urlscan.io logo urlscan.io
SecurityTrails logo

waivers.peek.com Open in urlscan Pro
3.220.83.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u415924.ct.sendgrid.net/ls/click?upn=J15kNQHOe0AvcXeqJL9-2F73yn0c2E5V26XFb-2Be5X2tIc4-2B49h0afVNLKu2giOPwuiZAIjrWPwql1-2...
Effective URL: https://waivers.peek.com/sign/617867bacb6f177708eef5bb
Submission: On October 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 19 domains to perform 37 HTTP transactions. The main IP is 3.220.83.228, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is waivers.peek.com.
TLS certificate: Issued by Amazon on March 15th 2021. Valid for: a year.
This is the only time waivers.peek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.122 11377 (SENDGRID)
8 3.220.83.228 14618 (AMAZON-AES)
1 35.186.235.23 15169 (GOOGLE)
4 35.186.241.51 15169 (GOOGLE)
2 7 143.204.98.70 16509 (AMAZON-02)
14 18 34.253.133.188 16509 (AMAZON-02)
2 31.13.92.14 32934 (FACEBOOK)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 18.197.47.23 16509 (AMAZON-02)
1 70.42.32.95 22075 (AS-OUTBRAIN)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 76.223.111.18 16509 (AMAZON-02)
2 31.13.92.36 32934 (FACEBOOK)
1 87.248.118.23 203220 (YAHOO-DEB)
1 2 18.194.4.47 16509 (AMAZON-02)
1 37.252.172.249 29990 (ASN-APPNEX)
1 2 35.244.159.8 15169 (GOOGLE)
2 2 216.58.212.162 15169 (GOOGLE)
37 19
1    167.89.123.122 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net
u415924.ct.sendgrid.net
8    3.220.83.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-83-228.compute-1.amazonaws.com
waivers.peek.com
1    35.186.235.23 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com
cdn.mxpnl.com
4    35.186.241.51 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com
7    143.204.98.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net
s.adroll.com
18    34.253.133.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
d.adroll.com
2    31.13.92.14 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    76.223.111.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    31.13.92.36 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com
1    87.248.118.23 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
2    18.194.4.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
Domain Requested by
18 d.adroll.com 14 redirects s.adroll.com
8 waivers.peek.com waivers.peek.com
7 s.adroll.com 2 redirects waivers.peek.com
s.adroll.com
4 api-js.mixpanel.com waivers.peek.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 x.bidswitch.net 1 redirects
2 www.facebook.com
2 eb2.3lift.com 1 redirects
2 pixel.advertising.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 connect.facebook.net d.adroll.com
connect.facebook.net
1 ib.adnxs.com
1 ads.yahoo.com
1 sync.taboola.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 pixel.rubiconproject.com
1 cdn.mxpnl.com waivers.peek.com
1 u415924.ct.sendgrid.net 1 redirects
37 20

This site contains no links.

Subject Issuer Validity Valid
peek.com
Amazon		 2021-03-15 -
2022-04-13		 a year crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://waivers.peek.com/sign/617867bacb6f177708eef5bb
Frame ID: 2CBFF418FE7FE204F566861DF580E0F6
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Le Smash Omaha Waiver

Page URL History Show full URLs

  1. https://u415924.ct.sendgrid.net/ls/click?upn=J15kNQHOe0AvcXeqJL9-2F73yn0c2E5V26XFb-2Be5X2tIc4-2B49h0afVNLKu2... HTTP 302
    https://waivers.peek.com/sign/617867bacb6f177708eef5bb Page URL

Page Statistics

37
Requests

57 %
HTTPS

0 %
IPv6

19
Domains

20
Subdomains

19
IPs

6
Countries

510 kB
Transfer

1933 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u415924.ct.sendgrid.net/ls/click?upn=J15kNQHOe0AvcXeqJL9-2F73yn0c2E5V26XFb-2Be5X2tIc4-2B49h0afVNLKu2giOPwuiZAIjrWPwql1-2B-2B2N3VmRFsWJiH1F-2BxDRWXsxOgL03c4f77eiQMLM5kzYtokJ-2FYft2RlesVeLeD8TtZRwbIRGKjA-3D-3DAD9Y_PVbMUPCfGrZnxtKOuqJc-2FC8bUv45mbinsQqsego-2BvifoeuVa0L6cScQHcWfcLI4i-2FAovenn0yx7z-2FQ3U3oASopQxrPIvM1iVb1ZOGcXo-2BXuipq8RbvL9pi5L4jODK0DPbHsItfDaRwISTNZsBaxll537FNSLJBtskiSntqgVnpMHamFDSk0U7-2BJ7JETGVfWfrn6R2utTKspWxHpJuynzcp8lmD2l8A3cSN4UYVTFxgg-3D HTTP 302
    https://waivers.peek.com/sign/617867bacb6f177708eef5bb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://s.adroll.com/j/exp/K56FCEJIVZBQJE2IW3N2WD/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 16
  • https://s.adroll.com/j/pre/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 19
  • https://d.adroll.com/pixel/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&pv=25148555847.20268&cookie=&adroll_s_ref=&keyw=&conv_value=169.5&adroll_currency=usd&adroll_external_data=order_id%3D617860d9e82cfc0001822796%26product_id%3D5f1875804a6247bee75a891e%26partner_name%3DLe%2520Smash%2520Omaha%26activity_name%3DSmash%2520Party%2520%257C%25201%2520Hour%2520-%2520Max%2520of%252015%2520People%26quantity%3D5%26amount_paid%3D169.5%26zipcode%3D68102%26date_booked%3D2021-10-26T13%253A11%253A06-07%253A00%26device%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/93.0.4577.63%2520Safari/537.36%26purchase_type%3Dactivity_purchase HTTP 302
  • https://s.adroll.com/pixel/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/GIX4GZ5MMZEVPLPGGMYVLA.js
Request Chain 21
  • https://d.adroll.com/cm/index/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expiration=1666877060 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expiration=1666877060&C=1
Request Chain 22
  • https://d.adroll.com/cm/n/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expires=365
Request Chain 23
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Request Chain 24
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Request Chain 25
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 26
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Request Chain 27
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 28
  • https://d.adroll.com/fb/tr/?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&id=1570866796470505&ev=ViewContent&cd[content_type]=product&cd[content_ids]=5f1875804a6247bee75a891e_&cd[application_id]=321379434608647&cd[product_catalog_id]=876991639043984 HTTP 302
  • https://www.facebook.com/tr/?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&id=1570866796470505&ev=ViewContent&cd[content_type]=product&cd[content_ids]=5f1875804a6247bee75a891e_&cd[application_id]=321379434608647&cd[product_catalog_id]=876991639043984&cd[external_id]=nnvzpAVTbvk6E15BS72g6g
Request Chain 30
  • https://d.adroll.com/cm/r/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 31
  • https://d.adroll.com/cm/b/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Request Chain 32
  • https://d.adroll.com/cm/x/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Request Chain 34
  • https://d.adroll.com/cm/o/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=9e7bf3a405536ef93a135e414bbda0ea HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9e7bf3a405536ef93a135e414bbda0ea
Request Chain 35
  • https://d.adroll.com/cm/g/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD&google_nid=adroll2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=nnvzpAVTbvk6E15BS72g6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=nnvzpAVTbvk6E15BS72g6g&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 617867bacb6f177708eef5bb
waivers.peek.com/sign/
Redirect Chain
  • https://u415924.ct.sendgrid.net/ls/click?upn=J15kNQHOe0AvcXeqJL9-2F73yn0c2E5V26XFb-2Be5X2tIc4-2B49h0afVNLKu2giOPwuiZAIjrWPwql1-2B-2B2N3VmRFsWJiH1F-2BxDRWXsxOgL03c4f77eiQMLM5kzYtokJ-2FYft2RlesVeLeD8...
  • https://waivers.peek.com/sign/617867bacb6f177708eef5bb
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://waivers.peek.com/sign/617867bacb6f177708eef5bb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.83.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-83-228.compute-1.amazonaws.com
Software
nginx/1.19.0 / Express
Resource Hash
251d3a7234ded1649c838bcca3282cadff83e964671eb20a0e8b1ec125319ac6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Oct 2021 13:24:18 GMT
ETag
W/"c27-EYbW1daWkeTlkV5vPbEbM8Elq8I"
Server
nginx/1.19.0
Vary
Accept-Encoding
X-Powered-By
Express
Content-Length
1551
Connection
keep-alive

Redirect headers

Server
nginx
Date
Wed, 27 Oct 2021 13:24:17 GMT
Content-Type
text/html; charset=utf-8
Content-Length
116
Connection
keep-alive
Location
https://waivers.peek.com/sign/617867bacb6f177708eef5bb#token=dfaa722779534530d592a6b260722c57
X-Robots-Tag
noindex, nofollow
vendor-1df471b5b76dc3e485640797ba3be82c.css
waivers.peek.com/assets/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://waivers.peek.com/assets/vendor-1df471b5b76dc3e485640797ba3be82c.css
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/sign/617867bacb6f177708eef5bb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.83.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-83-228.compute-1.amazonaws.com
Software
nginx/1.19.0 / Express
Resource Hash
60e949870708b8b87d18cfce4b621ee6f27924637da965dd4591256e2f4645e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/sign/617867bacb6f177708eef5bb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 13:24:18 GMT
Content-Encoding
gzip
ETag
W/"7a77-17bc6ad400b"
Last-Modified
Wed, 08 Sep 2021 18:30:48 GMT
Server
nginx/1.19.0
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
transfer-encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
hancock-9c241cc56f9f6e148d2c38090ccc0acb.css
waivers.peek.com/assets/ 		98 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://waivers.peek.com/assets/hancock-9c241cc56f9f6e148d2c38090ccc0acb.css
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/sign/617867bacb6f177708eef5bb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.83.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-83-228.compute-1.amazonaws.com
Software
nginx/1.19.0 / Express
Resource Hash
eede4626a0dbc96cc3a817d984d9fd136f6a152f5f4c5a4ca1ba835c6136c62a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/sign/617867bacb6f177708eef5bb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 13:24:18 GMT
Content-Encoding
gzip
ETag
W/"186eb-17bc6ad4192"
Last-Modified
Wed, 08 Sep 2021 18:30:48 GMT
Server
nginx/1.19.0
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
transfer-encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
vendor-c6fd5417d7601b5261f10b8f9907d4ec.js
waivers.peek.com/assets/ 		1 MB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waivers.peek.com/assets/vendor-c6fd5417d7601b5261f10b8f9907d4ec.js
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/sign/617867bacb6f177708eef5bb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.83.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-83-228.compute-1.amazonaws.com
Software
nginx/1.19.0 / Express
Resource Hash
300a9363c47b1cca14e3655650bb7a15c4c2b46cfe998ee5448bc66c1acc8f36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/sign/617867bacb6f177708eef5bb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 13:24:18 GMT
Content-Encoding
gzip
ETag
W/"116b24-17bc6ad401f"
Last-Modified
Wed, 08 Sep 2021 18:30:48 GMT
Server
nginx/1.19.0
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
transfer-encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
hancock-2ffa0aed7be6b2e5daa8bb08b04cfb8b.js
waivers.peek.com/assets/ 		121 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waivers.peek.com/assets/hancock-2ffa0aed7be6b2e5daa8bb08b04cfb8b.js
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/sign/617867bacb6f177708eef5bb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.83.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-83-228.compute-1.amazonaws.com
Software
nginx/1.19.0 / Express
Resource Hash
a4e0bfd4838896382e0308f1296b53070efe0ca96a4f4e14e976ad3fdd941ee1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/sign/617867bacb6f177708eef5bb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 13:24:18 GMT
Content-Encoding
gzip
ETag
W/"1e3ad-17bc6ad418e"
Last-Modified
Wed, 08 Sep 2021 18:30:48 GMT
Server
nginx/1.19.0
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
transfer-encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/sign/617867bacb6f177708eef5bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.235.23 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
23.235.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:16:21 GMT
content-encoding
gzip
age
477
x-guploader-uploadid
ADPycdtx2qZttRTTdTqHhIsUMwG0vUABevWnIB_rum5NwsjlH_0OqUb3svdi5L0SHaXc-ZXKsTV8zjlrRwDaW02MdtpCRBauuw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:21:54 GMT
server
UploadServer
etag
"765779983eed1c9fc2821b4507eea08b"
vary
Accept-Encoding
x-goog-hash
crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation
1611858114590219
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 27 Oct 2021 13:26:21 GMT
ip-requests
waivers.peek.com/services/consumer/ 		226 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waivers.peek.com/services/consumer/ip-requests
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/assets/vendor-c6fd5417d7601b5261f10b8f9907d4ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.83.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-83-228.compute-1.amazonaws.com
Software
nginx/1.19.0 / Express
Resource Hash
dbd14467d09c5b178fc18735c78ecd7f5a16557310ad764ed27033ba0076f30f

Request headers

Accept
application/vnd.api+json
Referer
https://waivers.peek.com/sign/617867bacb6f177708eef5bb
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/vnd.api+json

Response headers

Date
Wed, 27 Oct 2021 13:24:19 GMT
Server
nginx/1.19.0
X-Powered-By
Express
Content-Type
application/vnd.api+json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
226
x-request-id
FrHmB1-pqtLt8BMOaS7E
617867bacb6f177708eef5bb
waivers.peek.com/services/once-pro/waivers_api/waiver_invites/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waivers.peek.com/services/once-pro/waivers_api/waiver_invites/617867bacb6f177708eef5bb
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/assets/vendor-c6fd5417d7601b5261f10b8f9907d4ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.83.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-83-228.compute-1.amazonaws.com
Software
nginx/1.19.0 / Express
Resource Hash
318dc9278bd6b331fc27c83e3891d03790c0ad8620fb1f1678a928915bcf7caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://waivers.peek.com/sign/617867bacb6f177708eef5bb
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Authorization
Token token=dfaa722779534530d592a6b260722c57

Response headers

Date
Wed, 27 Oct 2021 13:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
X-Powered-By
Express
Connection
keep-alive
Content-Length
2826
x-xss-protection
1; mode=block
x-request-id
da3d53ad-cd56-4b08-b143-0cbdc062fc18
x-runtime
0.132016
referrer-policy
strict-origin-when-cross-origin
Server
nginx/1.19.0
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa795b3ecbaad94ed5950a8eba96ddb64a53fd9466eaed4a2e49317071a476c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63e10679707e2df98e97a3945feb0bc7113604ef6160b1b23d270267a16e0340

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
api-js.mixpanel.com/decide/ 		65 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=3&lib=web&token=4324689560d587a23cc02f31279d3e5f&distinct_id=5f17525b703c3523559b9532&ip=1&_=1635341059229
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/assets/vendor-c6fd5417d7601b5261f10b8f9907d4ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:20 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://waivers.peek.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api-js.mixpanel.com/track/ 		1 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1635341059232
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/assets/vendor-c6fd5417d7601b5261f10b8f9907d4ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://waivers.peek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 27 Oct 2021 13:24:19 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://waivers.peek.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
alt-svc
clear
content-length
1
/
api-js.mixpanel.com/engage/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/engage/?ip=1&_=1635341059234
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/assets/vendor-c6fd5417d7601b5261f10b8f9907d4ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://waivers.peek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 27 Oct 2021 13:24:19 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://waivers.peek.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
alt-svc
clear
content-length
1
/
api-js.mixpanel.com/track/ 		1 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1635341059236
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/assets/vendor-c6fd5417d7601b5261f10b8f9907d4ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://waivers.peek.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 27 Oct 2021 13:24:19 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://waivers.peek.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
20
alt-svc
clear
content-length
1
peek_logo-c2a945830578ea5008f60831ac04ad4c.png
waivers.peek.com/assets/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://waivers.peek.com/assets/images/peek_logo-c2a945830578ea5008f60831ac04ad4c.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.83.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-83-228.compute-1.amazonaws.com
Software
nginx/1.19.0 / Express
Resource Hash
552f627ad0806154273d5e153ffc8a68360a292eac6a51507aaaa3371b1af09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/sign/617867bacb6f177708eef5bb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 13:24:19 GMT
ETag
W/"4670-17b07c7c5d0"
Last-Modified
Mon, 02 Aug 2021 16:52:18 GMT
Server
nginx/1.19.0
X-Powered-By
Express
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
18032
roundtrip.js
s.adroll.com/j/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: waivers.peek.com
URL: https://waivers.peek.com/assets/hancock-2ffa0aed7be6b2e5daa8bb08b04cfb8b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb426d72df39344445d8b50dff8ed27b1053c46a7887a74f4317b50e48f16df4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
1rXbtqqCs1CJhoMvKSJF8ngwdb8MEoko
Content-Encoding
gzip
Etag
W/"93a405c06e7b6caa55a9b7431558ca41"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Tue, 26 Oct 2021 13:47:05 GMT
Server
AmazonS3
Date
Wed, 27 Oct 2021 13:23:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
1sRhaAcmMkGfZpBdlbZwicLY4ijwbTXxGRun13C_XnistWb17vM7gQ==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/K56FCEJIVZBQJE2IW3N2WD/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
143.204.98.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Mon, 18 Oct 2021 21:07:54 GMT
Server
AmazonS3
Date
Wed, 27 Oct 2021 02:33:03 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
8YXwF-Y65qw93Nd25ogg287znN9XMRCNaaefog29GmQd_ORRcLqyFA==

Redirect headers

Date
Tue, 26 Oct 2021 22:55:25 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
mj6RAkbyngd9hnakC3DKtdzUen2yfoH_CU0gWIjZNzgWi4o0SnswJg==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
143.204.98.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Wed, 27 Oct 2021 00:52:17 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
uYzulG9cfN4r8dQI2GOdSEUH_4BMyYbLzloF0CBdWw2DYDprp_74EA==

Redirect headers

Date
Wed, 27 Oct 2021 00:22:06 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
ih7qBydYGS8iRzwTU3vCcVQyMPrv5xdv9VzwSJFhSugtbu3xxSTzHA==
index.js
s.adroll.com/j/pre/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/ 		0
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
MBYrBhy_4F3Spj4RA5aofv5L5dfFKsDm
Via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Tue, 26 Oct 2021 08:54:07 GMT
Server
AmazonS3
Date
Wed, 27 Oct 2021 13:24:21 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
zfI0uKIudd_0FhZo2D9M-L2haTC0p-f8oGIvuKPdewuMmfSXw0j-6g==
K56FCEJIVZBQJE2IW3N2WD
d.adroll.com/consent/check/ 		393 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/K56FCEJIVZBQJE2IW3N2WD?arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&_s=31626b4d7e2a4906e9b20c5016886488&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
246540e878b5823012c753d06fdf1613044f865ca752e5b08391a05510eb6611

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 13:24:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
393
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GIX4GZ5MMZEVPLPGGMYVLA.js
s.adroll.com/pixel/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/
Redirect Chain
  • https://d.adroll.com/pixel/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708e...
  • https://s.adroll.com/pixel/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/GIX4GZ5MMZEVPLPGGMYVLA.js
6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/GIX4GZ5MMZEVPLPGGMYVLA.js
Protocol
HTTP/1.1
Server
143.204.98.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-70.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c36c15c94a09c4fff584588ef878ecc3c820bdab79d64918ed10591c0a61f25f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
P.cxfAJDW1z8iD1LzjIVW8ijMWNZNApY
Content-Encoding
gzip
Etag
W/"e8672a7b7be68c197a4f248c2357e060"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 14 Jul 2021 10:25:42 GMT
Server
AmazonS3
Date
Wed, 27 Oct 2021 13:24:21 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
f-hkDaEG4Aw3hY_-AEeGxS7s12NiG9juODcvNtvqM0w5_mhKJ4l0CQ==

Redirect headers

pragma
no-cache
x-conversion-value
169.50
server
nginx/1.20.0
x-rule
*waivers.peek.com/*
date
Wed, 27 Oct 2021 13:24:19 GMT
x-segment-eid
GIX4GZ5MMZEVPLPGGMYVLA
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://s.adroll.com/pixel/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4/GIX4GZ5MMZEVPLPGGMYVLA.js
cache-control
no-store, no-cache, must-revalidate
x-segment-display-name
Waiver Users
x-pixel-eid
LLUAECBOU5CYLLQVNAOPW4
x-segment-name
a0eb0adc
x-advertisable-eid
K56FCEJIVZBQJE2IW3N2WD
content-length
0
x-conversion-currency
USD
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d.adroll.com
URL: https://d.adroll.com/pixel/K56FCEJIVZBQJE2IW3N2WD/LLUAECBOU5CYLLQVNAOPW4?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&pv=25148555847.20268&cookie=&adroll_s_ref=&keyw=&conv_value=169.5&adroll_currency=usd&adroll_external_data=order_id%3D617860d9e82cfc0001822796%26product_id%3D5f1875804a6247bee75a891e%26partner_name%3DLe%2520Smash%2520Omaha%26activity_name%3DSmash%2520Party%2520%257C%25201%2520Hour%2520-%2520Max%2520of%252015%2520People%26quantity%3D5%26amount_paid%3D169.5%26zipcode%3D68102%26date_booked%3D2021-10-26T13%253A11%253A06-07%253A00%26device%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/93.0.4577.63%2520Safari/537.36%26purchase_type%3Dactivity_purchase
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
JoPAnFs6SoeV0tjIIOZx5VmSVXX39JklkpLjlgCMuTI5ebNlgAbOCwXIkDjj7+CtME7uIwVz7wNTYPAgtmdiew==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 27 Oct 2021 13:24:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJI...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expiration=1666877060
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expiration=1666877060&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expiration=1666877060&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 13:24:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 27 Oct 2021 13:24:20 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 13:24:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expiration=1666877060&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Wed, 27 Oct 2021 13:24:20 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQ...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expires=365
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&expires=365
pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
pixel.advertising.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FC...
  • https://pixel.advertising.com/ups/55980/sync?uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol
H2
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:20 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55980/sync?uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date
Wed, 27 Oct 2021 13:24:20 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FC...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Protocol
HTTP/1.1
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 13:24:20 GMT
Cache-Control
no-cache
X-TraceId
0258da5454ab94eff66646b208f97bb1
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
100
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FC...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:19 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:427
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
220
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCE...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12074

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Server
76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
www.facebook.com/tr/
Redirect Chain
  • https://d.adroll.com/fb/tr/?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&id=1570866796470505&ev=View...
  • https://www.facebook.com/tr/?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&id=1570866796470505&ev=Vie...
44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&id=1570866796470505&ev=ViewContent&cd[content_type]=product&cd[content_ids]=5f1875804a6247bee75a891e_&cd[application_id]=321379434608647&cd[product_catalog_id]=876991639043984&cd[external_id]=nnvzpAVTbvk6E15BS72g6g
Protocol
H2
Server
31.13.92.36 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 27 Oct 2021 13:24:20 GMT

Redirect headers

location
https://www.facebook.com/tr/?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&id=1570866796470505&ev=ViewContent&cd[content_type]=product&cd[content_ids]=5f1875804a6247bee75a891e_&cd[application_id]=321379434608647&cd[product_catalog_id]=876991639043984&cd[external_id]=nnvzpAVTbvk6E15BS72g6g
pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
392
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
/
d.adroll.com/p/K56FCEJIVZBQJE2IW3N2WD/ 		42 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/p/K56FCEJIVZBQJE2IW3N2WD/?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&adroll_external_data=order_id%3D617860d9e82cfc0001822796%26product_id%3D5f1875804a6247bee75a891e%26partner_name%3DLe%2520Smash%2520Omaha%26activity_name%3DSmash%2520Party%2520%257C%25201%2520Hour%2520-%2520Max%2520of%252015%2520People%26quantity%3D5%26amount_paid%3D169.5%26zipcode%3D68102%26date_booked%3D2021-10-26T13%253A11%253A06-07%253A00%26device%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/93.0.4577.63%2520Safari/537.36%26purchase_type%3Dactivity_purchase&adroll_product_id=5f1875804a6247bee75a891e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
x-advertisable-eid
K56FCEJIVZBQJE2IW3N2WD
content-length
42
v1
ads.yahoo.com/cms/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQ...
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Server
87.248.118.23 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

location
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
165
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQ...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Protocol
HTTP/1.1
Server
18.194.4.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 13:24:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Date
Wed, 27 Oct 2021 13:24:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQ...
  • https://ib.adnxs.com/setuid?entity=172&code=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
0
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=172&code=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
Protocol
HTTP/1.1
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 13:24:20 GMT
X-Proxy-Origin
216.131.111.15; 216.131.111.15; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
26e2e5f8-c209-4e8e-a38f-8447f0998b10
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=172&code=OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
93
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
out
d.adroll.com/cm/l/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQJE2IW3N2WD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:20 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQ...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=9e7bf3a405536ef93a135e414bbda0ea
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9e7bf3a405536ef93a135e414bbda0ea
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9e7bf3a405536ef93a135e414bbda0ea
Protocol
H2
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
via
1.1 google
server
OXGW/16.217.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9e7bf3a405536ef93a135e414bbda0ea
date
Wed, 27 Oct 2021 13:24:20 GMT
via
1.1 google
server
OXGW/16.217.1
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=e7360cc9dd1e2be00275dfbc50f76aee-1635341059625&arrfrr=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&xid_ch=f&advertisable=K56FCEJIVZBQ...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=nnvzpAVTbvk6E15BS72g6g
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=nnvzpAVTbvk6E15BS72g6g&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Server
34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Wed, 27 Oct 2021 13:24:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1570866796470505
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1570866796470505?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
1170a560c701efeb30355d5ba2cb91faed63e30d3078757306cbf3f6850364f3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
LaUXRMiYaoPXTqIah7t5Lo/CRBY5JU9v/f+f2vF82esAmQwOVDKhSubs1x4PV3rYrCookUwjvM7TR8uj4in17Q==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 27 Oct 2021 13:24:20 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1570866796470505&ev=PageView&dl=https%3A%2F%2Fwaivers.peek.com%2Fsign%2F617867bacb6f177708eef5bb%23&rl=&if=false&ts=1635341060511&cd[segment_eid]=GIX4GZ5MMZEVPLPGGMYVLA&cd[ar_order_id]=617860d9e82cfc0001822796&cd[ar_product_id]=5f1875804a6247bee75a891e&cd[ar_partner_name]=Le%20Smash%20Omaha&cd[ar_activity_name]=Smash%20Party%20%7C%201%20Hour%20-%20Max%20of%2015%20People&cd[ar_quantity]=5&cd[ar_amount_paid]=169.5&cd[ar_zipcode]=68102&cd[ar_date_booked]=2021-10-26T13%3A11%3A06-07%3A00&cd[ar_device]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&cd[ar_purchase_type]=activity_purchase&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=29&fbp=fb.1.1635341060510.1434198687&it=1635341060334&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://waivers.peek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 13:24:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 27 Oct 2021 13:24:20 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| createDeprecatedModule boolean| runningTests object| loader function| define function| requireModule function| require function| requirejs object| EmberENV function| $ function| jQuery object| Ember object| Em object| Raven function| Tooltip function| markdownit object| DS object| mixpanel string| adroll_adv_id string| adroll_pix_id number| adroll_conversion_value string| adroll_currency object| adroll_custom_data boolean| __adroll_loaded string| adroll_sid object| dataLayer object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_conversion_value_in_dollars string| adroll_seg_eid function| fbq function| _fbq

26 Cookies

Domain/Path Name / Value
.peek.com/ Name: mp_4324689560d587a23cc02f31279d3e5f_mixpanel
Value: %7B%22distinct_id%22%3A%20%225f17525b703c3523559b9532%22%2C%22%24device_id%22%3A%20%2217cc1ec449716d-0ba656045a1eb4-a7d193d-1d4c00-17cc1ec44997f8%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24user_id%22%3A%20%225f17525b703c3523559b9532%22%7D
.waivers.peek.com/ Name: __adroll_fpc
Value: e7360cc9dd1e2be00275dfbc50f76aee-1635341059625
.waivers.peek.com/ Name: __ar_v4
Value: %7CK56FCEJIVZBQJE2IW3N2WD%3A20211026%3A1%7CLLUAECBOU5CYLLQVNAOPW4%3A20211026%3A1%7CGIX4GZ5MMZEVPLPGGMYVLA%3A20211026%3A1
.advertising.com/ Name: APID
Value: UP3172b2c0-3729-11ec-bad7-02f59b816c62
.casalemedia.com/ Name: CMID
Value: YXlTBGRP50QGPPtqmbh1RQAA
.casalemedia.com/ Name: CMPS
Value: 3222
.facebook.com/ Name: fr
Value: 0C8JOyXTEJy0bs3YW..BheVME...1.0.BheVME.
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE&KRTB&22883-OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
.pubmatic.com/ Name: PugT
Value: 1635341059
.pubmatic.com/ Name: PUBMDCID
Value: 3
.3lift.com/ Name: tluid
Value: 1284528320416879095
.casalemedia.com/ Name: CMPRO
Value: 1162
.casalemedia.com/ Name: CMST
Value: YXlTBGF5UwQA
.casalemedia.com/ Name: CMRUM3
Value: 69617953042760OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE
.taboola.com/ Name: t_gid
Value: 42202741-716b-4d5b-8551-95efe6163066-tuct872d884
.bidswitch.net/ Name: tuuid
Value: 299a7411-8046-404f-96b7-66a85b0a13d7
.bidswitch.net/ Name: c
Value: 1635341060
.bidswitch.net/ Name: tuuid_lu
Value: 1635341060
.yahoo.com/ Name: A3
Value: d=AQABBARTeWECEKXeHpXdGlm03RjKTmP_yvUFEgEBAQGkemGDYQAAAAAA_eMAAA&S=AQAAAkEuketP9Kpo8nvsKNR80DY
.openx.net/ Name: i
Value: c00ce145-c95e-45a8-ac1a-c4a6a9e61aef|1635341060
.doubleclick.net/ Name: IDE
Value: AHWqTUkR-wtfBT0OdYmoZ6dJaihM62IxKPWtCm8FHeSvNwiVa6MC412mRIhsQaQYOjk
.peek.com/ Name: _fbp
Value: fb.1.1635341060510.1434198687
d.adroll.com/ Name: __adroll
Value: 9e7bf3a405536ef93a135e414bbda0ea-g_1635341060-a_1635341059
.adroll.com/ Name: __adroll_shared
Value: 9e7bf3a405536ef93a135e414bbda0ea-g_1635341060-a_1635341059
.outbrain.com/ Name: obuid
Value: 9d9ce36c-055c-43c2-b80a-d68f0c5b7553
.outbrain.com/ Name: adrl
Value: OWU3YmYzYTQwNTUzNmVmOTNhMTM1ZTQxNGJiZGEwZWE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
api-js.mixpanel.com
cdn.mxpnl.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
simage2.pubmatic.com
sync.outbrain.com
sync.taboola.com
u415924.ct.sendgrid.net
us-u.openx.net
waivers.peek.com
www.facebook.com
x.bidswitch.net
141.226.228.48
143.204.98.70
167.89.123.122
18.194.4.47
18.197.47.23
185.64.189.110
2.18.234.21
216.58.212.162
3.220.83.228
31.13.92.14
31.13.92.36
34.253.133.188
35.186.235.23
35.186.241.51
35.244.159.8
37.252.172.249
69.173.144.138
70.42.32.95
76.223.111.18
87.248.118.23
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1170a560c701efeb30355d5ba2cb91faed63e30d3078757306cbf3f6850364f3
246540e878b5823012c753d06fdf1613044f865ca752e5b08391a05510eb6611
251d3a7234ded1649c838bcca3282cadff83e964671eb20a0e8b1ec125319ac6
300a9363c47b1cca14e3655650bb7a15c4c2b46cfe998ee5448bc66c1acc8f36
318dc9278bd6b331fc27c83e3891d03790c0ad8620fb1f1678a928915bcf7caf
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552f627ad0806154273d5e153ffc8a68360a292eac6a51507aaaa3371b1af09f
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
60e949870708b8b87d18cfce4b621ee6f27924637da965dd4591256e2f4645e2
63e10679707e2df98e97a3945feb0bc7113604ef6160b1b23d270267a16e0340
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
a4e0bfd4838896382e0308f1296b53070efe0ca96a4f4e14e976ad3fdd941ee1
aa795b3ecbaad94ed5950a8eba96ddb64a53fd9466eaed4a2e49317071a476c2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c36c15c94a09c4fff584588ef878ecc3c820bdab79d64918ed10591c0a61f25f
dbd14467d09c5b178fc18735c78ecd7f5a16557310ad764ed27033ba0076f30f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eede4626a0dbc96cc3a817d984d9fd136f6a152f5f4c5a4ca1ba835c6136c62a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fb426d72df39344445d8b50dff8ed27b1053c46a7887a74f4317b50e48f16df4