mastermindescapegames.com Open in urlscan Pro
185.151.30.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001Y0UxzbHmze5C8eZLQTwzdWIrzPc8ZLBT31QCrljq3pxAJvEDiUSNEdbKUaRG6BPoTsTTNRLwbUF3hGRKwO5z...
Effective URL:
https://mastermindescapegames.com/august-buy-voucher/
Submission: On February 21 via api (February 21st 2024, 1:06:41 am UTC) from CA — Scanned from CA

Summary HTTP 45 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 45 HTTP transactions. The main IP is 185.151.30.166, located in United Kingdom and belongs to TWENTYI, GB. The main domain is mastermindescapegames.com.
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.

This is the only time mastermindescapegames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
10	185.151.30.166 185.151.30.166	48254 (TWENTYI) (TWENTYI)
2	142.250.81.232 142.250.81.232	15169 (GOOGLE) (GOOGLE)
4	138.199.40.58 138.199.40.58	60068 (CDN77 _) (CDN77 _)
1	45.79.97.15 45.79.97.15	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	142.251.40.238 142.251.40.238	15169 (GOOGLE) (GOOGLE)
3	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
2	142.250.65.163 142.250.65.163	15169 (GOOGLE) (GOOGLE)
16	172.82.131.10 172.82.131.10	46261 (QUICKPACKET) (QUICKPACKET)
1	142.250.80.100 142.250.80.100	15169 (GOOGLE) (GOOGLE)
45	11

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.151.30.166 (United Kingdom)

ASN48254 (TWENTYI, GB)
PTR: 185-151-30-166.ptr4.stackcp.net

mastermindescapegames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.199.40.58 (New York, United States)

ASN60068 (CDN77 _, GB)
PTR: 138-199-40-58.bunnyinfra.net

hb.wpmucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.97.15 (Fremont, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1196-15.members.linode.com

bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.238 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.156 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.163 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.82.131.10 (Ashburn, United States)

ASN46261 (QUICKPACKET, US)
PTR: srv-1557q.bookeo.com

www-1557q.bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	bookeo.com bookeo.com — Cisco Umbrella Rank: 158301 www-1557q.bookeo.com	708 KB
10	mastermindescapegames.com mastermindescapegames.com	140 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 177 www.google.com — Cisco Umbrella Rank: 2	776 B
4	wpmucdn.com hb.wpmucdn.com — Cisco Umbrella Rank: 51402	150 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8927	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113	411 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	162 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 9189	371 B
0	googleapis.com Failed fonts.googleapis.com Failed
45	10

	Domain	Requested by
16	www-1557q.bookeo.com	bookeo.com www-1557q.bookeo.com
10	mastermindescapegames.com	mastermindescapegames.com hb.wpmucdn.com
4	hb.wpmucdn.com	mastermindescapegames.com
3	analytics.google.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com mastermindescapegames.com
2	www.google.ca	mastermindescapegames.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	mastermindescapegames.com www.googletagmanager.com
1	www.google.com	mastermindescapegames.com
1	bookeo.com	mastermindescapegames.com
1	r20.rs6.net	1 redirects
0	fonts.googleapis.com Failed	mastermindescapegames.com
45	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.mastermindescapegames.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.wpmucdn.com RapidSSL TLS RSA CA G1	`2023-03-24` - `2024-03-23`	a year	crt.sh
*.bookeo.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-08` - `2024-03-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mastermindescapegames.com/august-buy-voucher/
Frame ID: C8B03DAD5A4D287B8A1FB0BB7F899E44
Requests: 29 HTTP requests in this frame

Frame: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default9231&xdm_p=1
Frame ID: D3410C1246A25716A92CB31344726831
Requests: 3 HTTP requests in this frame

Frame: https://www-1557q.bookeo.com/bookeo/startroute_415577FJ9CH155E5DC1680?ralias=true&axiomframed=true&inwidget=true&a=415577FJ9CH155E5DC1680&startmode=buyvoucher&aguid=415577FJ9CH155E5DC1680&axiom_bid=xefchjeyffkxhjcm&w=-546510115&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&m=252626281e18
Frame ID: 85EE0BFEEAFA9F8E2E77AB4073B411BD
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

August Buy Voucher - Mastermind Escape Rooms

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001Y0UxzbHmze5C8eZLQTwzdWIrzPc8ZLBT31QCrljq3pxAJvEDiUSNEdbKUaRG6BPo... HTTP 302
https://mastermindescapegames.com/august-buy-voucher/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

45
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

1183 kB
Transfer

3449 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Mastermind-Escape-Games-GA-1722277701335819/

Search URL Search Domain Scan URL

URL: https://twitter.com/MMEscapeGames

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mastermindescapegames/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB7UZe24wV3KbNYUtd6vcxg/featured

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001Y0UxzbHmze5C8eZLQTwzdWIrzPc8ZLBT31QCrljq3pxAJvEDiUSNEdbKUaRG6BPoTsTTNRLwbUF3hGRKwO5zknZu4SQ103hJql3gNexFvNFGm5m7Zii5W2EcCGVUrDftD4u96r19XOyf1VsorQKAv4ac_Y8P7jvJlDNTd0xw9Zbei8vicwffcpSxhpSqPc0o&c=aLQGmy607PDqk9UXMv77-fZdV2wlgR7zkbEmx95VsbOj_Y8NWcdYGA==&ch=tttz22Ib6zAcIfCcb1YqOU7IhxzUIIj7DGyBVoyfbG3I-3lYzDo0cQ== HTTP 302
https://mastermindescapegames.com/august-buy-voucher/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mastermindescapegames.com/august-buy-voucher/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001Y0UxzbHmze5C8eZLQTwzdWIrzPc8ZLBT31QCrljq3pxAJvEDiUSNEdbKUaRG6BPoTsTTNRLwbUF3hGRKwO5zknZu4SQ103hJql3gNexFvNFGm5m7Zii5W2EcCGVUrDftD4u96r19XOyf1VsorQKAv4ac_Y8P7jvJlDNTd...
https://mastermindescapegames.com/august-buy-voucher/

20 KB
6 KB

3581ms
39ms

Document
text/html

185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache / PHP/7.4.33
Resource Hash: 942decdf082e034f2805a3d713f1853db5c691bfef3cb84addd02524e0e92322

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: public, s-maxage=216000 max-age=86400
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 01:06:29 GMT
expires: Thu, 22 Feb 2024 01:01:15 GMT
link: <https://mastermindescapegames.com/wp-json/>; rel="https://api.w.org/", <https://mastermindescapegames.com/wp-json/wp/v2/pages/9428>; rel="alternate"; type="application/json", <https://mastermindescapegames.com/?p=9428>; rel=shortlink
server: Apache
vary: Accept-Encoding Accept-Encoding
x-cache-enabled: true
x-cdn-cache-status: HIT
x-origin-cache-status: MISS
x-powered-by: PHP/7.4.33
x-provided-by: StackCDN
x-stackcache-cacheable: yes
x-via: ASH1

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 21 Feb 2024 01:06:32 GMT
Location: https://mastermindescapegames.com/august-buy-voucher/
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 359ms
47ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8e3f124272720582fe6c8ce43fbd74676017a3c648f0e9c7a7b74a485728ba19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 01:06:36 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 67ad3c90-67ac-446c-a6f7-15d1c4d98f63.css
hb.wpmucdn.com/mastermindescapegames.com/ 269 KB
50 KB 245ms
48ms Stylesheet
text/css 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/67ad3c90-67ac-446c-a6f7-15d1c4d98f63.css
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: ee9cfefbf86baf5ba013b1d619e5e430115bd6b2ce9ea4b0f0df3e655f52fbae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:36 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/15/2024 14:45:20
cdn-pullzone: 1101156
last-modified: Thu, 15 Feb 2024 06:24:59 GMT
server: BunnyCDN-NY1-885
x-amz-meta-hb-minify: minify=0.0%, origSize=109898
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"e41d2aabba5473b78bc3aa2c4e20ee85"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a49bf77b695c940d6ff0af2995c9fefe
cdn-requestcountrycode: CA
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 34dddaa3-f6a5-46cc-a407-814aa29d0407.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 99 KB
37 KB 230ms
34ms Script
application/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/34dddaa3-f6a5-46cc-a407-814aa29d0407.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:36 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/15/2024 14:45:20
cdn-pullzone: 1101156
last-modified: Thu, 15 Feb 2024 06:25:00 GMT
server: BunnyCDN-NY1-885
x-amz-meta-hb-minify: minify=0.0%, origSize=87553
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"4f37101ff3ee8f069d1ca3852ffbbf18"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: a43ca99458d0f58590ebf9c37b4a7cb0
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 e1ac0235-875b-4248-94fc-6c8b0b02a248.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 134 KB
43 KB 242ms
45ms Script
application/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/e1ac0235-875b-4248-94fc-6c8b0b02a248.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 1717563adc25178aca7302724a4329aa4e4aabb9e3ae93f892a9990c9d05fea1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:36 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/15/2024 14:45:20
cdn-pullzone: 1101156
last-modified: Thu, 15 Feb 2024 06:25:02 GMT
server: BunnyCDN-NY1-885
x-amz-meta-hb-minify: minify=1.5%, origSize=21070
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"b8654eb821c84782d605bf8cbcfee519"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 35654b1cf793bcf72a5f45baa00d9718
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 nav-logo.jpg
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 5 KB
5 KB 28ms
27ms Image
image/jpeg 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/nav-logo.jpg
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: e4f0da36ba04aac07d40d906e0f76ed04dc1ee86c56ffdf5c2306980277c7039

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:35 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "1419-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/jpeg
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5145
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 responsive-menu-icon.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 237 B
502 B 29ms
28ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/responsive-menu-icon.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 67c14596c1956697b6f7dd0f7f67cb4f50118d70608ca2a16dee3364d679535d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:35 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "ed-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 237
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:56 GMT

GET
H2 200 widget.js Show response
bookeo.com/ 111 KB
24 KB 507ms
86ms Script
text/javascript 45.79.97.15
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bookeo.com/widget.js?a=415577FJ9CH155E5DC1680&startmode=buyvoucher

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.79.97.15 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1196-15.members.linode.com

Software

Resource Hash

531528db53acb8e6c1c64a7ab1e4ff84384aa6a577216ef4867a99ee95ab105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:36 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/footer/ 57 KB
58 KB 32ms
32ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/footer/logo.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 2b1e0ecdd104445637dac412934d2e088639b151908a25afece5d0cfa31df03f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:29 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "e5de-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 58846
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 TA-Award2023.jpg
mastermindescapegames.com/wp-content/uploads/2023/12/ 66 KB
67 KB 27ms
27ms Image
image/jpeg 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2023/12/TA-Award2023.jpg
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: b1619d3df21b66e8c20bd61a03d42c9d8eb6f371f2c3713dbd6c38005a341053

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:29 GMT
last-modified: Sat, 16 Dec 2023 21:38:00 GMT
server: Apache
etag: "109dc-60ca754b036fc"
x-cdn-cache-status: HIT
content-type: image/jpeg
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 68060
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:07:59 GMT

GET
H2 200 icon-facebook.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 344 B
610 B 27ms
27ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-facebook.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 140884f9d4db6142c411cc9b0249c7b3661ad04d7c1c76b538bc7d4a6a1896fe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:29 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "158-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 344
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 icon-twitter.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 370 B
636 B 28ms
27ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-twitter.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: d5479f9f1e8b9af94b2320d3deaab72e3a71c5adc6dffb1d39c5b4487bd6e407

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:29 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "172-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 370
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 icon-insta.png
mastermindescapegames.com/wp-content/uploads/2016/05/ 335 B
601 B 29ms
28ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/05/icon-insta.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: a19e9cf0b99054e9c1a6fdc2289491c63a3fef977ad661b1d2532a575a99874c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:29 GMT
last-modified: Thu, 09 Jun 2016 05:20:24 GMT
server: Apache
etag: "14f-534d194465600"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 335
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 youtube-icon.png
mastermindescapegames.com/wp-content/uploads/2016/06/ 1 KB
2 KB 29ms
29ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/uploads/2016/06/youtube-icon.png
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 50b9097027b8ceb680e172b8ed6ad7f8495c4642f8fa6f5c2c01470dbc307495

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/august-buy-voucher/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:29 GMT
last-modified: Tue, 14 Jun 2016 19:24:21 GMT
server: Apache
etag: "5fa-53541f3ae8340"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1530
x-origin-cache-status: HIT
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:08:00 GMT

GET
H2 200 e336e7b1-5976-4114-9129-eadd5c692082.js Show response
hb.wpmucdn.com/mastermindescapegames.com/ 57 KB
20 KB 97ms
48ms Script
application/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.wpmucdn.com/mastermindescapegames.com/e336e7b1-5976-4114-9129-eadd5c692082.js
Requested by: Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 73c87f36b805db1de70262fdb381b78500767d72c2a0a09dbcc5c1efc8b02954

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:36 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/15/2024 14:45:20
cdn-pullzone: 1101156
last-modified: Thu, 15 Feb 2024 06:25:02 GMT
server: BunnyCDN-NY1-885
x-amz-meta-hb-minify: minify=0.0%, origSize=57925
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"cc3ea88605b54322a605c2796fb8a804"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: ab17eb451ff6139d7ee012240cc0f2cc
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 location-selector-arrow.png
mastermindescapegames.com/wp-content/themes/devsavvy/images/header/ 170 B
436 B 28ms
27ms Image
image/png 185.151.30.166
TWENTYI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mastermindescapegames.com/wp-content/themes/devsavvy/images/header/location-selector-arrow.png
Requested by: Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/mastermindescapegames.com/67ad3c90-67ac-446c-a6f7-15d1c4d98f63.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.151.30.166 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS: 185-151-30-166.ptr4.stackcp.net
Software: Apache /
Resource Hash: 7ca40cacffbd24fd9488767a3989a1b8364fba4170659edffa0b8ebd6ca955e0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://hb.wpmucdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:29 GMT
last-modified: Thu, 09 Jun 2016 05:21:21 GMT
server: Apache
etag: "aa-534d197ac1640"
x-cdn-cache-status: HIT
content-type: image/png
x-via: ASH1
cache-control: max-age=86400
accept-ranges: bytes
content-length: 170
x-origin-cache-status: MISS
x-provided-by: StackCDN
expires: Wed, 10 Jan 2024 22:16:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
92 KB 66ms
65ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ea554f1ec009a2da4d33700d0a438d4096ef6707081a3d5b8bd1c250d8bb1b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 01:06:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94278
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 01:06:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1110ms
25ms Script
text/javascript 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84554046-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 00:06:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3594
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Feb 2024 02:06:43 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 86ms
36ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je42h0v890886590za200&_p=1708477595853&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1039014395.1708477596&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708477596&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&dt=August%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&tfd=5337
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:06:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 353ms
38ms Ping
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P32SMH4GWQ&cid=1039014395.1708477596&gtm=45je42h0v890886590za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:06:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 418ms
103ms Image
image/gif 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P32SMH4GWQ&cid=1039014395.1708477596&gtm=45je42h0v890886590za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1372171300

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:06:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK -misc-widgetProvider.html Show response
www-1557q.bookeo.com/ Frame D341 702 B
845 B 1436ms
36ms Document
text/html 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default9231&xdm_p=1

Requested by

Host: bookeo.com
URL: https://bookeo.com/widget.js?a=415577FJ9CH155E5DC1680&startmode=buyvoucher

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

503c4056d9f6a2eafd699950482d06f72a56fcf11ec06d53684870534cacb202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mastermindescapegames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 362
Content-Type: text/html;charset=utf-8
Date: Wed, 21 Feb 2024 01:06:37 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1557q_18dc93348b5

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 51ms
50ms XHR
text/plain 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=867598457&t=pageview&_s=1&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&ul=en-us&de=UTF-8&dt=August%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=927211770&gjid=2031077883&cid=1039014395.1708477596&tid=UA-84554046-2&_gid=2012269645.1708477597&_r=1&gtm=457e42h0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1616409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mastermindescapegames.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:06:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 38ms
38ms XHR
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-84554046-2&cid=1039014395.1708477596&jid=927211770&gjid=2031077883&_gid=2012269645.1708477597&_u=YADAAUAAAAAAACAAI~&z=786950849

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mastermindescapegames.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Feb 2024 01:06:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 160ms
99ms Image
image/gif 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-84554046-2&cid=1039014395.1708477596&jid=927211770&_u=YADAAUAAAAAAACAAI~&z=1096559405

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:06:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 103ms
102ms Image
image/gif 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-84554046-2&cid=1039014395.1708477596&jid=927211770&_u=YADAAUAAAAAAACAAI~&z=1096559405

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:06:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK easyXDM.min.js Show response
www-1557q.bookeo.com/bookeo/js-14.4.35/widgetcomm/ Frame D341 99 KB
19 KB 52ms
52ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/js-14.4.35/widgetcomm/easyXDM.min.js

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default9231&xdm_p=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default9231&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 01:06:37 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18dc93348dd
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 19528
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1557q.bookeo.com/bookeo/js-14.4.35/ Frame D341 733 KB
204 KB 91ms
37ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/js-14.4.35/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

71acb1a067253969522bd1b008fb10d2cc12ef256180e84a8782d276a97e3eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default9231&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 01:06:37 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18dc9334913
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 208254
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK startroute_415577FJ9CH155E5DC1680 Show response
www-1557q.bookeo.com/bookeo/ Frame 85EE 15 KB
3 KB 59ms
58ms Document
text/html 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/startroute_415577FJ9CH155E5DC1680?ralias=true&axiomframed=true&inwidget=true&a=415577FJ9CH155E5DC1680&startmode=buyvoucher&aguid=415577FJ9CH155E5DC1680&axiom_bid=xefchjeyffkxhjcm&w=-546510115&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&m=252626281e18

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/js-14.4.35/bundle_customer_ui2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

bbf31d63891a3d4c6e26e97e56ab8b082a6572ba89bd0f7cc9c513191e4b3145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/-misc-widgetProvider.html?aguid=415577FJ9CH155E5DC1680&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&xdm_e=https%3A%2F%2Fmastermindescapegames.com&xdm_c=default9231&xdm_p=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 2998
Content-Type: text/html;charset=utf-8
Date: Wed, 21 Feb 2024 01:06:38 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 1557q_18dc9334995

GET
H/1.1 200
OK css
www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/ Frame 85EE 22 KB
2 KB 78ms
76ms Stylesheet
text/css 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/startroute_415577FJ9CH155E5DC1680?ralias=true&axiomframed=true&inwidget=true&a=415577FJ9CH155E5DC1680&startmode=buyvoucher&aguid=415577FJ9CH155E5DC1680&axiom_bid=xefchjeyffkxhjcm&w=-546510115&t=foJoADI%2FKqr1IcgD561CSEIDj3%2Bp7rmuBMJS8%2BwGCiI%3D&c=03n&m=252626281e18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

2eab524ec1f2f1310ba5ceb2e499ee60bac61f50ace71031f4ef5bd5c9c130d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Bookeo-ResponseId: 1557q_18dc93349d6
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400, no-transform
Expires: Thu, 22 Feb 2024 01:06:38 GMT

GET
H/1.1 200
OK bundle_customer_ui2.css
www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/ Frame 85EE 227 KB
38 KB 53ms
51ms Stylesheet
text/css 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/bundle_customer_ui2.css?bp_a=415577FJ9CH155E5DC1680&bp_v=1645057281307

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

2b954304f664a19991cc9cfd4788386990c00cc8b579823bec00a5f19c8dcba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18dc93349d6
Content-Type: text/css;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 38395
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK bundle_customer_ui2.js Show response
www-1557q.bookeo.com/bookeo/js-14.4.35/ Frame 85EE 733 KB
204 KB 111ms
51ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/js-14.4.35/bundle_customer_ui2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

71acb1a067253969522bd1b008fb10d2cc12ef256180e84a8782d276a97e3eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18dc9334a11
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 208254
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK axiom_en_US.js Show response
www-1557q.bookeo.com/bookeo/js-14.4.35/i18n/ Frame 85EE 68 KB
14 KB 112ms
48ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/js-14.4.35/i18n/axiom_en_US.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

8079786fbd0feb7430edc912b35269847527a8d9eaa0f3e026e0b395717f508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18dc9334a16
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 13557
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK cbpreferences.js Show response
www-1557q.bookeo.com/bookeo/dynjs/ Frame 85EE 13 KB
6 KB 126ms
48ms Script
text/javascript 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/dynjs/cbpreferences.js?ver=1708111402977&aid=1366329&languageCode=en_US&v=14.4.35

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

ee0e2caa68b054767efe3ee44ec27ea7d82cb484478e4be402029404fb10802b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 10:01:43 GMT
X-Bookeo-ResponseId: 1557q_18dc9334a23
Vary: Accept-Encoding, User-Agent
Content-Type: text/javascript;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Content-Length: 6047
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK select-arrow-round-light.png
www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/cssimages/ Frame 85EE 289 B
652 B 33ms
32ms Image
image/png 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/cssimages/select-arrow-round-light.png

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/bundle_customer_ui2.css?bp_a=415577FJ9CH155E5DC1680&bp_v=1645057281307

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www-1557q.bookeo.com/bookeo/css-14.4.35/customerui2/bundle_customer_ui2.css?bp_a=415577FJ9CH155E5DC1680&bp_v=1645057281307
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 04 Feb 2024 03:35:28 GMT
X-Bookeo-ResponseId: 1557q_18dc9334a97
Content-Type: image/png;charset=utf-8
Cache-Control: public, max-age=7776000, no-transform
Accept-Ranges: bytes
Content-Length: 289
Expires: Tue, 04 Feb 2025 10:01:43 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/ Frame 85EE 47 KB
47 KB 34ms
34ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Thu, 20 Feb 2025 01:06:38 GMT
Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18dc9334a97
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/ Frame 85EE 35 KB
35 KB 37ms
36ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Thu, 20 Feb 2025 01:06:38 GMT
Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18dc9334aa0
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/ Frame 85EE 16 KB
16 KB 58ms
34ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Thu, 20 Feb 2025 01:06:38 GMT
Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18dc9334ab9
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/ Frame 85EE 46 KB
46 KB 59ms
33ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Thu, 20 Feb 2025 01:06:38 GMT
Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18dc9334abb
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/ Frame 85EE 21 KB
21 KB 89ms
35ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

131c390d2291abc752740f06581a01baf1774279764ad0d3c08f45c5a33c4772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Thu, 20 Feb 2025 01:06:38 GMT
Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18dc9334ad6
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/ Frame 85EE 26 KB
26 KB 91ms
32ms Font
font/woff2 172.82.131.10
QUICKPACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: www-1557q.bookeo.com
URL: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.131.10 Ashburn, United States, ASN46261 (QUICKPACKET, US),

Reverse DNS

srv-1557q.bookeo.com

Software

Resource Hash

8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www-1557q.bookeo.com/bookeo/googlefonts/LpftxiLu/css?family=Open+Sans:300,400,600,700
Origin: https://www-1557q.bookeo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Expires: Thu, 20 Feb 2025 01:06:38 GMT
Date: Wed, 21 Feb 2024 01:06:38 GMT
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=31536000, no-transform
X-Bookeo-ResponseId: 1557q_18dc9334adc
Transfer-Encoding: chunked
Content-Type: font/woff2;charset=utf-8

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 37ms
35ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je42h0v890886590za200&_p=1708477595853&gcd=13l3l3l3l1&npa=0&dma=0&cid=1039014395.1708477596&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1708477596&sct=1&seg=0&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&dt=August%20Buy%20Voucher%20-%20Mastermind%20Escape%20Rooms&en=scroll&epn.percent_scrolled=90&_et=5&tfd=7307
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:06:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 37ms
36ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P32SMH4GWQ&gtm=45je42h0v890886590za200&_p=1708477595853&gcd=13l3l3l3l1&npa=0&dma=0&cid=1039014395.1708477596&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=3&dp=%2Fbookeo%2Fbooking-type&dt=%2Fbookeo%2Fbooking-type&sid=1708477596&sct=1&seg=1&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&en=page_view&_c=1&_ee=1&_et=1955&tfd=7307
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P32SMH4GWQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 01:06:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mastermindescapegames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
25ms Image
image/gif 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=867598457&t=pageview&_s=2&dl=https%3A%2F%2Fmastermindescapegames.com%2Faugust-buy-voucher%2F&dp=%2Fbookeo%2Fbooking-type&ul=en-us&de=UTF-8&dt=%2Fbookeo%2Fbooking-type&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACACI~&jid=&gjid=&cid=1039014395.1708477596&tid=UA-84554046-2&_gid=2012269645.1708477597&gtm=457e42h0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=349116311

Requested by

Host: mastermindescapegames.com
URL: https://mastermindescapegames.com/august-buy-voucher/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://mastermindescapegames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 23:21:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6284
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C600%2C600italic%7CPT+Sans%3A400italic%2C700italic%2C400%2C700%7CLato%3A300italic%2C300%7CMuli%3A300%2C300italic&ver=1.0

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mastermindescapegames.com/	1970-01-21 04:10:37	Name: _ga Value: GA1.2.1039014395.1708477596
.mastermindescapegames.com/	1970-01-20 18:36:03	Name: _gid Value: GA1.2.2012269645.1708477597
.mastermindescapegames.com/	1970-01-20 18:34:37	Name: _gat_gtag_UA_84554046_2 Value: 1
www-1557q.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID Value: n2akv5dxymvf53f2m1agw3nq122393
www-1557q.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID2 Value: PAT43JHML3HAMX3TLTA37NYXXL3LYWAL
.mastermindescapegames.com/	1970-01-21 04:10:37	Name: _ga_P32SMH4GWQ Value: GS1.1.1708477596.1.1.1708477598.58.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://bookeo.com/widget.js?a=415577FJ9CH155E5DC1680&startmode=buyvoucher(Line 489) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bookeo.com
fonts.googleapis.com
hb.wpmucdn.com
mastermindescapegames.com
r20.rs6.net
stats.g.doubleclick.net
www-1557q.bookeo.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
fonts.googleapis.com
138.199.40.58
142.250.31.156
142.250.65.163
142.250.80.100
142.250.81.232
142.251.40.238
172.82.131.10
185.151.30.166
208.75.122.11
216.239.32.181
45.79.97.15
131c390d2291abc752740f06581a01baf1774279764ad0d3c08f45c5a33c4772
140884f9d4db6142c411cc9b0249c7b3661ad04d7c1c76b538bc7d4a6a1896fe
1717563adc25178aca7302724a4329aa4e4aabb9e3ae93f892a9990c9d05fea1
2b1e0ecdd104445637dac412934d2e088639b151908a25afece5d0cfa31df03f
2b954304f664a19991cc9cfd4788386990c00cc8b579823bec00a5f19c8dcba8
2eab524ec1f2f1310ba5ceb2e499ee60bac61f50ace71031f4ef5bd5c9c130d1
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
503c4056d9f6a2eafd699950482d06f72a56fcf11ec06d53684870534cacb202
50b9097027b8ceb680e172b8ed6ad7f8495c4642f8fa6f5c2c01470dbc307495
531528db53acb8e6c1c64a7ab1e4ff84384aa6a577216ef4867a99ee95ab105b
67c14596c1956697b6f7dd0f7f67cb4f50118d70608ca2a16dee3364d679535d
6b0dab5300943d98f4f20de9d48a49e0186441f6fb8b5e95a9635a30c0b60e72
71acb1a067253969522bd1b008fb10d2cc12ef256180e84a8782d276a97e3eb0
73c87f36b805db1de70262fdb381b78500767d72c2a0a09dbcc5c1efc8b02954
7ca40cacffbd24fd9488767a3989a1b8364fba4170659edffa0b8ebd6ca955e0
8079786fbd0feb7430edc912b35269847527a8d9eaa0f3e026e0b395717f508a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8e3f124272720582fe6c8ce43fbd74676017a3c648f0e9c7a7b74a485728ba19
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
942decdf082e034f2805a3d713f1853db5c691bfef3cb84addd02524e0e92322
a19e9cf0b99054e9c1a6fdc2289491c63a3fef977ad661b1d2532a575a99874c
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b1619d3df21b66e8c20bd61a03d42c9d8eb6f371f2c3713dbd6c38005a341053
bbf31d63891a3d4c6e26e97e56ab8b082a6572ba89bd0f7cc9c513191e4b3145
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1
d5479f9f1e8b9af94b2320d3deaab72e3a71c5adc6dffb1d39c5b4487bd6e407
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e32fe2a147b5913b78b99ff6f043b88ba2cf57cd968c9814e65a95c4b1f097c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f0da36ba04aac07d40d906e0f76ed04dc1ee86c56ffdf5c2306980277c7039
ea554f1ec009a2da4d33700d0a438d4096ef6707081a3d5b8bd1c250d8bb1b2e
ee0e2caa68b054767efe3ee44ec27ea7d82cb484478e4be402029404fb10802b
ee9cfefbf86baf5ba013b1d619e5e430115bd6b2ce9ea4b0f0df3e655f52fbae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc04b80f5a7eeeb3391c9fea0774796209b50041a7044ae34b6bc2a7a6e8de55

mastermindescapegames.com Open in urlscan Pro 185.151.30.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

11 IPs

2 Countries

1183 kBTransfer

3449 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mastermindescapegames.com Open in urlscan Pro
185.151.30.166 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

1183 kB
Transfer

3449 kB
Size

6
Cookies

45 HTTP transactions
0 data transactions