05e49574aaf-FRA
GET H2	200	main.2a04f3ee.js Show response s.pinimg.com/ct/lib/	48 KB 17 KB	17ms 16ms	Script application/javascript	2a04:4e42:9::84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://s.pinimg.com/ct/lib/main.2a04f3ee.js Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/core.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding gzip fastly-restarts 1 x-cdn fastly etag "248210fef24a364a0e167a9a4db13563" vary Accept-Encoding, Origin access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-max-age 86400 cache-control max-age=1209600 content-length 17102 access-control-expose-headers X-CDN
GET H3-Q050	200	gmH6SJL65Pd6t3kpyevqm4eIUX-upPuY-oqy3W-FFSU.js Show response www.google.com/js/bg/ Frame 66AC	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/gmH6SJL65Pd6t3kpyevqm4eIUX-upPuY-oqy3W-FFSU.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8261fa4892fae4f77ab77929c9ebea9b8788517faea4fb98fa8ab2dd6f851525 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 22:10:35 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 08 Mar 2021 18:00:00 GMT server sffe age 330112 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5736 x-xss-protection 0 expires Tue, 08 Mar 2022 22:10:35 GMT
GET H3-Q050	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 66AC	2 KB 2 KB	7ms 6ms	Image image/png	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 10 Mar 2021 19:52:31 GMT x-content-type-options nosniff last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe age 165596 content-type image/png cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 expires Wed, 17 Mar 2021 19:52:31 GMT
GET H3-Q050	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 66AC	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.google.com Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 11 Mar 2021 19:41:25 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe age 79862 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 expires Fri, 11 Mar 2022 19:41:25 GMT
GET H3-Q050	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 66AC	15 KB 15 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.google.com Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 10 Mar 2021 19:40:13 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe age 166334 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 expires Thu, 10 Mar 2022 19:40:13 GMT
GET H3-Q050	200	ga-audiences www.google.com/ads/	42 B 238 B	33ms 32ms	Image image/gif	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2552055-7&cid=1195863557.1615571548&jid=501755712&_u=YGBAgEABAAAAAE~&z=1687940396 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 505 B	49ms 30ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2552055-7&cid=1195863557.1615571548&jid=501755712&_u=YGBAgEABAAAAAE~&z=1687940396 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	webworker.js www.google.com/recaptcha/api2/ Frame 66AC	102 B 239 B	15ms 15ms	Other text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b8b79e3e0e8ba996236788c3881ad0873139f6d7fe586c3a99e9fcd405d72138 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:27 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111 x-xss-protection 1; mode=block expires Fri, 12 Mar 2021 17:52:27 GMT
GET H2	200	11.1.244.js Show response script.crazyegg.com/pages/versioned/commontransformations-scripts/	99 KB 33 KB	30ms 30ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/commontransformations-scripts/11.1.244.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0018/6412.js?448770 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e47ae4acb9f77fa8349d09a92119eb48f04259f67720af7df4ef42281ad0699 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:28 GMT content-encoding gzip cf-cache-status HIT age 101372 cf-ray 62eee05eeab49754-FRA content-length 33739 cf-request-id 08c92a8f52000097548bb56000000001 last-modified Tue, 23 Feb 2021 13:37:17 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	/ Show response ct.pinterest.com/user/	38 B 452 B	317ms 115ms	XHR application/json	151.101.36.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/user/?tid=2615756587198&cb=1615571548024 Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:28 GMT content-encoding gzip referrer-policy origin x-cdn fastly content-type application/json; charset=utf-8 access-control-allow-origin https://www.mysponsoringsecrets.com access-control-expose-headers Epik,Pin-Unauth cache-control no-cache,no-store,must-revalidate,max-age=0 pin-unauth dWlkPU5UZGlZelUyTXprdE5USmpNQzAwTTJSaUxXRm1NamN0TURVeE9UUmpNREZpWm1RMQ x-pinterest-rid 1474720519104525 x-envoy-upstream-service-time 1 access-control-allow-credentials true content-length 64 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ ct.pinterest.com/v3/	35 B 95 B	322ms 121ms	Image image/gif	151.101.36.84 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ct.pinterest.com/v3/?tid=2615756587198&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222a04f3ee%22%7D&cb=1615571548025 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:28 GMT referrer-policy origin x-cdn fastly content-type image/gif access-control-allow-origin * cache-control no-cache,no-store,must-revalidate,max-age=0 x-envoy-upstream-service-time 5 x-pinterest-rid 1221635902161099 content-length 35 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 409 B	21ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1000811343263975&ev=PageView&dl=https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz&rl=&if=false&ts=1615571548184&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615571548182.1453824352&it=1615571547863&coo=false&rqm=GET Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:28 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Fri, 12 Mar 2021 17:52:28 GMT
GET H2	200	cc.js Show response consent.cookiebot.com/ff33c627-6bc4-4a80-b21d-694621b44b90/	218 KB 55 KB	2567ms 2566ms	Script application/x-javascript	2a02:26f0:7100::687e:24c9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/ff33c627-6bc4-4a80-b21d-694621b44b90/cc.js?renew=false&referer=www.mysponsoringsecrets.com&dnt=false&forceshow=false&cbid=ff33c627-6bc4-4a80-b21d-694621b44b90&whitelabel=false&brandid=Cookiebot&framework= Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=ff33c627-6bc4-4a80-b21d-694621b44b90 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24c9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 6304401aee553a8a9f8941f3883ee20c5b810ff69a66506219b578fe8a4c8d60 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:30 GMT content-encoding gzip last-modified Fri, 12 Mar 2021 17:52:28 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1200 access-control-allow-headers cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers content-length 56068
POST H3-Q050	200	reload Show response www.google.com/recaptcha/api2/ Frame 66AC	9 KB 7 KB	56ms 56ms	XHR application/json	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 02452a52142289054ba5774b5ef4fddf92560de5b076f8250af63d7af41919dd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfosMgUAAAAAO6N1vAMAOcD63Btsx7EhwbI7p6a&co=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&cb=a79k4a52tg6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-protobuffer Response headers date Fri, 12 Mar 2021 17:52:28 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6706 x-xss-protection 1; mode=block expires Fri, 12 Mar 2021 17:52:28 GMT
GET H2	200	6412.json Show response script.crazyegg.com/pages/sampling-data-scripts/0018/	2 KB 691 B	14ms 14ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/sampling-data-scripts/0018/6412.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/11.1.244.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 080c345f47ea33ac0d1a4982dba93e81bf66b4c2eb81063f887bc5701a691eac Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:28 GMT content-encoding gzip cf-cache-status HIT age 1557 ce-version 11.1.244 content-length 551 cf-request-id 08c92a903600004aaf33910000000001 timing-allow-origin * last-modified Fri, 12 Mar 2021 17:26:31 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes cf-ray 62eee0605ca74aaf-FRA
GET H/1.1	200 OK	tagjs Show response pixel-geo.prfct.co/ Redirect Chain https://pixel-geo.prfct.co/tagjs?a_id=80540&source=js_tag https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=80540&source=js_tag	125 B 454 B	152ms 152ms	Script text/javascript	34.243.193.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=80540&source=js_tag Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.243.193.207 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-243-193-207.eu-west-1.compute.amazonaws.com Software / Resource Hash 095fa6ce6750082a7d9a07112a30542e6ab94d1a17f7308e51aa7554e6951019 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-Control no-store, no-cache, private Connection keep-alive P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Content-Length 125 Content-Type text/javascript Redirect headers Location https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=80540&source=js_tag Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
POST H2	204	/ Show response ct.pinterest.com/md/	0 198 B	297ms 110ms	XHR text/plain	151.101.36.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ct.pinterest.com/md/ Requested by Host: s.pinimg.com URL: https://s.pinimg.com/ct/lib/main.2a04f3ee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:28 GMT referrer-policy origin x-cdn fastly access-control-allow-origin * cache-control no-cache,no-store,must-revalidate,max-age=0 x-envoy-upstream-service-time 0 x-pinterest-rid 1034160845445816 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/803660283/	2 KB 2 KB	37ms 17ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803660283/?random=1615571548383&cv=9&fst=1615571548383&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz&tiba=Master%20Sponsoring%20Series&hn=www.googleadservices.com&us_privacy=1YNY&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40c89ea10c652babe9b3436455dc8b425188c581aefa0e3631de12ee0ef8559d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:28 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1015 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.com/pagead/1p-user-list/803660283/	42 B 96 B	19ms 19ms	Image image/gif	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/803660283/?random=1615571548383&cv=9&fst=1615568400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&frm=0&url=https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz&tiba=Master%20Sponsoring%20Series&async=1&fmt=3&is_vtc=1&random=3022253836&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.de/pagead/1p-user-list/803660283/	42 B 530 B	42ms 28ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/803660283/?random=1615571548383&cv=9&fst=1615568400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&frm=0&url=https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz&tiba=Master%20Sponsoring%20Series&async=1&fmt=3&is_vtc=1&random=3022253836&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget.js Show response widget.wickedreports.com/	23 KB 8 KB	170ms 170ms	Script text/javascript	65.9.96.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.wickedreports.com/widget.js Requested by Host: widget.wickedreports.com URL: https://widget.wickedreports.com/v2/3262/wr-ad556dd19891be9143a759528f150a60.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.96.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42eb2d7aed466bdc140acdf7c55f6e8ead2b1c3f22ad42d12bbbada80d81545b Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 13:27:46 GMT content-encoding gzip last-modified Thu, 11 Mar 2021 13:17:11 GMT server AmazonS3 age 15911 etag W/"99a7f8b6254d4be2c61a4cd2fbf05a78" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 d19bc25644fc0cb24d9e1c2cb87755cb.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-amz-cf-id LGV0GuM2a8xAv_1e9aTo31W3A59P_LeRdPAonrJnpFDobSj3qF9OEg==
GET H2	200	/ Show response check.deadlinefunnel.com/identify/	0 381 B	752ms 243ms	Script text/plain	34.234.183.128 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://check.deadlinefunnel.com/identify/?callback=callDFJsonP&domain=https%3A%2F%2Fdeadlinefunnel.com&clientUrl=https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz&debug=false&showCountdownNow=0&redisDomain=https%3A%2F%2Fcheck.deadlinefunnel.com&userIdHash=eyJpdiI6Ing3bkhFOVFcLzJcL3pTWkdKSEplbFYydz09IiwidmFsdWUiOiJZRmpPWFR4QnhESzdXNTJURitMdUpnPT0iLCJtYWMiOiI4YzNkZjcwNTQyNGVlMDQxODJkODk4MWQ3NjhmMjQ0MTViNmQxNTFhMmM3YzJhZTFjYmI3ZTgyZmRiMGFiZGE5In0&pageFromUrl=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb20vP209am1hbndpbno&parentPageFromUrl=&m=jmanwinz&promocode=undefined Requested by Host: a.deadlinefunnel.com URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6Ing3bkhFOVFcLzJcL3pTWkdKSEplbFYydz09IiwidmFsdWUiOiJZRmpPWFR4QnhESzdXNTJURitMdUpnPT0iLCJtYWMiOiI4YzNkZjcwNTQyNGVlMDQxODJkODk4MWQ3NjhmMjQ0MTViNmQxNTFhMmM3YzJhZTFjYmI3ZTgyZmRiMGFiZGE5In0=&pageFromUrl=aHR0cHM6Ly93d3cubXlzcG9uc29yaW5nc2VjcmV0cy5jb20vP209am1hbndpbno=&parentPageFromUrl= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.234.183.128 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-183-128.compute-1.amazonaws.com Software / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:29 GMT x-powered-by Express content-length 0
GET H2	200	adsct analytics.twitter.com/i/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=twtr https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_mQ5Lv6XLai1OrY1hg	43 B 574 B	597ms 302ms	Image image/gif	104.244.42.67 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_mQ5Lv6XLai1OrY1hg Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.67 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:29 GMT content-encoding gzip x-content-type-options nosniff status 200 OK x-twitter-response-tags BouncerCompliant content-length 65 x-xss-protection 0 x-response-time 129 pragma no-cache last-modified Fri, 12 Mar 2021 17:52:29 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=631138519 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash 761f918738aa8fc21bd0ee31e91b91cb x-transaction 0090d973000ef41f expires Tue, 31 Mar 1981 05:00:00 GMT Redirect headers Location https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_mQ5Lv6XLai1OrY1hg Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	204	v1 ads.yahoo.com/cms/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=yah https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_mQ5Lv6XLai1OrY1hg&sigv=1&esig=2~b63056c83475fe835c8eb127d035e1826e27baff	0 445 B	24ms 7ms	Image text/plain	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_mQ5Lv6XLai1OrY1hg&sigv=1&esig=2~b63056c83475fe835c8eb127d035e1826e27baff Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 17:52:29 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block Redirect headers Location https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_mQ5Lv6XLai1OrY1hg&sigv=1&esig=2~b63056c83475fe835c8eb127d035e1826e27baff Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=opx https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_mQ5Lv6XLai1OrY1hg https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_mQ5Lv6XLai1OrY1hg	43 B 180 B	176ms 175ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_mQ5Lv6XLai1OrY1hg Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.202.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 12 Mar 2021 17:52:30 GMT via 1.1 google server OXGW/16.202.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_mQ5Lv6XLai1OrY1hg date Fri, 12 Mar 2021 17:52:29 GMT via 1.1 google server OXGW/16.202.0 alt-svc clear content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=rbcn https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_mQ5Lv6XLai1OrY1hg	0 239 B	1191ms 265ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_mQ5Lv6XLai1OrY1hg Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 4b510f0cc5fcbc9800016ef543086418 Content-Type image/gif Redirect headers Location https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_mQ5Lv6XLai1OrY1hg Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H/1.1	200 OK	cb pixel-geo.prfct.co/ Redirect Chain https://pixel-geo.prfct.co/cs/?partnerId=goo https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfbVE1THY2WExhaTFPclkxaGc https://pixel-geo.prfct.co/cb?partnerId=goo	43 B 365 B	185ms 185ms	Image image/gif	34.243.193.207 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-geo.prfct.co/cb?partnerId=goo Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.243.193.207 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-243-193-207.eu-west-1.compute.amazonaws.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-Control no-store, no-cache, private Connection keep-alive P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Content-Length 43 Content-Type image/gif Redirect headers pragma no-cache date Fri, 12 Mar 2021 17:52:29 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://pixel-geo.prfct.co/cb?partnerId=goo cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 240 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ pixel-geo.prfct.co/seg/	43 B 365 B	528ms 230ms	Image image/gif	34.243.193.207 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-geo.prfct.co/seg/?add=11608938,11769684&source=js_tag&a_id=80540 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.243.193.207 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-243-193-207.eu-west-1.compute.amazonaws.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-Control no-store, no-cache, private Connection keep-alive P3P CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/seg?t=2&add=11769684 https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11769684	43 B 1 KB	91ms 90ms	Image image/gif	185.33.221.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11769684 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Mar 2021 17:52:29 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80 AN-X-Request-Uuid 63042b59-b47c-4cea-854d-55f8ed7d03d4 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 12 Mar 2021 17:52:29 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.153:80 AN-X-Request-Uuid 7d378191-304f-4400-af02-79de85714ed4 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11769684 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	bounce secure.adnxs.com/ Redirect Chain https://secure.adnxs.com/seg?t=2&add=11608938 https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11608938	43 B 1 KB	85ms 84ms	Image image/gif	185.33.221.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11608938 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 Mar 2021 17:52:29 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80 AN-X-Request-Uuid 493b9028-55b5-44cf-8360-7a274d5f2929 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 12 Mar 2021 17:52:29 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80 AN-X-Request-Uuid 60a1cd6f-093a-4feb-ab6b-9420399faecd Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D11608938 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ cx.atdmt.com/ Redirect Chain https://www.facebook.com/tr/?id=1000811343263975&ev=Microdata&dl=https%3A%2F%2Fwww.mysponsoringsecrets.com%2F%3Fm%3Djmanwinz&rl=&if=false&ts=1615571549688&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%... https://cx.atdmt.com/?c=9462485528646163025&f=AYzTFr-LgBqHvKozCz2pxLWgw1A1-i4rSEE0pvseDl_xvRxbMqCjqMyBek5CdV5Fk7r7uQwAsFfm9tlOK9P162n2&id=1000811343263975&l=3&v=0	43 B 1023 B	56ms 36ms	Image image/gif	2a03:2880:f02d:5:face:b00c:0:8c FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://cx.atdmt.com/?c=9462485528646163025&f=AYzTFr-LgBqHvKozCz2pxLWgw1A1-i4rSEE0pvseDl_xvRxbMqCjqMyBek5CdV5Fk7r7uQwAsFfm9tlOK9P162n2&id=1000811343263975&l=3&v=0 Requested by Host: www.mysponsoringsecrets.com URL: https://www.mysponsoringsecrets.com/?m=jmanwinz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:5:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.mysponsoringsecrets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Mar 2021 09:52:29 PST content-encoding br x-content-type-options nosniff cross-origin-resource-policy cross-origin x-fb-rlafr 0 pragma public x-fb-debug RXKCenfpFiGPXmJO4SkMirXqIyzqbJCiZMPB1k02bAMrGIX6dWLoMTV6XBCFTDyFvNRaNv+FdiLyUD3Aj/Nl0A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-frame-options DENY vary Accept-Encoding report-to {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type image/gif cache-control public, max-age=0 origin-trial AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ== cross-origin-opener-policy-report-only same-origin-allow-popups;report-to="coop_report" expires Fri, 12 Mar 2021 09:52:29 PST Redirect headers pragma no-cache date Fri, 12 Mar 2021 17:52:29 GMT server proxygen-bolt content-type text/plain location https://cx.atdmt.com/?c=9462485528646163025&f=AYzTFr-LgBqHvKozCz2pxLWgw1A1-i4rSEE0pvseDl_xvRxbMqCjqMyBek5CdV5Fk7r7uQwAsFfm9tlOK9P162n2&id=1000811343263975&l=3&v=0 cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0 expires 0
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	964 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	973 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0633b25e2d52e44b3306996bf3809299aa8841e6f8b98ea1e9596aa75c649dc0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png