tohavefuntoday.com Open in urlscan Pro
2606:4700:3034::6818:6a3e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gnamwatic.com/login/link.php?M=8287829&N=138&L=1&F=H
Effective URL:
https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc...
Submission: On September 20 via api (September 20th 2020, 11:21:23 am UTC) from BE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 6 countries across 13 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3034::6818:6a3e, located in United States and belongs to CLOUDFLARENET, US. The main domain is tohavefuntoday.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2020. Valid for: a year.

This is the only time tohavefuntoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.166.10.192 188.166.10.192	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	35.157.125.133 35.157.125.133	16509 (AMAZON-02) (AMAZON-02)
1 1	3.212.127.216 3.212.127.216	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.200.180.197 18.200.180.197	16509 (AMAZON-02) (AMAZON-02)
22	2606:4700:303... 2606:4700:3034::6818:6a3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::621	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
42	11

1 188.166.10.192 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: press.gnamwatic.com

gnamwatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

newdelivery.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.125.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com

trackingthebird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mactional-detions.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.127.216 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-127-216.compute-1.amazonaws.com

webapplepie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.180.197 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-180-197.eu-west-1.compute.amazonaws.com

track.click999.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3034::6818:6a3e (United States)

ASN13335 (CLOUDFLARENET, US)

tohavefuntoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::621 (Ascension Island)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	tohavefuntoday.com tohavefuntoday.com	212 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	119 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	page.link 1 redirects newdelivery.page.link	11 KB
1	doubleclick.net stats.g.doubleclick.net	66 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	polyfill.io polyfill.io	146 B
1	googleapis.com fonts.googleapis.com	574 B
1	click999.com 1 redirects track.click999.com	768 B
1	webapplepie.com 1 redirects webapplepie.com	771 B
1	mactional-detions.icu mactional-detions.icu Failed	785 B
1	trackingthebird.com trackingthebird.com	2 KB
1	gnamwatic.com 1 redirects gnamwatic.com	236 B
42	13

	Domain	Requested by
22	tohavefuntoday.com	mactional-detions.icu tohavefuntoday.com
6	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.gstatic.com	newdelivery.page.link www.gstatic.com
2	newdelivery.page.link	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	tohavefuntoday.com
1	polyfill.io	tohavefuntoday.com
1	fonts.googleapis.com	tohavefuntoday.com
1	track.click999.com	1 redirects
1	webapplepie.com	1 redirects
1	mactional-detions.icu	trackingthebird.com
1	trackingthebird.com	www.gstatic.com
1	gnamwatic.com	1 redirects
42	14

This site contains no links.

Subject Issuer	Validity	Valid
*.page.link GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
trackingthebird.com Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
mactional-detions.icu Let's Encrypt Authority X3	`2020-09-03` - `2020-12-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-31` - `2021-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-17` - `2021-04-17`	8 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Frame ID: C1EEAD3CC9AECC4E77B2804F97B3E31D
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gnamwatic.com/login/link.php?M=8287829&N=138&L=1&F=H HTTP 302
https://newdelivery.page.link/XktS Page URL
https://newdelivery.page.link/XktS?_imcp=1 HTTP 302
https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368 Page URL
https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4OD... Page URL
https://webapplepie.com/?a=100674&c=108894&s1=c780cda5-e94e-4195-9648-5c085affe368&s2=w0ianb13p6aeej... HTTP 302
https://track.click999.com/go.php?id=613qv8dpcbrcg9jc1g58&clickid=95839624&pubid=100674 HTTP 302
https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iY... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Page Statistics

42
Requests

98 %
HTTPS

69 %
IPv6

13
Domains

14
Subdomains

11
IPs

6
Countries

398 kB
Transfer

938 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gnamwatic.com/login/link.php?M=8287829&N=138&L=1&F=H HTTP 302
https://newdelivery.page.link/XktS Page URL
https://newdelivery.page.link/XktS?_imcp=1 HTTP 302
https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368 Page URL
https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWM3ODBjZGE1LWU5NGUtNDE5NS05NjQ4LTVjMDg1YWZmZTM2OCZzMj13MGlhbmIxM3A2YWVlajIyMjkxcWRoZzI&ts=1600600868109&hash=J1kMYyqkVvVMeQYyqHQmsJTcePqzngSkOYVrbJ_WAuw&rm=DJ Page URL
https://webapplepie.com/?a=100674&c=108894&s1=c780cda5-e94e-4195-9648-5c085affe368&s2=w0ianb13p6aeej22291qdhg2 HTTP 302
https://track.click999.com/go.php?id=613qv8dpcbrcg9jc1g58&clickid=95839624&pubid=100674 HTTP 302
https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gnamwatic.com/login/link.php?M=8287829&N=138&L=1&F=H HTTP 302
https://newdelivery.page.link/XktS

Request Chain 4

https://newdelivery.page.link/XktS?_imcp=1 HTTP 302
https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

XktS Show response
newdelivery.page.link/
Redirect Chain

http://gnamwatic.com/login/link.php?M=8287829&N=138&L=1&F=H
https://newdelivery.page.link/XktS

35 KB
11 KB

33ms
33ms

Document
text/html

2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://newdelivery.page.link/XktS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ded551df3eb18487dcdfbdb6e2b93111c00a2849c1ddf190dfeb140c44fe4324

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0QS75pN7zShmpcfDoooMDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-0QS75pN7zShmpcfDoooMDg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: newdelivery.page.link
:scheme: https
:path: /XktS
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Sep 2020 11:21:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-0QS75pN7zShmpcfDoooMDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-0QS75pN7zShmpcfDoooMDg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Date: Sun, 20 Sep 2020 11:21:07 GMT
Server: Apache
Location: https://newdelivery.page.link/XktS
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ZxDj8wjZDQfTgjKXBn9EljXbKJA/ 142 KB
50 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ZxDj8wjZDQfTgjKXBn9EljXbKJA/m=_b,_tp

Requested by

Host: newdelivery.page.link
URL: https://newdelivery.page.link/XktS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f065b7b7ceade347a8714eef7775808b77aabb213549219fcbf9e1a9ea3e9009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newdelivery.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203331
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51330
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 00:39:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Sep 2021 02:52:16 GMT

GET
H3-Q050 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/ck=boq-devplatform.DurableDeepLinkUi.z86Glt_Szuo.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewd... 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/ck=boq-devplatform.DurableDeepLinkUi.z86Glt_Szuo.L.B1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP6qTqz725cD0442nvDaYcrG5wPKWg/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ZxDj8wjZDQfTgjKXBn9EljXbKJA/m=_b,_tp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfa586b96cc9aaeb575c42963644ac512994853fd9ec0618042358358299492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newdelivery.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 04:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197606
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12868
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 00:39:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Sep 2021 04:27:41 GMT

GET
H3-Q050 200 m=KjEEgd Show response
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/ck=boq-devplatform.DurableDeepLinkUi.z86Glt_Szuo.L.B1.O/am=BA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsj... 17 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/ck=boq-devplatform.DurableDeepLinkUi.z86Glt_Szuo.L.B1.O/am=BA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP6qTqz725cD0442nvDaYcrG5wPKWg/m=KjEEgd

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb09c90d4e5854229607996d2a80c61f69133edf11f455c79bb900405a3d9d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newdelivery.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 04:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197606
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5904
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 00:39:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Sep 2021 04:27:41 GMT

GET
H/1.1

200

Cookie set c780cda5-e94e-4195-9648-5c085affe368 Show response
trackingthebird.com/
Redirect Chain

https://newdelivery.page.link/XktS?_imcp=1
https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368

842 B
2 KB

111ms
41ms

Document
text/html

35.157.125.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ZxDj8wjZDQfTgjKXBn9EljXbKJA/m=_b,_tp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.125.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 54efee4f15b322706b69a34bcb04915221680048a06ca4bedff07ecbf5760ea2

Request headers

Host: trackingthebird.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://newdelivery.page.link/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://newdelivery.page.link/XktS

Response headers

Server: nginx
Date: Sun, 20 Sep 2020 11:21:08 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 842
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: c780cda5-e94e-4195-9648-5c085affe368-v4=c780cda5-e94e-4195-9648-5c085affe368; Max-Age=86400; Expires=Mon, 21-Sep-2020 11:21:08 GMT; Domain=trackingthebird.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=XIHWWQyeTyy6IRpR3o6WzL8snSk9ti3sGaMWB4m9SZYz0iGWK6A4lq0hi0Ru49UJAoAexYCaO0xeP9isOdugT0APxSLU4N7EIS06G523yZ81g6H8Rh2%2BP3Og7Ii6a0iL7TY9mKhDGFZUzsKbqrE88w%3D%3D; Max-Age=31536000; Expires=Mon, 20-Sep-2021 11:21:08 GMT; Domain=trackingthebird.com; Path=/; Secure; HttpOnly;SameSite=None

Redirect headers

status: 302
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Sep 2020 11:21:08 GMT
location: https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368
content-security-policy: script-src 'report-sample' 'nonce-ea9XvPcyLNA6AsYs14rRMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-ea9XvPcyLNA6AsYs14rRMQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET redirect
mactional-detions.icu/ 0
0

GET
H/1.1 200 redirect Show response
mactional-detions.icu/ 512 B
785 B 106ms
35ms Document
text/html 35.157.125.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWM3ODBjZGE1LWU5NGUtNDE5NS05NjQ4LTVjMDg1YWZmZTM2OCZzMj13MGlhbmIxM3A2YWVlajIyMjkxcWRoZzI&ts=1600600868109&hash=J1kMYyqkVvVMeQYyqHQmsJTcePqzngSkOYVrbJ_WAuw&rm=DJ
Requested by: Host: trackingthebird.com
URL: https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.125.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f897f64a8905f144bf100a7b16d3fb481130735926ecf8a4ff690cbec3b97c9f

Request headers

Host: mactional-detions.icu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://trackingthebird.com/c780cda5-e94e-4195-9648-5c085affe368

Response headers

Server: nginx
Date: Sun, 20 Sep 2020 11:21:08 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 512
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

GET
H2

200

Primary Request / Show response
tohavefuntoday.com/offer/
Redirect Chain

https://webapplepie.com/?a=100674&c=108894&s1=c780cda5-e94e-4195-9648-5c085affe368&s2=w0ianb13p6aeej22291qdhg2
https://track.click999.com/go.php?id=613qv8dpcbrcg9jc1g58&clickid=95839624&pubid=100674
https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jM...

11 KB
4 KB

34ms
33ms

Document
text/html

2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Requested by: Host: mactional-detions.icu
URL: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWM3ODBjZGE1LWU5NGUtNDE5NS05NjQ4LTVjMDg1YWZmZTM2OCZzMj13MGlhbmIxM3A2YWVlajIyMjkxcWRoZzI&ts=1600600868109&hash=J1kMYyqkVvVMeQYyqHQmsJTcePqzngSkOYVrbJ_WAuw&rm=DJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aaaafa5a8811bfe5b8f89934c756e63b59c3f5872eff30af3d0e002cf7b9023

Request headers

:method: GET
:authority: tohavefuntoday.com
:scheme: https
:path: /offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWM3ODBjZGE1LWU5NGUtNDE5NS05NjQ4LTVjMDg1YWZmZTM2OCZzMj13MGlhbmIxM3A2YWVlajIyMjkxcWRoZzI&ts=1600600868109&hash=J1kMYyqkVvVMeQYyqHQmsJTcePqzngSkOYVrbJ_WAuw&rm=DJ
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWM3ODBjZGE1LWU5NGUtNDE5NS05NjQ4LTVjMDg1YWZmZTM2OCZzMj13MGlhbmIxM3A2YWVlajIyMjkxcWRoZzI&ts=1600600868109&hash=J1kMYyqkVvVMeQYyqHQmsJTcePqzngSkOYVrbJ_WAuw&rm=DJ

Response headers

status: 200
date: Sun, 20 Sep 2020 11:21:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d5e994f63290ec0f7eb24956e6cfb5f921600600868; expires=Tue, 20-Oct-20 11:21:08 GMT; path=/; domain=.tohavefuntoday.com; HttpOnly; SameSite=Lax cid=6ad7cfb5e321687dbcb1d2fa69b04c2fb282358a; expires=Sun, 20-Sep-2020 11:26:08 GMT; Max-Age=300
cf-cache-status: DYNAMIC
cf-request-id: 054cd82020000005fd6601a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d5b29469e9f05fd-FRA
content-encoding: br

Redirect headers

status: 302
server: nginx
date: Sun, 20 Sep 2020 11:21:08 GMT
content-type: text/html; charset=UTF-8
location: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
set-cookie: uclick=8rxog5ik; expires=Mon, 21-Sep-2020 11:21:08 GMT; Max-Age=86400; path=/; SameSite=None; Secure; uclickhash=8rxog5ik-8rxog5ik-ojdz-0-cibl-q5tw-fy0-0ba153; expires=Mon, 21-Sep-2020 11:21:08 GMT; Max-Age=86400; path=/; SameSite=None; Secure;
access-control-allow-headers: Content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *

GET
H2 200 bootstrap.min.css
tohavefuntoday.com/includes/styles/libs/ 157 KB
21 KB 20ms
18ms Stylesheet
text/css 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/styles/libs/bootstrap.min.css
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 16 May 2020 12:31:37 GMT
server: cloudflare
age: 1170
etag: W/"5ebfdd29-27293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5d5b2946ef6305fd-FRA
cf-request-id: 054cd8204f000005fd66021200000001

GET
H2 200 styles.css
tohavefuntoday.com/offer/blue-sky/assets/ 4 KB
1 KB 14ms
11ms Stylesheet
text/css 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b7f1bbdb9950213784e17cca81e28619635f1dc99f83e7a9d0676ccf56a3f1

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 1170
cf-polished: origSize=5314
status: 200
cf-request-id: 054cd8204f000005fd66022200000001
last-modified: Tue, 02 Jun 2020 01:59:00 GMT
server: cloudflare
etag: W/"5ed5b264-14c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5d5b2946ef6405fd-FRA
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
574 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Requested by

Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f2644fae4c808ff4b5911946ff0e2538f1389eee1e2852c983274c6fb7761d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 11:21:08 GMT
server: ESF
date: Sun, 20 Sep 2020 11:21:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Sep 2020 11:21:08 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
146 B 8ms
6ms Script
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=fetch%2Cdefault

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 11266718
detected-user-agent: Chrome Mobile/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Tue, 12 May 2020 15:18:50 GMT
date: Sun, 20 Sep 2020 11:21:08 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 require.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 17 KB
6 KB 12ms
10ms Script
application/javascript 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 16 May 2020 04:34:25 GMT
server: cloudflare
age: 1170
etag: W/"5ebf6d51-451f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d5b2946ef6605fd-FRA
cf-request-id: 054cd8204f000005fd66023200000001

GET
H2 200 security.png
tohavefuntoday.com/offer/blue-sky/assets/ 3 KB
3 KB 11ms
10ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/security.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5c6c733b615acb04432cce77d3bda74406d45a80556f0ee4193ab49776878e

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
age: 1170
etag: "5ed2cd14-c77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2946ef6905fd-FRA
content-length: 3191
cf-request-id: 054cd8204f000005fd66025200000001

GET
H2 200 cards-small.png
tohavefuntoday.com/offer/blue-sky/assets/ 4 KB
4 KB 12ms
11ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/cards-small.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9abf1dd8ab5f8a133c59bd0092a99121fb3518e63661105f0a03ba5d0bf810f7

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sun, 31 May 2020 11:25:50 GMT
server: cloudflare
age: 1170
etag: "5ed3943e-111a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2946ef6b05fd-FRA
content-length: 4378
cf-request-id: 054cd8204f000005fd66026200000001

GET
H2 200 secure1.png
tohavefuntoday.com/offer/blue-sky/assets/ 2 KB
2 KB 12ms
11ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/secure1.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9451541c6bb6cc85c8d831ebe52791b3f76de10972fecc3caf3a4c458dbdc1c9

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
age: 1170
etag: "5ed2cd14-84d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2946ff9905fd-FRA
content-length: 2125
cf-request-id: 054cd82058000005fd66027200000001

GET
H2 200 secure2.png
tohavefuntoday.com/offer/blue-sky/assets/ 2 KB
2 KB 12ms
10ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/secure2.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0749d3b5d7396249ca9bc52e31462245fd8fe293be0c733070bb2370b65da5d8

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
age: 1170
etag: "5ed2cd14-88f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2946ffaa05fd-FRA
content-length: 2191
cf-request-id: 054cd8205b000005fd66028200000001

GET
H2 200 secure3.png
tohavefuntoday.com/offer/blue-sky/assets/ 2 KB
3 KB 11ms
10ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/secure3.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54cd0acb93bbf729ea013c730c072062cf24765eaad8e4d147246643e0fd049

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
age: 1170
etag: "5ed2cd14-9d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2946ffae05fd-FRA
content-length: 2515
cf-request-id: 054cd8205b000005fd66029200000001

GET
H2 200 iphone11.png
tohavefuntoday.com/offer/blue-sky/images/iphone11/ 25 KB
25 KB 11ms
11ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/images/iphone11/iphone11.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c702997a29d382c007c727f6ceb5198c3b5a92f76e21d6a2904eb4f247e5ba1e

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sun, 31 May 2020 04:13:15 GMT
server: cloudflare
age: 1170
etag: "5ed32edb-6236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2946ffb005fd-FRA
content-length: 25142
cf-request-id: 054cd8205b000005fd6602a200000001

GET
H2 200 iphones.png
tohavefuntoday.com/offer/blue-sky/images/iphone11/ 20 KB
21 KB 16ms
15ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/images/iphone11/iphones.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d76c66e0efb70cea1c6f6e1a059be4cf1a181a3947b96bfaa5863fc0270a95

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sun, 31 May 2020 04:13:05 GMT
server: cloudflare
age: 1170
etag: "5ed32ed1-51c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2946ffb105fd-FRA
content-length: 20934
cf-request-id: 054cd8205b000005fd6602b200000001

GET
H2 200 iphone-bottom.png
tohavefuntoday.com/offer/blue-sky/images/iphone11/ 11 KB
11 KB 10ms
10ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/images/iphone11/iphone-bottom.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5bf5bd85160e3559fd442d5d3e0ab7218db6e2ac2ffaa6df3407ce5d165652

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sun, 31 May 2020 04:12:56 GMT
server: cloudflare
age: 1170
etag: "5ed32ec8-2b93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b29470fcc05fd-FRA
content-length: 11155
cf-request-id: 054cd82062000005fd6602d200000001

GET
H2 200 email-decode.min.js Show response
tohavefuntoday.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
841 B 9ms
7ms Script
application/javascript 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tohavefuntoday.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 14 Sep 2020 19:48:52 GMT
server: cloudflare
etag: W/"5f5fc924-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5d5b2946ef6705fd-FRA
cf-request-id: 054cd8204f000005fd66024200000001
expires: Tue, 22 Sep 2020 11:21:08 GMT

GET
H2 200 logo.png
tohavefuntoday.com/offer/blue-sky/assets/ 18 KB
18 KB 12ms
11ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/logo.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ca9c4fa1b4a4e126f99369449c0bac42c15d1f89c21c8466ce907b4f6083def

Request headers

Referer: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sun, 31 May 2020 11:22:30 GMT
server: cloudflare
age: 1170
etag: "5ed39376-4683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2947180c05fd-FRA
content-length: 18051
cf-request-id: 054cd82070000005fd66030200000001

GET
H2 200 bg-top.jpg
tohavefuntoday.com/offer/blue-sky/assets/ 23 KB
23 KB 10ms
9ms Image
image/jpeg 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/bg-top.jpg
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 474d9fc8906c9fe92c8b613460af908802861482eebd1e1631635bf3ab5553e6

Request headers

Referer: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
age: 1170
etag: "5ed2cd14-5c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2947180e05fd-FRA
content-length: 23681
cf-request-id: 054cd82070000005fd66031200000001

GET
H2 200 alert.png
tohavefuntoday.com/offer/blue-sky/assets/ 378 B
479 B 10ms
10ms Image
image/png 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/alert.png
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358a280c11bdd4dff5d84709691c8918551907abaecb34344f57820a5092693c

Request headers

Referer: https://tohavefuntoday.com/offer/blue-sky/assets/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:08 GMT
cf-cache-status: HIT
last-modified: Sat, 30 May 2020 21:16:04 GMT
server: cloudflare
age: 1170
etag: "5ed2cd14-17a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d5b2947180f05fd-FRA
content-length: 378
cf-request-id: 054cd82071000005fd66032200000001

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 18:22:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 406722
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Wed, 15 Sep 2021 18:22:26 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 18:22:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 406721
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Wed, 15 Sep 2021 18:22:27 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 18:22:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 406721
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Wed, 15 Sep 2021 18:22:27 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh7USSwaPGQ3q5d0N7w.woff2
fonts.gstatic.com/s/lato/v17/ 3 KB
3 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwaPGQ3q5d0N7w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aadb8d59b41e9d44940f8df2a4c0d4a95bc0b9ef760b5d0861655e4e40f11b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 18:35:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:29 GMT
server: sffe
age: 405960
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2888
x-xss-protection: 0
expires: Wed, 15 Sep 2021 18:35:08 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2
fonts.gstatic.com/s/lato/v17/ 3 KB
3 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjxAwXiWtFCfQ7A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 18:26:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:51 GMT
server: sffe
age: 406498
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2888
x-xss-protection: 0
expires: Wed, 15 Sep 2021 18:26:11 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwaPGQ3q5d0N7w.woff2
fonts.gstatic.com/s/lato/v17/ 3 KB
3 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwaPGQ3q5d0N7w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9777cdc714f5f41e30b3ce3bef443895e7e454bc304e32bb97d20c4e3d78032e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tohavefuntoday.com
Referer: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 18:25:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:24 GMT
server: sffe
age: 406515
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2944
x-xss-protection: 0
expires: Wed, 15 Sep 2021 18:25:54 GMT

GET
H2 200 main.js Show response
tohavefuntoday.com/offer/blue-sky/assets/ 7 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/offer/blue-sky/assets/main.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9513971e461d43b690986b9787680058bd19e723b1b8d4c3493f4705f604d6

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1171
cf-polished: origSize=10725
status: 200
cf-request-id: 054cd8208e000005fd66036200000001
last-modified: Tue, 02 Jun 2020 06:34:07 GMT
server: cloudflare
etag: W/"5ed5f2df-29e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5d5b294748b005fd-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 87 KB
30 KB 15ms
15ms Script
application/javascript 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/jquery.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 31 May 2020 09:07:43 GMT
server: cloudflare
age: 1171
etag: W/"5ed373df-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d5b2947692305fd-FRA
cf-request-id: 054cd820a1000005fd6603c200000001

GET
H2 200 parsley-card-validator.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 491 B
388 B 12ms
12ms Script
application/javascript 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/parsley-card-validator.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9138ebbe6343cc157e02d63f60fe287856ea799f750751db83b2b21c4276588d

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 May 2020 00:36:32 GMT
server: cloudflare
age: 1171
etag: W/"5ec47b90-1eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d5b2947794605fd-FRA
cf-request-id: 054cd820a6000005fd6603d200000001

GET
H2 200 bootstrap.bundle.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 79 KB
20 KB 14ms
13ms Script
application/javascript 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/bootstrap.bundle.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 May 2020 16:52:01 GMT
server: cloudflare
age: 1171
etag: W/"5ebad431-13cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d5b294799ac05fd-FRA
cf-request-id: 054cd820bb000005fd66041200000001

GET
H2 200 parsley.min.js Show response
tohavefuntoday.com/includes/scripts/libs/ 42 KB
12 KB 12ms
11ms Script
application/javascript 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/libs/parsley.min.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44767fe9276b724f7edac5b1083e4c9451fb86d725d1d3e615fa1fa3a617a6e

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 May 2020 05:37:15 GMT
server: cloudflare
age: 1171
etag: W/"5ec0cd8b-a715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5d5b294799ad05fd-FRA
cf-request-id: 054cd820bb000005fd66042200000001

GET
H2 200 util.js Show response
tohavefuntoday.com/includes/scripts/ 4 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700:3034::6818:6a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tohavefuntoday.com/includes/scripts/util.js
Requested by: Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6818:6a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c03df0d6293b4fb168d6663512a78c31c9434a2684e9b25665da7b79208794a

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 1171
cf-polished: origSize=6237
status: 200
cf-request-id: 054cd820cd000005fd66043200000001
last-modified: Tue, 02 Jun 2020 06:34:07 GMT
server: cloudflare
etag: W/"5ed5f2df-185d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5d5b2947aa2005fd-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-168088715-1

Requested by

Host: tohavefuntoday.com
URL: https://tohavefuntoday.com/includes/scripts/util.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9bbb52f66e971498b786d7e48572b10c7cb0546bf46f485ab8093dc180e8d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Sep 2020 11:21:09 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35645
x-xss-protection: 0
last-modified: Sun, 20 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Sep 2020 11:21:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168088715-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 329
date: Sun, 20 Sep 2020 11:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sun, 20 Sep 2020 13:15:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
47 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1220839233&t=pageview&_s=1&dl=https%3A%2F%2Ftohavefuntoday.com%2Foffer%2F%3Feoc%3DN4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA%26egc%3DN4XyA%26edc%3DN4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs%2BgKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2%2BtsODkA%26a%3D237%26c%3Decbdc8rxog5ik4e0%26e%3D95839624%26f%3D%7Bt9%7D%26k%3D16e6005160a0170b68%26l%3DCZ%26m%3D%7Bt1%7D%26p%3D100674%26s%3DAVI&dr=https%3A%2F%2Fmactional-detions.icu%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWM3ODBjZGE1LWU5NGUtNDE5NS05NjQ4LTVjMDg1YWZmZTM2OCZzMj13MGlhbmIxM3A2YWVlajIyMjkxcWRoZzI%26ts%3D1600600868109%26hash%3DJ1kMYyqkVvVMeQYyqHQmsJTcePqzngSkOYVrbJ_WAuw%26rm%3DDJ&dp=%2F%3Feoc%3DN4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA%26egc%3DN4XyA%26edc%3DN4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs%2BgKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2%2BtsODkA%26a%3D237%26c%3Decbdc8rxog5ik4e0%26e%3D95839624%26f%3D%7Bt9%7D%26k%3D16e6005160a0170b68%26l%3DCZ%26m%3D%7Bt1%7D%26p%3D100674%26s%3DAVI&ul=en-us&de=UTF-8&dt=iPhone%2011%20Pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=AVI&_u=IGBACUABBAAAAC~&jid=1871773753&gjid=1950354085&cid=1344721843.1600600869&tid=UA-168088715-1&_gid=941218990.1600600869&_r=1&gtm=2ou990&z=1490139888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Sep 2020 11:21:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://tohavefuntoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1220839233&t=pageview&_s=2&dl=https%3A%2F%2Ftohavefuntoday.com%2Foffer%2F%3Feoc%3DN4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA%26egc%3DN4XyA%26edc%3DN4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs%2BgKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2%2BtsODkA%26a%3D237%26c%3Decbdc8rxog5ik4e0%26e%3D95839624%26f%3D%7Bt9%7D%26k%3D16e6005160a0170b68%26l%3DCZ%26m%3D%7Bt1%7D%26p%3D100674%26s%3DAVI&dr=https%3A%2F%2Fmactional-detions.icu%2Fredirect%3Ftarget%3DBASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWM3ODBjZGE1LWU5NGUtNDE5NS05NjQ4LTVjMDg1YWZmZTM2OCZzMj13MGlhbmIxM3A2YWVlajIyMjkxcWRoZzI%26ts%3D1600600868109%26hash%3DJ1kMYyqkVvVMeQYyqHQmsJTcePqzngSkOYVrbJ_WAuw%26rm%3DDJ&dp=%2F%3Feoc%3DN4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA%26egc%3DN4XyA%26edc%3DN4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs%2BgKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2%2BtsODkA%26a%3D237%26c%3Decbdc8rxog5ik4e0%26e%3D95839624%26f%3D%7Bt9%7D%26k%3D16e6005160a0170b68%26l%3DCZ%26m%3D%7Bt1%7D%26p%3D100674%26s%3DAVI&ul=en-us&de=UTF-8&dt=iPhone%2011%20Pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=AVI&_u=IGBACUABBAAAAC~&jid=&gjid=&cid=1344721843.1600600869&tid=UA-168088715-1&_gid=941218990.1600600869&gtm=2ou990&z=245920370

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Sep 2020 15:26:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71659
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
66 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-168088715-1&cid=1344721843.1600600869&jid=1871773753&gjid=1950354085&_gid=941218990.1600600869&_u=IGBACUAABAAAAC~&z=1280422574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tohavefuntoday.com/offer/?eoc=N4IgbghgTglhAuMD2A7EAuEAjANgVwFMBaAZwGsBPEAGhABMCAzGFGRVDEAYQC0iYADgAtUBAIxiQAXyA&egc=N4XyA&edc=N4IgdghgtgpiBcIBSMAuBLA4tGBnEANCAPYBmpMATgBLG6oIirEAWEAbjKQK5jMAmEAJ4A6AMbEohEBEgAbIRjH54odP0YBVAIIBaAIwA2ABwAGY8YDs+gKwGQAXyIQADuk2U5jFqlQvc8AD0ga7oIgBGEKSw-OgQImBoIW6BLtzhcuhigcSU-FS4gYkA7tLh6HKZYADmAAqUZBVwquA4jADKACoABABKMGLclJToNd0AzABM0mLQLhDo1WAAkhqIhqbjptIuDfzcYqirjOM2+tsODkA&a=237&c=ecbdc8rxog5ik4e0&e=95839624&f={t9}&k=16e6005160a0170b68&l=CZ&m={t1}&p=100674&s=AVI
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Sep 2020 11:21:09 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://tohavefuntoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mactional-detions.icu
URL: https://mactional-detions.icu/redirect?target=BASE64aHR0cHM6Ly93ZWJhcHBsZXBpZS5jb20vP2E9MTAwNjc0JmM9MTA4ODk0JnMxPWM3ODBjZGE1LWU5NGUtNDE5NS05NjQ4LTVjMDg1YWZmZTM2OCZzMj13MGlhbmIxM3A2YWVlajIyMjkxcWRoZzI&ts=1600600868109&hash=J1kMYyqkVvVMeQYyqHQmsJTcePqzngSkOYVrbJ_WAuw&rm=DJ

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tohavefuntoday.com/	1970-01-19 13:19:52	Name: __cfduid Value: d5e994f63290ec0f7eb24956e6cfb5f921600600868
			tohavefuntoday.com/offer	1970-01-19 12:36:41	Name: cid Value: 6ad7cfb5e321687dbcb1d2fa69b04c2fb282358a

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ZxDj8wjZDQfTgjKXBn9EljXbKJA/m=_b,_tp(Line 408) Message: %c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api	log	URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.HzY08hXo17o.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ZxDj8wjZDQfTgjKXBn9EljXbKJA/m=_b,_tp(Line 408) Message: %c%s font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0QS75pN7zShmpcfDoooMDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-0QS75pN7zShmpcfDoooMDg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gnamwatic.com
mactional-detions.icu
newdelivery.page.link
polyfill.io
stats.g.doubleclick.net
tohavefuntoday.com
track.click999.com
trackingthebird.com
webapplepie.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
mactional-detions.icu
18.200.180.197
188.166.10.192
2606:4700:3034::6818:6a3e
2a00:1450:4001:802::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2003
2a00:1450:4001:81e::200e
2a00:1450:4001:821::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c07::9d
2a04:4e42:200::621
3.212.127.216
35.157.125.133
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06b7f1bbdb9950213784e17cca81e28619635f1dc99f83e7a9d0676ccf56a3f1
0749d3b5d7396249ca9bc52e31462245fd8fe293be0c733070bb2370b65da5d8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
358a280c11bdd4dff5d84709691c8918551907abaecb34344f57820a5092693c
3dec2ba3a35b2d878329a4687f5061f4a62030ad69bd0ebb2ca61c4fda102f38
474d9fc8906c9fe92c8b613460af908802861482eebd1e1631635bf3ab5553e6
4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81
54efee4f15b322706b69a34bcb04915221680048a06ca4bedff07ecbf5760ea2
5aaaafa5a8811bfe5b8f89934c756e63b59c3f5872eff30af3d0e002cf7b9023
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6a9513971e461d43b690986b9787680058bd19e723b1b8d4c3493f4705f604d6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c03df0d6293b4fb168d6663512a78c31c9434a2684e9b25665da7b79208794a
6cfa586b96cc9aaeb575c42963644ac512994853fd9ec0618042358358299492
6f5c6c733b615acb04432cce77d3bda74406d45a80556f0ee4193ab49776878e
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7f2644fae4c808ff4b5911946ff0e2538f1389eee1e2852c983274c6fb7761d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ca9c4fa1b4a4e126f99369449c0bac42c15d1f89c21c8466ce907b4f6083def
9138ebbe6343cc157e02d63f60fe287856ea799f750751db83b2b21c4276588d
9451541c6bb6cc85c8d831ebe52791b3f76de10972fecc3caf3a4c458dbdc1c9
9777cdc714f5f41e30b3ce3bef443895e7e454bc304e32bb97d20c4e3d78032e
9abf1dd8ab5f8a133c59bd0092a99121fb3518e63661105f0a03ba5d0bf810f7
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a44767fe9276b724f7edac5b1083e4c9451fb86d725d1d3e615fa1fa3a617a6e
aadb8d59b41e9d44940f8df2a4c0d4a95bc0b9ef760b5d0861655e4e40f11b6e
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
b54cd0acb93bbf729ea013c730c072062cf24765eaad8e4d147246643e0fd049
bb09c90d4e5854229607996d2a80c61f69133edf11f455c79bb900405a3d9d3c
c702997a29d382c007c727f6ceb5198c3b5a92f76e21d6a2904eb4f247e5ba1e
c9bbb52f66e971498b786d7e48572b10c7cb0546bf46f485ab8093dc180e8d51
cd5bf5bd85160e3559fd442d5d3e0ab7218db6e2ac2ffaa6df3407ce5d165652
d0d76c66e0efb70cea1c6f6e1a059be4cf1a181a3947b96bfaa5863fc0270a95
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded551df3eb18487dcdfbdb6e2b93111c00a2849c1ddf190dfeb140c44fe4324
f065b7b7ceade347a8714eef7775808b77aabb213549219fcbf9e1a9ea3e9009
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f897f64a8905f144bf100a7b16d3fb481130735926ecf8a4ff690cbec3b97c9f

tohavefuntoday.com Open in urlscan Pro 2606:4700:3034::6818:6a3e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

98 %HTTPS

69 %IPv6

13 Domains

14 Subdomains

11 IPs

6 Countries

398 kBTransfer

938 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tohavefuntoday.com Open in urlscan Pro
2606:4700:3034::6818:6a3e Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

98 %
HTTPS

69 %
IPv6

13
Domains

14
Subdomains

11
IPs

6
Countries

398 kB
Transfer

938 kB
Size

2
Cookies

42 HTTP transactions
0 data transactions