URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Submission: On February 27 via manual from JO — Scanned from DE

Summary

This website contacted 44 IPs in 7 countries across 35 domains to perform 218 HTTP transactions. The main IP is 44.230.167.61, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is dollarflightclub.com.
TLS certificate: Issued by R3 on February 20th 2023. Valid for: 3 months.
This is the only time dollarflightclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84 44.230.167.61 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:225... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.86.95.232 16509 (AMAZON-02)
1 151.139.128.10 20446 (STACKPATH...)
3 23.206.208.114 16625 (AKAMAI-AS)
1 18.66.97.10 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 13.225.78.67 16509 (AMAZON-02)
1 13.225.78.108 16509 (AMAZON-02)
4 2.23.97.122 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.42 16509 (AMAZON-02)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.193.23.165 14618 (AMAZON-AES)
1 2a00:1450:402... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:230... 16509 (AMAZON-02)
9 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
1 23.203.125.127 16625 (AKAMAI-AS)
1 52.18.149.243 16509 (AMAZON-02)
1 3.220.117.104 14618 (AMAZON-AES)
2 6 52.6.131.58 14618 (AMAZON-AES)
2 192.0.77.48 2635 (AUTOMATTIC)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 35.71.131.137 16509 (AMAZON-02)
4 4 18.194.204.81 16509 (AMAZON-02)
2 2 34.240.144.110 16509 (AMAZON-02)
1 2 69.192.160.219 16625 (AKAMAI-AS)
1 2a04:4e42:400... 54113 (FASTLY)
1 1 64.202.112.31 23352 (SERVERCEN...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 13.224.189.35 16509 (AMAZON-02)
2 13.225.78.57 16509 (AMAZON-02)
1 54.145.232.141 ()
218 44
Apex Domain
Subdomains
Transfer
84 dollarflightclub.com
dollarflightclub.com
4 MB
28 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
3 MB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
278 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
jnn-pa.googleapis.com — Cisco Umbrella Rank: 239
65 KB
11 b-cdn.net
kingsumo.b-cdn.net
kingsumowebapp.b-cdn.net
730 KB
11 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 2618
rp.liadm.com — Cisco Umbrella Rank: 1487
rp4.liadm.com — Cisco Umbrella Rank: 6869
i.liadm.com — Cisco Umbrella Rank: 566
i6.liadm.com — Cisco Umbrella Rank: 2104
20 KB
7 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
static.doubleclick.net — Cisco Umbrella Rank: 262
2 KB
5 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1580
m.addthis.com — Cisco Umbrella Rank: 1550
x.dlx.addthis.com — Cisco Umbrella Rank: 1281
142 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
1 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 765
101 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
223 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 980
pixel.quantserve.com — Cisco Umbrella Rank: 779
cms.quantserve.com — Cisco Umbrella Rank: 654
10 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
28 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
278 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 769
in.hotjar.com — Cisco Umbrella Rank: 1659
72 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
164 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2223
202 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1917
api-iam.intercom.io
6 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 198
2 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 228
9 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
75 KB
2 w.org
s.w.org — Cisco Umbrella Rank: 1563
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 956
heapanalytics.com — Cisco Umbrella Rank: 847
36 KB
2 kingsumo.com
kingsumo.com — Cisco Umbrella Rank: 670919
18 KB
2 refersion.com
dollarflightclubaffiliate.refersion.com
3 KB
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 532
291 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 669
373 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
265 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
675 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 433
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 924
641 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6149
408 B
1 profitwell.com
public.profitwell.com — Cisco Umbrella Rank: 6937
9 KB
1 servedby-buysellads.com
m.servedby-buysellads.com — Cisco Umbrella Rank: 23659
6 KB
218 35
Domain Requested by
84 dollarflightclub.com 1 redirects dollarflightclub.com
28 www.youtube.com dollarflightclub.com
www.youtube.com
14 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
9 kingsumo.b-cdn.net kingsumo.com
kingsumo.b-cdn.net
8 jnn-pa.googleapis.com www.youtube.com
6 i.liadm.com 2 redirects b-code.liadm.com
i.liadm.com
5 fonts.googleapis.com dollarflightclub.com
kingsumo.b-cdn.net
4 www.gstatic.com www.youtube.com
www.gstatic.com
4 x.bidswitch.net 4 redirects
4 googleads.g.doubleclick.net 2 redirects www.youtube.com
4 analytics.tiktok.com dollarflightclub.com
analytics.tiktok.com
4 connect.facebook.net dollarflightclub.com
connect.facebook.net
kingsumo.com
3 www.google.com dollarflightclub.com
www.youtube.com
3 www.facebook.com dollarflightclub.com
kingsumo.com
3 www.googletagmanager.com dollarflightclub.com
kingsumo.com
www.googletagmanager.com
2 js.intercomcdn.com widget.intercom.io
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 dpm.demdex.net 2 redirects
2 yt3.ggpht.com www.youtube.com
2 i.ytimg.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 s.w.org dollarflightclub.com
2 kingsumowebapp.b-cdn.net kingsumo.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s7.addthis.com dollarflightclub.com
s7.addthis.com
2 kingsumo.com dollarflightclub.com
kingsumo.com
2 b-code.liadm.com dollarflightclub.com
b-code.liadm.com
2 dollarflightclubaffiliate.refersion.com dollarflightclub.com
dollarflightclubaffiliate.refersion.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io dollarflightclub.com
1 i6.liadm.com i.liadm.com
1 b1sync.zemanta.com 1 redirects
1 trc.taboola.com i.liadm.com
1 cms.quantserve.com 1 redirects
1 match.adsrvr.org i.liadm.com
1 sync.mathtag.com 1 redirects
1 heapanalytics.com dollarflightclub.com
1 m.addthis.com s7.addthis.com
1 in.hotjar.com script.hotjar.com
1 z.moatads.com s7.addthis.com
1 pixel.quantserve.com dollarflightclub.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com dollarflightclub.com
1 www.google.de dollarflightclub.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rp4.liadm.com dollarflightclub.com
1 rp.liadm.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 public.profitwell.com dollarflightclub.com
1 cdn.heapanalytics.com dollarflightclub.com
1 static.hotjar.com dollarflightclub.com
1 m.servedby-buysellads.com dollarflightclub.com
218 52
Subject Issuer Validity Valid
dollarflightclub.com
R3
2023-02-20 -
2023-05-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-16 -
2023-06-16
a year crt.sh
*.liadm.com
Amazon
2023-01-01 -
2024-01-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
kingsumo.com
ZeroSSL RSA Domain Secure Site CA
2023-01-22 -
2023-04-22
3 months crt.sh
m.servedby-buysellads.com
R3
2023-01-21 -
2023-04-21
3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-07
a year crt.sh
*.hotjar.com
Amazon
2022-10-25 -
2023-11-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-03-07
2 months crt.sh
cdn.heapanalytics.com
Amazon
2022-07-29 -
2023-08-27
a year crt.sh
*.profitwell.com
Amazon
2022-07-03 -
2023-08-01
a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-10 -
2023-04-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
www.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
www.google.de
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
quantserve.com
R3
2023-02-13 -
2023-05-14
3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA
2022-11-07 -
2023-11-11
a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02
2022-12-09 -
2024-01-07
a year crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA
2022-12-06 -
2024-01-06
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.intercom.com
Amazon RSA 2048 M02
2023-02-14 -
2024-03-14
a year crt.sh
*.intercomcdn.com
Amazon
2022-12-31 -
2024-01-29
a year crt.sh

This page contains 11 frames:

Primary Page: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Frame ID: D51988983B7417C8B70F90696C5B7AA1
Requests: 124 HTTP requests in this frame

Frame: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Frame ID: 0031FAA95C6380306878252A1DA8E91B
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2AZtQr71z-c
Frame ID: 8FD35507F40683BB0EE295C389B1C9AA
Requests: 7 HTTP requests in this frame

Frame: https://www.youtube.com/embed/IIFe9wEyjNk
Frame ID: DBF2CF110284737BB78992525A5799F9
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DB632F7DC01839CA13CE0DFACB296EFD
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0248A2B305296247050A77EFC3C93DCB
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6093E3276307AD2BCB74E6424F39B21C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2AZtQr71z-c
Frame ID: EADB711A55227991C833188B527EAA2D
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/IIFe9wEyjNk
Frame ID: 78448EA57D8CDA3CA5A8BD7837A78FD7
Requests: 21 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 1B29AA4384D7DDEA42F66A125B9133F8
Requests: 8 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.feb17e6c.js
Frame ID: 66AF62413AF84DB36C5742E3ABFC92DC
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Fiji Adventure Sweepstakes - Dollar Flight Clubcaret-downcaret-upcaret-leftcaret-right

Page URL History Show full URLs

  1. https://dollarflightclub.com/fiji-adventure-sweepstakes-2 HTTP 301
    https://dollarflightclub.com/fiji-adventure-sweepstakes-2/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns
  • servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • moatads\.com


Overall confidence: 100%
Detected patterns
  • public\.profitwell\.com/js/profitwell\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

218
Requests

96 %
HTTPS

50 %
IPv6

35
Domains

52
Subdomains

44
IPs

7
Countries

9071 kB
Transfer

22426 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dollarflightclub.com/fiji-adventure-sweepstakes-2 HTTP 301
    https://dollarflightclub.com/fiji-adventure-sweepstakes-2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://rp.liadm.com/j?dtstmp=1677486724840&aid=a-07np&se=e30&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&tna=v2.6.0&pu=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&wpn=lc-bundle&c=PHRpdGxlPkZpamkgQWR2ZW50dXJlIFN3ZWVwc3Rha2VzIC0gRG9sbGFyIEZsaWdodCBDbHViPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iV2luIHJvdW5kdHJpcCBmbGlnaHRzIHRvIFllbGxvd3N0b25lIE5hdGlvbmFsIFBhcmsgaG9zdGVkIGJ5IERvbGxhciBGbGlnaHQgQ2x1YiEgRmx5IGludG8gYW4gYWR2ZW50dXJlIGFuZCBleHBlcmllbmNlIGFsbCB0aGF0IHRoaXMgYmVhdXRpZnVsIGRlc3RpbmF0aW9uIGhhcyB0byBvZmZlci4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2RvbGxhcmZsaWdodGNsdWIuY29tL2ZpamktYWR2ZW50dXJlLXN3ZWVwc3Rha2VzLTIvIj48aDEgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlciI-RklKSTwvaDE-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXIiPkFEVkVOVFVSRSBHSVZFQVdBWTwvaDE- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1677486724840&aid=a-07np&se=e30&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&tna=v2.6.0&pu=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&wpn=lc-bundle&c=PHRpdGxlPkZpamkgQWR2ZW50dXJlIFN3ZWVwc3Rha2VzIC0gRG9sbGFyIEZsaWdodCBDbHViPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iV2luIHJvdW5kdHJpcCBmbGlnaHRzIHRvIFllbGxvd3N0b25lIE5hdGlvbmFsIFBhcmsgaG9zdGVkIGJ5IERvbGxhciBGbGlnaHQgQ2x1YiEgRmx5IGludG8gYW4gYWR2ZW50dXJlIGFuZCBleHBlcmllbmNlIGFsbCB0aGF0IHRoaXMgYmVhdXRpZnVsIGRlc3RpbmF0aW9uIGhhcyB0byBvZmZlci4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2RvbGxhcmZsaWdodGNsdWIuY29tL2ZpamktYWR2ZW50dXJlLXN3ZWVwc3Rha2VzLTIvIj48aDEgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlciI-RklKSTwvaDE-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXIiPkFEVkVOVFVSRSBHSVZFQVdBWTwvaDE-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojk%3D&n3pc=true
Request Chain 166
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 176
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-07np%2F0%2F95917f934ded40a09f9bdd08e805f695%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&c4f20df4-47aa-4774-97ac-476a1fc9f87c HTTP 302
  • https://i.liadm.com/s/e/a-07np/0/95917f934ded40a09f9bdd08e805f695?mpid=7156&muid=293563fc-6a86-4600-ac2a-0e6da2a99bbc
Request Chain 178
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=c4f20df4-47aa-4774-97ac-476a1fc9f87c&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=c4f20df4-47aa-4774-97ac-476a1fc9f87c&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=ae059818-6eb8-4cbc-87a5-459d53a51cce HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=c4f20df4-47aa-4774-97ac-476a1fc9f87c HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&&user_id=p5ncY6fLgjW8nI8zp5mXOPTIgjG8z45loZ-s4V-n HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=ae059818-6eb8-4cbc-87a5-459d53a51cce
Request Chain 179
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=c4f20df4-47aa-4774-97ac-476a1fc9f87c&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-07np%2F0%2F95917f934ded40a09f9bdd08e805f695%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=c4f20df4-47aa-4774-97ac-476a1fc9f87c&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-07np%2F0%2F95917f934ded40a09f9bdd08e805f695%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-07np/0/95917f934ded40a09f9bdd08e805f695?mpid=82775&muid=84825250284122469600530243571473249119
Request Chain 180
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c4f20df4-47aa-4774-97ac-476a1fc9f87c HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c4f20df4-47aa-4774-97ac-476a1fc9f87c&rd=Y
Request Chain 182
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Request Chain 183
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

218 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dollarflightclub.com/fiji-adventure-sweepstakes-2/
Redirect Chain
  • https://dollarflightclub.com/fiji-adventure-sweepstakes-2
  • https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
98 KB
22 KB
Document
General
Full URL
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache / PHP/7.0.31
Resource Hash
114e73f55b507d6cbf9b378d7f9c1e6d1a43761d52cc3e36cc589d5672b259ee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=3, must-revalidate max-age=0, no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
22127
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Feb 2023 08:32:02 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Vary
Accept-Encoding,Cookie
X-Frame-Options
SAMEORIGIN
X-Mod-Pagespeed
1.13.35.2-0
X-Powered-By
PHP/7.0.31

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Feb 2023 08:32:02 GMT
Keep-Alive
timeout=5, max=100
Location
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Server
Apache
Vary
Accept-Encoding,Cookie
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.0.31
X-Redirect-By
WordPress
style.css
dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/css/
21 KB
4 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/css/style.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
005dd77b13b2aeaaa417ae115df0c3a99325a55bcafdc4acb24e86650b288da9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:42 GMT
Server
Apache
ETag
"53a0-5e3402c3907fa-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3842
swiper-bundle.min.css
dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/css/
14 KB
4 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/css/swiper-bundle.min.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1c6ce2e342930fbcd80af7e49d262b7531b6cf87b9b582bc0481bf7c7f0fbb5e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:42 GMT
Server
Apache
ETag
"363c-5e3402c3907fa-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4177
style.min.css
dollarflightclub.com/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 18:21:33 GMT
Server
Apache
ETag
"15b64-5e39fbcfbc3ec-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11681
style-index.css
dollarflightclub.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/
70 B
415 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1657239585
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:19:45 GMT
Server
Apache
ETag
"46-5e34028c6f177-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
68
style-index.css
dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/blocks/src/assets/css/
2 KB
990 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/blocks/src/assets/css/style-index.css?ver=1.3.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
85a9cbba40dfc67d7e46f29ed518a7ed0e2d2a1808239c760f448e7c69a0976a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:19 GMT
Server
Apache
ETag
"7ea-5e3402ad9f420-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
641
styles.css
dollarflightclub.com/wp-content/plugins/contact-form-7/includes/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Feb 2021 18:31:12 GMT
Server
Apache
ETag
"780-5bb13b95da3db-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
730
frontend.css
dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/assets/css/
32 KB
6 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/assets/css/frontend.css?ver=1.3.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b13e0818464555ef081df39ac40cb95bb23c541a211fba8aa76905a97ee59699
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:19 GMT
Server
Apache
ETag
"8025-5e3402ada03c0-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5488
front-flex.min.css
dollarflightclub.com/wp-content/plugins/siteorigin-panels/css/
1 KB
833 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.16.15
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
9043986fde648c179ce63d202242b956fe5bae1cbba32612c721e28aeeae65ab
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:36 GMT
Server
Apache
ETag
"56b-5e3402bdd0cdf-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
485
sow-image-default-d6014b76747a.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
550 B
569 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-image-default-d6014b76747a.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ef1ea77c95d614496735fc9e17e96d45cd15fe4e142dc1686afcd25d1cde0888
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Feb 2023 18:52:35 GMT
Server
Apache
ETag
"226-5f5262a96ecdf-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
221
slider.css
dollarflightclub.com/wp-content/plugins/so-widgets-bundle/css/slider/
6 KB
1 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/css/slider/slider.css?ver=1.37.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
36ce88cbc3549df353175f2cb90fbe5b729174106643e9a8de2e7adde71c0e50
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:53 GMT
Server
Apache
ETag
"1629-5e3402cd79a21-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1130
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400&ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 08:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 07:08:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 08:32:02 GMT
sow-hero-default-9f6a6ec02700-11891.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
3 KB
899 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-hero-default-9f6a6ec02700-11891.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1189fb729e6b7726df4f1f782c3436a2de5e0f7a734f79fbfff2fcecf42e0963
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 21:21:23 GMT
Server
Apache
ETag
"c01-5f49b6dd5e4b5-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
551
sow-image-default-d6014b76747a-11891.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
574 B
576 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-image-default-d6014b76747a-11891.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
08663961ca42a3ec9d872d95e370f125db7b1937206037f7ac3a02ca7121e983
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 21:21:23 GMT
Server
Apache
ETag
"23e-5f49b6dd5f455-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
228
sow-headline-default-5f0f3769b0bc-11891.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
2 KB
742 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-headline-default-5f0f3769b0bc-11891.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4ef5e440b9553eddb24331c18f1046c5d85ef70bac167e87118065c380963774
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 21:21:23 GMT
Server
Apache
ETag
"63a-5f49b6dd632d4-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
394
sow-headline-default-b608d82cc1d0-11891.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
2 KB
738 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-headline-default-b608d82cc1d0-11891.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3656061856224d3a8cd8e5937206dcf477cd979e1d981fcdd2c95708b3809f29
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 21:21:23 GMT
Server
Apache
ETag
"638-5f49b6dd67154-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
390
sow-headline-default-8cf2b5b61e31-11891.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
2 KB
725 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-headline-default-8cf2b5b61e31-11891.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
22f8dc56e8f9a551e8a039078843065fa060a1fd9b77f5766a8e0446ecfea14d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 21:21:23 GMT
Server
Apache
ETag
"6e6-5f49b6dd6bf74-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
377
style.css
dollarflightclub.com/wp-content/plugins/so-widgets-bundle/widgets/testimonial/css/
1 KB
730 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/widgets/testimonial/css/style.css?ver=1.37.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
47dd7ca58d5b8a06bbec1dd77c8160bd8a28e2d029cf6a91fbc968e36f7389f1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:53 GMT
Server
Apache
ETag
"53a-5e3402cd6bf60-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
382
sow-testimonials-default-e51635495f32-11891.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
5 KB
995 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-testimonials-default-e51635495f32-11891.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a0e17e4a9e26313141e61c2e8dbf35ef21a176047858bf4680b926607aa3c60d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 21:21:23 GMT
Server
Apache
ETag
"14c4-5f49b6dd6fdf4-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
646
slick.min.css
dollarflightclub.com/wp-content/plugins/testimonial-free/src/Frontend/assets/css/
1 KB
831 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/testimonial-free/src/Frontend/assets/css/slick.min.css?ver=2.5.6
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:59 GMT
Server
Apache
ETag
"52f-5e3402d3be243-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
483
font-awesome.min.css
dollarflightclub.com/wp-content/plugins/testimonial-free/src/Frontend/assets/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/testimonial-free/src/Frontend/assets/css/font-awesome.min.css?ver=2.5.6
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:59 GMT
Server
Apache
ETag
"7186-5e3402d3be243-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6664
deprecated-style.min.css
dollarflightclub.com/wp-content/plugins/testimonial-free/src/Frontend/assets/css/
2 KB
893 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/testimonial-free/src/Frontend/assets/css/deprecated-style.min.css?ver=2.5.6
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
6ea13741aecc9bba40c8b94e78efe045d05ec90f44fcc333776ef00b84d3c130
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:59 GMT
Server
Apache
ETag
"6ac-5e3402d3be243-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
545
style.min.css
dollarflightclub.com/wp-content/plugins/testimonial-free/src/Frontend/assets/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/testimonial-free/src/Frontend/assets/css/style.min.css?ver=2.5.6
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
248ce97201b935106698d0c4caecb2ce9d8725a935016137be498c97d75920b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:59 GMT
Server
Apache
ETag
"fb4-5e3402d3be243-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
967
widget-options.css
dollarflightclub.com/wp-content/plugins/widget-options/assets/css/
1 KB
631 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:21:05 GMT
Server
Apache
ETag
"416-5e3402d94243e-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
283
a15c0ecefc06037e.css
dollarflightclub.com/wp-content/uploads/hurrytimer/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/hurrytimer/css/a15c0ecefc06037e.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c664b12f3480ecc79264b1c43347b5addc462aada4f184febaea7bfbb8a2c750
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Feb 2021 18:31:27 GMT
Server
Apache
ETag
"fa7-5bb13ba40910b-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
947
css
fonts.googleapis.com/
33 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C600%2C700%2C300%2C100%2C800%2C900%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&ver=2.2.4
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d4cf2ceaf19b3a74396cdc3be68709fef38a8e15dbd6b0fa1b7948a104e25d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 08:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 07:51:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 08:32:02 GMT
animate.min.css
dollarflightclub.com/wp-content/themes/onepress/assets/css/
54 KB
4 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.2.4
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1f63f05c15f02b517aeb7bad8bcbda596a499e03ef3a1b47d6ebdb76b2dc7cc5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"d815-585908650136f-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3868
font-awesome.min.css
dollarflightclub.com/wp-content/themes/onepress/assets/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
88e7e2277f9948b9635eac546281a39c7fddba5f24be5c14fd59a1cc2e84d1c5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"792c-585908650136f-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7061
bootstrap.min.css
dollarflightclub.com/wp-content/themes/onepress/assets/css/
126 KB
19 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.2.4
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
9f58b2c2ce7858f4254c5edd6e3c747bc139248f25ccdf6bcb6c0053cd199538
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"1f915-585908650136f-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
19169
style.css
dollarflightclub.com/wp-content/themes/onepress/
102 KB
18 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/style.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d9977b98502521dc2992b26e12a61ea1738043f66af9daec8a3c81cbedecf852
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"197dd-58590864fe48f-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
17840
lightgallery.css
dollarflightclub.com/wp-content/themes/onepress/assets/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7bb167b25d3bbae5246019df9d374fc0663a67a7adf5f74cb9a62c85d6b1493d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"5970-58590865003cf-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3962
addthis_wordpress_public.min.css
dollarflightclub.com/wp-content/plugins/addthis/frontend/build/
587 B
632 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:45 GMT
Server
Apache
ETag
"24b-5e3402c65f417-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
284
onepress-plus.css
dollarflightclub.com/wp-content/plugins/onepress-plus/
20 KB
4 KB
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/onepress-plus/onepress-plus.css?ver=2.3.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
bcb66ff9cbfa5bdd463f4ace03b7a7a42c6d13435eea7842692ca2f1bace87d1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:33 GMT
Server
Apache
ETag
"5084-5e3402bad1381-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3875
jquery.min.js
dollarflightclub.com/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
https://dollarflightclub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:24:20 GMT
Server
Apache
ETag
"15db1-5e340392c8651-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
30908
jquery-migrate.min.js
dollarflightclub.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://dollarflightclub.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Feb 2021 18:29:07 GMT
Server
Apache
ETag
"2bd8-5bb13b1eb0ad2-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
4169
swiper-bundle.min.js
dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/js/
142 KB
38 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/js/swiper-bundle.min.js?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
03ae9c2909942f966813bd4c15fc7aecffaa9fdd497ec038a7febf1b0a6cdbe5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:42 GMT
Server
Apache
ETag
"2399e-5e3402c38f85a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
38850
main.js
dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/js/
4 KB
2 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/js/main.js?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b686495414a0cc7cf70528be9f0660bd5f19cd393b5c80435e6a3f469f6ab308
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:42 GMT
Server
Apache
ETag
"1017-5e3402c38f85a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1248
frontend.js
dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/
17 KB
3 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/frontend.js?ver=1.3.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
915c90474da768801b13e23f5b46fb0809dd729917097a3d87f88600fea3001a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:19 GMT
Server
Apache
ETag
"43bc-5e3402ada03c0-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
2809
js.cookie.min.js
dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/
2 KB
1 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/js.cookie.min.js?ver=1.3.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
98c2152333a88fc6445e64fed30c3152a965fa94e6e3ebef5dd80422d4ee5470
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:19 GMT
Server
Apache
ETag
"7ed-5e3402ada03c0-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1111
jquery.cycle.min.js
dollarflightclub.com/wp-content/plugins/so-widgets-bundle/js/
22 KB
7 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/js/jquery.cycle.min.js?ver=1.37.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
dee393e1d0f5a95991f8bd02057537726d4903dc5bc42df6910b9e518d580061
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:53 GMT
Server
Apache
ETag
"599e-5e3402cd73c60-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
7024
jquery.slider.min.js
dollarflightclub.com/wp-content/plugins/so-widgets-bundle/js/slider/
6 KB
2 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/js/slider/jquery.slider.min.js?ver=1.37.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
623bf86c91a40663939b9c9b22bfbcb7c7a62afe9c81891352296ffaf6f4a5eb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:53 GMT
Server
Apache
ETag
"16c4-5e3402cd72cc0-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1975
pub_1c47ba500d44200b30c7.js
dollarflightclubaffiliate.refersion.com/tracker/v3/
669 B
731 B
Script
General
Full URL
https://dollarflightclubaffiliate.refersion.com/tracker/v3/pub_1c47ba500d44200b30c7.js
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6b2e9929ad346c22863a0a968b4af18fe0e2fbbcdaffb277d8a9009db12c7a
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'none';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:03 GMT
content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'none';
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 27 Feb 2023 02:32:17 GMT
x-server-name
dollarflightclubaffiliate.refersion.com
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
79ff91512ba130f4-FRA
expires
Mon, 27 Feb 2023 09:32:03 GMT
wp-emoji-release.min.js
dollarflightclub.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://dollarflightclub.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Original-Content-Length
18617
Connection
Keep-Alive
Content-Length
4917
Last-Modified
Fri, 08 Jul 2022 00:24:20 GMT
Server
Apache
ETag
"48b9-5e340392c5771-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
s-maxage=10
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Expires
Mon, 27 Feb 2023 08:35:37 GMT
a-07np.min.js
b-code.liadm.com/
34 KB
12 KB
Script
General
Full URL
https://b-code.liadm.com/a-07np.min.js
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
25384fe47b27ce1acedb14e5e83c29b8b971b24a6b57d7a93e20bce7b2638135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 11:49:17 GMT
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
74567
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
_vDvf2kFqAVLnYQuQdO3mUVN3Evk74y4adYjSXQoXS6BlTR9ii579w==
css
fonts.googleapis.com/
3 KB
703 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400&subset=greek,cyrillic,greek-ext,latin,latin-ext,cyrillic-ext,vietnamese
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 08:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 08:32:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 08:32:02 GMT
js
www.googletagmanager.com/gtag/
111 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-125916046-1
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
645c7d7195adc03845c68decb10ca4bf1022e6b0b137724ef4d3543e400a5cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44565
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Feb 2023 08:32:02 GMT
embed.js
kingsumo.com/js/
34 KB
12 KB
Script
General
Full URL
https://kingsumo.com/js/embed.js
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
50126020728fee9d02e0bc1e939ff74e5e2f54e564a92877a2cb2f59bebb3f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:04 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
last-modified
Monday, 27-Feb-2023 08:32:04 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
facebook-6758330fd53a058376adf5173894c8d590c7e83aa1b4d3f8b512b292c9ed3c75.svg
dollarflightclub.com/wp-content/uploads/2018/07/
1 KB
1 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2018/07/facebook-6758330fd53a058376adf5173894c8d590c7e83aa1b4d3f8b512b292c9ed3c75.svg
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
6758330fd53a058376adf5173894c8d590c7e83aa1b4d3f8b512b292c9ed3c75
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Wed, 16 Jan 2019 03:00:37 GMT
Server
Apache
ETag
"437-57f8a7b7c206c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
1079
instagram-0b04e4878b872dd8e8a164db42f0d3cc0d7d9f82f07b8653add8e09e5ab96b21.svg
dollarflightclub.com/wp-content/uploads/2018/07/
2 KB
3 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2018/07/instagram-0b04e4878b872dd8e8a164db42f0d3cc0d7d9f82f07b8653add8e09e5ab96b21.svg
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0b04e4878b872dd8e8a164db42f0d3cc0d7d9f82f07b8653add8e09e5ab96b21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Wed, 16 Jan 2019 03:00:36 GMT
Server
Apache
ETag
"91e-57f8a7b6ceddc"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
2334
twitter-776f37cc596d12177378a99633e76c0a19d4bfb0913f71faae9a73d272412222.svg
dollarflightclub.com/wp-content/uploads/2018/07/
2 KB
3 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2018/07/twitter-776f37cc596d12177378a99633e76c0a19d4bfb0913f71faae9a73d272412222.svg
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
776f37cc596d12177378a99633e76c0a19d4bfb0913f71faae9a73d272412222
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Wed, 16 Jan 2019 03:00:52 GMT
Server
Apache
ETag
"8ef-57f8a7c647bd4"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
2287
youtube-symbol.svg
dollarflightclub.com/wp-content/uploads/2018/08/
1 KB
2 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2018/08/youtube-symbol.svg
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
50357266fd96f59a221ecdc11521aed87ca092c72e11aff35621a005f1afbca9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Wed, 16 Jan 2019 03:01:00 GMT
Server
Apache
ETag
"4e7-57f8a7cd8e035"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
1255
monetization.it.js
m.servedby-buysellads.com/
16 KB
6 KB
Script
General
Full URL
https://m.servedby-buysellads.com/monetization.it.js
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
476681c2c838bb23491340d7fc2d630557cd58e18e557f8ca4653cb78e55322a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:04 GMT
content-encoding
gzip
last-modified
Fri, 03 Feb 2023 15:38:42 GMT
server
AmazonS3
x-amz-request-id
QHQWYTH58JZZYWA4
etag
"816b945f88685310e0750c428136fab5"
x-hw
1677486724.cds125.fr8.hn,1677486724.cds277.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1607
accept-ranges
bytes
content-length
5945
x-amz-id-2
JVnpNJaS9zL7PYyywwrIydt2OcDnGMMZnLc+7rOpGAMWHDpvgvS/ADBLVSYa/YLNUxzstS8T55c=
sow-button-flat-3d7a159ee074.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
1 KB
759 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-button-flat-3d7a159ee074.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e609d9723f2f846fe9dcab4ff0901eb314afae147d15f0a834467021f5f00d82
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 19:34:44 GMT
Server
Apache
ETag
"52b-5f499f067b27e-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
411
style.css
dollarflightclub.com/wp-content/plugins/so-widgets-bundle/widgets/button/css/
1 KB
773 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/widgets/button/css/style.css?ver=1.37.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1f21683f671ac3f7cd50a0ec2bb7ae3a8a5b0f857d92b2581ecbd7781b3913d3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:53 GMT
Server
Apache
ETag
"58c-5e3402cd6afc0-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
425
sow-headline-default-3561a898c60d-11891.css
dollarflightclub.com/wp-content/uploads/siteorigin-widgets/
2 KB
725 B
Stylesheet
General
Full URL
https://dollarflightclub.com/wp-content/uploads/siteorigin-widgets/sow-headline-default-3561a898c60d-11891.css?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
86669411833ff621f7bba1b6aa6418ff160cf4c99a519980b8c63d8a5b0e0fa9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 21:21:23 GMT
Server
Apache
ETag
"6e6-5f49b6dd84614-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
377
ajax.js
dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/js/
981 B
790 B
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/js/ajax.js?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fd05e9e0ec403a89165ecd5a3e2cb0c23efa7376ed35f8364da8604ba3e296ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:42 GMT
Server
Apache
ETag
"3d5-5e3402c38f85a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
428
site_tracking.js
dollarflightclub.com/wp-content/plugins/activecampaign-subscription-forms/
1 KB
995 B
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:19:45 GMT
Server
Apache
ETag
"57b-5e34028c70117-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
633
scripts.js
dollarflightclub.com/wp-content/plugins/contact-form-7/includes/js/
14 KB
4 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Feb 2021 18:31:12 GMT
Server
Apache
ETag
"37c8-5bb13b95d943b-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
3951
analytics.js
dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/
1 KB
846 B
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/analytics.js?ver=1.3.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3ee3b9bad53194e55a730b6dbf231d6b8823248e53d17db283d9c5f04dc32794
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:19 GMT
Server
Apache
ETag
"50f-5e3402ada03c0-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
484
page-scroll-to-id.min.js
dollarflightclub.com/wp-content/plugins/page-scroll-to-id/js/
25 KB
7 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
37569d024102d3b4fe238db257d1df719764726a86692aca7168bd92c9393d6f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:39 GMT
Server
Apache
ETag
"6591-5e3402c0c69fd-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
6337
sow.jquery.fittext.min.js
dollarflightclub.com/wp-content/plugins/so-widgets-bundle/js/
1 KB
954 B
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/js/sow.jquery.fittext.min.js?ver=1.2
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
6cfeb4dc63a002f81089de118530a92228c9094731a0ad9ca1900938bdf7fe56
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:53 GMT
Server
Apache
ETag
"46b-5e3402cd73c60-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
592
cookie.min.js
dollarflightclub.com/wp-content/plugins/hurrytimer/assets/js/
2 KB
1 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/hurrytimer/assets/js/cookie.min.js?ver=3.14.1
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:22 GMT
Server
Apache
ETag
"690-5e3402b05d69a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
821
jquery.countdown.min.js
dollarflightclub.com/wp-content/plugins/hurrytimer/assets/js/
5 KB
3 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/hurrytimer/assets/js/jquery.countdown.min.js?ver=2.2.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:22 GMT
Server
Apache
ETag
"14db-5e3402b05d69a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
2373
hurrytimer.js
dollarflightclub.com/wp-content/plugins/hurrytimer/assets/js/
28 KB
7 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/hurrytimer/assets/js/hurrytimer.js?ver=2.7.2
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f3e6105a99b2932b8353609dd39c828a69ed56cb9f96a2f6f1a025237ec62898
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:22 GMT
Server
Apache
ETag
"6fc7-5e3402b05d69a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
6577
plugins.js
dollarflightclub.com/wp-content/themes/onepress/assets/js/
95 KB
27 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/assets/js/plugins.js?ver=2.2.4
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e7408ed066d89e3949277997fdfe15f743cb93287eb2093e0f6d80f4008cf54c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"17a8c-58590865003cf-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
27098
bootstrap.min.js
dollarflightclub.com/wp-content/themes/onepress/assets/js/
46 KB
12 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/assets/js/bootstrap.min.js?ver=2.2.4
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
9f5aacd2c120fd4d3e730e2290001de3abf9cdec6309f36844807b74183f266b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"b641-58590865003cf-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
12034
theme.js
dollarflightclub.com/wp-content/themes/onepress/assets/js/
24 KB
7 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/assets/js/theme.js?ver=2.2.4
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ef0c19241036cb636684d2ff29f13ea9eda4571edbc2ad6e1902f0f2c0d61864
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"61af-58590865003cf-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
7132
owl.carousel.min.js
dollarflightclub.com/wp-content/themes/onepress/assets/js/
43 KB
12 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ef52ead07fdb220ecd63baa9d08c80142239de79e4e1e4a1b15298f9d075950b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 18:44:18 GMT
Server
Apache
ETag
"ad3b-58590865003cf-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
11415
slider.js
dollarflightclub.com/wp-content/plugins/onepress-plus/assets/js/
2 KB
1 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/onepress-plus/assets/js/slider.js?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b141da8911457cd595d68ee6b6a924cc3fa8b0124b877cef0c92bf62de254933
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:33 GMT
Server
Apache
ETag
"9df-5e3402bad32c1-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
756
addthis_widget.js
s7.addthis.com/js/300/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/300/addthis_widget.js?ver=6.0.3
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Mon, 27 Feb 2023 08:32:04 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116332
onepress-plus.js
dollarflightclub.com/wp-content/plugins/onepress-plus/assets/js/
19 KB
5 KB
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/onepress-plus/assets/js/onepress-plus.js?ver=2.3.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4f3103cde82c301d2d5168277d84a1514c6d3940f1d927c1728d37a7b7d1482c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:33 GMT
Server
Apache
ETag
"4cf2-5e3402bad32c1-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
4743
styling.min.js
dollarflightclub.com/wp-content/plugins/siteorigin-panels/js/
1 KB
970 B
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/siteorigin-panels/js/styling.min.js?ver=2.16.15
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3e212c6722881231cc060b8769f5d8103e6920bafe9ec80a4d90c15079f57845
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:36 GMT
Server
Apache
ETag
"50d-5e3402bdcfd3f-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
608
jquery.cycle.swipe.min.js
dollarflightclub.com/wp-content/plugins/so-widgets-bundle/js/
1 KB
882 B
Script
General
Full URL
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/js/jquery.cycle.swipe.min.js?ver=1.37.0
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3475c7835d29df503446756f89c46d657248bcae45e638d4103a92c80e6aad96
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Jul 2022 00:20:53 GMT
Server
Apache
ETag
"4fd-5e3402cd73c60-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
520
css2
fonts.googleapis.com/
6 KB
590 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600&display=swap
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/wp-content/plugins/post-grid-carousel-ultimate/assets/css/style.css?ver=6.0.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca4a8df38c6d4d0a40bc0cc963662e6003c83eed50dd63dbf456177c4725d0bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 08:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 07:51:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 08:32:03 GMT
hotjar-945023.js
static.hotjar.com/c/
8 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-945023.js?sv=6
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-10.fra56.r.cloudfront.net
Software
/
Resource Hash
24851aa6e7a247139ba52bb829d8141fcbe0d7f4eea7ef6b8bb8abf735227041
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 08:32:04 GMT
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/81b07a577b321f3b2a16e58c8f824122
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
k41AibaV4ajJLBjQk8feY5BbfhfNyYAOAVf_iyauwWusNllisq3Fwg==
pub_1c47ba500d44200b30c7.js
dollarflightclubaffiliate.refersion.com/tracker/v3/merchant/
7 KB
2 KB
Script
General
Full URL
https://dollarflightclubaffiliate.refersion.com/tracker/v3/merchant/pub_1c47ba500d44200b30c7.js?v=27
Requested by
Host: dollarflightclubaffiliate.refersion.com
URL: https://dollarflightclubaffiliate.refersion.com/tracker/v3/pub_1c47ba500d44200b30c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26483bedf460df831aafc8a214d51bd2ba33c6b0df388f579c603295de92b321
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'none';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:04 GMT
content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' https: http:; object-src 'none';
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 27 Feb 2023 04:23:01 GMT
x-server-name
dollarflightclubaffiliate.refersion.com
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
79ff915be9fd30f4-FRA
expires
Mon, 27 Feb 2023 09:32:04 GMT
fbevents.js
connect.facebook.net/en_US/
106 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 27 Feb 2023 08:32:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
l+spW/zmZ0+FQJHcNVQc7Dv8sbuYIBhnv8lD8pr6SoJcb5xLvXmDkyd+7A/aHY3RdkXROrzAuEe+TBNRIffPCw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
heap-1818647419.js
cdn.heapanalytics.com/js/
111 KB
36 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-1818647419.js
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
nginx / Express
Resource Hash
1c17b5d1d57e609696951637c56c737d41211f1c8054948ab9c49c3294b52fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:04 GMT
content-encoding
br
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"1bc57-ZY5TV/qn30K4AgreeT+O2xN3cD4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
3HVTPBCMR8zafkIB83SMHh7gK7295iWqePuhEwWYYWL73g5RSQvzVA==
profitwell.js
public.profitwell.com/js/
35 KB
9 KB
Script
General
Full URL
https://public.profitwell.com/js/profitwell.js?auth=55ade4d88b7705cb4042acceab5386ec
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-108.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
content-encoding
gzip
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
date
Mon, 27 Feb 2023 07:57:09 GMT
last-modified
Tue, 28 Jun 2022 18:43:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
9732
etag
W/"f3710cf44008e9509cf9d74fde8cff1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=86400
x-amz-cf-id
UJ2ufywOGAxIDt_kF4beoH7SdslBI_tCL04lsmod_tO3YP5Jce6iuw==
events.js
analytics.tiktok.com/i18n/pixel/
3 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDRCO2JC77U2BHNF46EG&lib=ttq
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-122.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d34f1c2130b6b8a2e282412caca9e14c9923098adf646f7d76febe59f787c84f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id
15e3fb38.10e5bd10
date
Mon, 27 Feb 2023 08:32:04 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time
108,2.23.97.118
server-timing
cdn-cache; desc=MISS, edge; dur=100, origin; dur=8, inner; dur=4
content-length
1355
pragma
no-cache
server
nginx
x-tt-logid
20230227083204C9CF39FE83FD4862563C
x-cache-remote
TCP_MISS from a23-201-31-142.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.201.31.142
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc7318aef130a1e01239c9ba401225f644364d9fb4ed350eacbeb6f80f7976f8a5642c729f0c79352beda65f1e560de81c97da0322db7c95b7be8b5e647edfb83e3362535e1bb72bb5c4d50cbba6002822955794f7864fcecd8706aafa84455241606
expires
Mon, 27 Feb 2023 08:32:04 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125916046-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 08:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1034
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 27 Feb 2023 10:14:50 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400&ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dollarflightclub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 22:56:53 GMT
x-content-type-options
nosniff
age
293711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 22:56:53 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C600%2C700%2C300%2C100%2C800%2C900%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&ver=2.2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dollarflightclub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:05:33 GMT
x-content-type-options
nosniff
age
357991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 05:05:33 GMT
Dollar-Flight-Club-Logo-Original-2.png
dollarflightclub.com/wp-content/uploads/2018/07/
17 KB
17 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2018/07/Dollar-Flight-Club-Logo-Original-2.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c456b369b0747228ea1d3598f3b95ee75ce847ae66ce3a3770f53e184b6ef16f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Wed, 16 Jan 2019 03:00:47 GMT
Server
Apache
ETag
"43ca-57f8a7c112c0e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
17354
Untitled-design-1-150x150.png
dollarflightclub.com/wp-content/uploads/2022/09/
5 KB
5 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/09/Untitled-design-1-150x150.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0d199379b6d9d1ef3eef44f5ebf34479c4c8fa33e4a39605d6905fabb67dc9b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Tue, 27 Sep 2022 10:03:54 GMT
Server
Apache
ETag
"137c-5e9a5c3013c3b"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
4988
4-150x150.png
dollarflightclub.com/wp-content/uploads/2022/10/
1 KB
2 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/10/4-150x150.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
d99949aa1dcf989ea57c59b2ea99ce92a9840eb7ab740750c4edd2aa14255830
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Wed, 26 Oct 2022 02:28:12 GMT
Server
Apache
ETag
"5c4-5ebe6c6b41164"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1476
2-150x150.png
dollarflightclub.com/wp-content/uploads/2022/10/
2 KB
2 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/10/2-150x150.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
297c0561304620e0ad2c6caec8ccb36fb48964cf51973a012fa5d66655f372c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Wed, 26 Oct 2022 02:28:25 GMT
Server
Apache
ETag
"63a-5ebe6c7840398"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
1594
Untitled-design-3-150x150.png
dollarflightclub.com/wp-content/uploads/2022/10/
4 KB
5 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/10/Untitled-design-3-150x150.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7cc76ca3e09766e39dbc4fa9486a53cd2d0a6540be839d247a899a3e5938fd32
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Wed, 26 Oct 2022 02:32:53 GMT
Server
Apache
ETag
"11d8-5ebe6d77423d1"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
4568
6-150x150.png
dollarflightclub.com/wp-content/uploads/2020/07/
3 KB
3 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2020/07/6-150x150.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5c05ad4614e4dbdad4ae694e311f86580afbc0e1592e8a7c7164eede9902e523
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Thu, 02 Jul 2020 20:41:10 GMT
Server
Apache
ETag
"a7f-5a97b6dbfe98f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
2687
Untitled-design-5-150x150.png
dollarflightclub.com/wp-content/uploads/2022/10/
3 KB
4 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/10/Untitled-design-5-150x150.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
4056ba5d36b8a1ec9a6cb990ccf60630b050bbc165564d5c2cf2a7a7e7b55ce3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Thu, 27 Oct 2022 13:09:21 GMT
Server
Apache
ETag
"d72-5ec03d97d50b6"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
3442
Untitled-design-7-150x150.png
dollarflightclub.com/wp-content/uploads/2022/10/
3 KB
3 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/10/Untitled-design-7-150x150.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fa89a14fe95a49dad894a1e3c1e53566b2e7697042a4a9e1c02dda667251352c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Sun, 30 Oct 2022 09:10:43 GMT
Server
Apache
ETag
"ab7-5ec3cdd98ed99"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
2743
logos-3.23-150x150.png
dollarflightclub.com/wp-content/uploads/2022/11/
2 KB
2 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/11/logos-3.23-150x150.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f322b4cf5f758214277a24f0f0c52c178cb8f7ab35b7dbf4afbd595e76b33ecf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:04 GMT
Last-Modified
Mon, 07 Nov 2022 15:34:39 GMT
Server
Apache
ETag
"661-5ece3295deeb3"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
1633
modules.cb0a2331e3447a704b9f.js
script.hotjar.com/
263 KB
68 KB
Script
General
Full URL
https://script.hotjar.com/modules.cb0a2331e3447a704b9f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-945023.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-42.fra2.r.cloudfront.net
Software
/
Resource Hash
efd73dde524aebbb466d7333c1d9984e0529ba73a6be6a7b473a22925ac6e170
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
239218
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68737
last-modified
Fri, 24 Feb 2023 14:04:56 GMT
etag
"08ea78b1ac084a6c6a240b600e18b918"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Qo6sYb_ZNWiqjn21dokLsnLaixE7fmLalFA952V8QWgt23wGxyBDEQ==
727906580679944
connect.facebook.net/signals/config/
378 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/727906580679944?v=2.9.97&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3148990f9682e08774abe7214ad43640ad424dae014448b472c6df108d31101e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 27 Feb 2023 08:32:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2qlQLdTQBxpBTnXhjB55Ms7+h0NkR7vuenAyy47pcOeo5uxm9KkUBs4TJt+Kc4lVX4eLH/r7WjZVVFmsUXu86w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync-container.js
b-code.liadm.com/
6 KB
3 KB
Script
General
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-07np.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding
gzip
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
date
Wed, 08 Feb 2023 01:07:19 GMT
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1668286
x-amz-server-side-encryption
AES256
etag
W/"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=2592000
x-amz-cf-id
x--Np3bD2DthtzU80IxNlr8spfWPFC9G58XntWGHPMB34uk1G29lOQ==
collect
www.google-analytics.com/j/
2 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1618087619&t=pageview&_s=1&dl=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&ul=en-us&de=UTF-8&dt=Fiji%20Adventure%20Sweepstakes%20-%20Dollar%20Flight%20Club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1891983743&gjid=495889690&cid=1568255031.1677486725&tid=UA-125916046-1&_gid=1559332290.1677486725&_r=1&gtm=457e32m0&z=1061472423
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dollarflightclub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 08:32:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dollarflightclub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=727906580679944&ev=PageView&dl=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&rl=&if=false&ts=1677486724792&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677486724791.313724106&it=1677486724632&coo=false&rqm=GET
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 27 Feb 2023 08:32:04 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1677486724840&aid=a-07np&se=e30&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&tna=v2.6.0&pu=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&wpn=lc...
  • https://rp4.liadm.com/j?dtstmp=1677486724840&aid=a-07np&se=e30&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&tna=v2.6.0&pu=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&wpn=l...
13 B
552 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1677486724840&aid=a-07np&se=e30&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&tna=v2.6.0&pu=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&wpn=lc-bundle&c=PHRpdGxlPkZpamkgQWR2ZW50dXJlIFN3ZWVwc3Rha2VzIC0gRG9sbGFyIEZsaWdodCBDbHViPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iV2luIHJvdW5kdHJpcCBmbGlnaHRzIHRvIFllbGxvd3N0b25lIE5hdGlvbmFsIFBhcmsgaG9zdGVkIGJ5IERvbGxhciBGbGlnaHQgQ2x1YiEgRmx5IGludG8gYW4gYWR2ZW50dXJlIGFuZCBleHBlcmllbmNlIGFsbCB0aGF0IHRoaXMgYmVhdXRpZnVsIGRlc3RpbmF0aW9uIGhhcyB0byBvZmZlci4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2RvbGxhcmZsaWdodGNsdWIuY29tL2ZpamktYWR2ZW50dXJlLXN3ZWVwc3Rha2VzLTIvIj48aDEgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlciI-RklKSTwvaDE-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXIiPkFEVkVOVFVSRSBHSVZFQVdBWTwvaDE-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojk%3D&n3pc=true
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Server
34.193.23.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-23-165.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
x-pixel-event-id
90a8cdba-2289-40ce-bfcb-66b44c487b26
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
9883191fa430fb1b
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Mon, 27 Feb 2023 08:32:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1677486724840&aid=a-07np&se=e30&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&tna=v2.6.0&pu=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&wpn=lc-bundle&c=PHRpdGxlPkZpamkgQWR2ZW50dXJlIFN3ZWVwc3Rha2VzIC0gRG9sbGFyIEZsaWdodCBDbHViPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iV2luIHJvdW5kdHJpcCBmbGlnaHRzIHRvIFllbGxvd3N0b25lIE5hdGlvbmFsIFBhcmsgaG9zdGVkIGJ5IERvbGxhciBGbGlnaHQgQ2x1YiEgRmx5IGludG8gYW4gYWR2ZW50dXJlIGFuZCBleHBlcmllbmNlIGFsbCB0aGF0IHRoaXMgYmVhdXRpZnVsIGRlc3RpbmF0aW9uIGhhcyB0byBvZmZlci4iPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2RvbGxhcmZsaWdodGNsdWIuY29tL2ZpamktYWR2ZW50dXJlLXN3ZWVwc3Rha2VzLTIvIj48aDEgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlciI-RklKSTwvaDE-PGgxIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXIiPkFEVkVOVFVSRSBHSVZFQVdBWTwvaDE-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojk%3D&n3pc=true
access-control-allow-origin
https://dollarflightclub.com
request-time
0
access-control-allow-credentials
true
trace-id
ecdf8bf70e3062ef
content-length
0
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/
4 B
352 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-125916046-1&cid=1568255031.1677486725&jid=1891983743&gjid=495889690&_gid=1559332290.1677486725&_u=YEBAAUAAAAAAACAAI~&z=1486113643
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dollarflightclub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 27 Feb 2023 08:32:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dollarflightclub.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-125916046-1&cid=1568255031.1677486725&jid=1891983743&_u=YEBAAUAAAAAAACAAI~&z=1899850855
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 08:32:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-125916046-1&cid=1568255031.1677486725&jid=1891983743&_u=YEBAAUAAAAAAACAAI~&z=1899850855
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 08:32:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTE3ZGZjMmFkMQ.js
analytics.tiktok.com/i18n/pixel/static/
252 KB
67 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDRCO2JC77U2BHNF46EG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-122.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4d9074e3fda26a28e6500d3a1cbaa23bddaecd66d2e6129d850f3cdc40884906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id
10e5bdf4
date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023022114532635BF53AC7D5A5083BEA0
vary
Accept-Encoding
x-cache
TCP_HIT from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018746bbfbd6f3117ffc073f7dceddd409849282bc5cab67bc01841d104f56874e2a2ddb3333eb3b6623c038c856ed9db7076d47e23754f2256a003301a4bac44ebe5fc7a89d2b2a9875df2b65191954672929a08919fb71c85eee29b7a86f6d3c
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length
68215
fiji-adventure-sweepstakes
kingsumo.com//g/vowgfu/ Frame 0031
16 KB
6 KB
Document
General
Full URL
https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Requested by
Host: kingsumo.com
URL: https://kingsumo.com/js/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.86.95.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-95-232.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e38b3c0dd17fe35a70b8e6c5c1988b5ab09996160ac92e402065a52f318be069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dollarflightclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 08:32:05 GMT
expires
-1
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
21-2.png
dollarflightclub.com/wp-content/uploads/2020/08/
70 KB
70 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2020/08/21-2.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
572063a519e0f514fb8c502a8c58db8dc31c5654a1a023437422bd4763814fb1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Tue, 11 Aug 2020 20:50:28 GMT
Server
Apache
ETag
"11787-5aca038a70e7c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
71559
20-2.png
dollarflightclub.com/wp-content/uploads/2020/08/
62 KB
63 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2020/08/20-2.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c5b5596d79f43551f448d6db57c6e6fe71088013d32a71b00634b2f0f4e4e06c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Tue, 11 Aug 2020 20:50:11 GMT
Server
Apache
ETag
"f96c-5aca037a3d7e5"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
63852
19-2.png
dollarflightclub.com/wp-content/uploads/2020/08/
122 KB
123 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2020/08/19-2.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
2321a958511643cba274924e61612d0636dd8c28204ce1a41bb1e7c013aea64a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Tue, 11 Aug 2020 20:49:31 GMT
Server
Apache
ETag
"1e998-5aca0353a6b45"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
125336
18-2.png
dollarflightclub.com/wp-content/uploads/2020/08/
125 KB
125 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2020/08/18-2.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f86bd7f41d14bcd6c5fff0b35d9ca7e21d16824d93a92bf5f4263e31e358441b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Tue, 11 Aug 2020 20:48:38 GMT
Server
Apache
ETag
"1f30e-5aca032187cd5"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
127758
2AZtQr71z-c
www.youtube.com/embed/ Frame 8FD3
66 KB
27 KB
Document
General
Full URL
https://www.youtube.com/embed/2AZtQr71z-c
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6d7dde19006b8b91d2bc4938e496cb62626265e393ee97e551d3cddb185161d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dollarflightclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 08:32:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
IIFe9wEyjNk
www.youtube.com/embed/ Frame DBF2
66 KB
28 KB
Document
General
Full URL
https://www.youtube.com/embed/IIFe9wEyjNk
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e84ba17064b80311ede3c628425e243688ee49e53bcd70fc2d6357250fe58a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dollarflightclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 08:32:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
Sweepstake-Landing-Page-Images-2.png
dollarflightclub.com/wp-content/uploads/2022/10/
958 KB
959 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/10/Sweepstake-Landing-Page-Images-2.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f052f0fad1f828f1e6f8386cbfaab632bc985748adef85934d157ad9d5d5f2cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Wed, 26 Oct 2022 02:54:47 GMT
Server
Apache
ETag
"ef963-5ebe725ceca0f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=83
Content-Length
981347
Sweepstake-Landing-Page-Images-1.png
dollarflightclub.com/wp-content/uploads/2022/10/
706 KB
706 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/10/Sweepstake-Landing-Page-Images-1.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
330ce8ea29318b0705e160099de66a5413331b55771e6ff6eec883071016df24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:06 GMT
Last-Modified
Wed, 26 Oct 2022 02:50:18 GMT
Server
Apache
ETag
"b07e6-5ebe715c4b95a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
722918
quant.js
secure.quantserve.com/
21 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
gzip
etag
"liYNKlRv1+e+pwbkZBrDjQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 06 Mar 2023 08:32:05 GMT
DFC-background.jpg
dollarflightclub.com/wp-content/uploads/2019/02/
225 KB
225 KB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2019/02/DFC-background.jpg
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5cb0b2f5eb4883f5e386962a57e78d01db9f5fbb6e7f98298fe9e72ea47a9fcf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:06 GMT
Last-Modified
Sat, 02 Feb 2019 00:59:39 GMT
Server
Apache
ETag
"3830e-580dec627decd"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
230158
identify_cab4d.js
analytics.tiktok.com/i18n/pixel/static/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-122.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-akamai-request-id
10e5bebc
date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023022114532525F59E44AB664D2A29A1
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018d7917d3add05ae924503078f5adf5d51e5d2cc3ace9c757846efa3890a8255273266fa4d7a5b5e3e02ea43d754ce0603ebef0d9cd17df1c73dbbc3d19fda9179d02ba7781121896b6551c93f53e89a320d6fc0807eed897567b9154336a1679
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length
30763
pixel
analytics.tiktok.com/api/v2/
0
689 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.97.122 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-97-122.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dollarflightclub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
10f1650e.10e5bf18
date
Mon, 27 Feb 2023 08:32:05 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a2-23-97-118.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time
130,2.23.97.118
server-timing
cdn-cache; desc=MISS, edge; dur=109, origin; dur=25, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230227083205689465C786190C9B140D
x-cache-remote
TCP_MISS from a23-46-239-77.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
25,23.46.239.77
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc7318aef130a1e01239c9ba401225f6443640c0d742d672f831a4a467d8f28f9c2e98bcbeb73657b4fda570c156905a6397ab8004cf6bc03c44150076526ddca734480d5b3af09c3914247897c0f5796f28c95ace39d1ac4d38b70225e8a7951b5ba
expires
Mon, 27 Feb 2023 08:32:05 GMT
rules-p-brHrpdX4hwhmy.js
rules.quantcount.com/
160 B
641 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-brHrpdX4hwhmy.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd11935edc02f9fa1e754c0be00911623028aa3334e36188365dc39b10817352

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:39:02 GMT
via
1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
3184
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:18 GMT
server
AmazonS3
etag
"6429218279c9201c19f58dceec57f991"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
0LTrg7wMnN3iHfW1BjEkvcpT5gPO1nAHss-diUQ4uPqmVok1H8IK9w==
www-player.css
www.youtube.com/s/player/9419f2ea/ Frame DBF2
396 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/9419f2ea/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e5a350e35882205d6ffa3c8c493a2746268c8297fcd867349c95d88b93b2f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52120
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
/
www.facebook.com/tr/ Frame DB63
0
75 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://dollarflightclub.com
Referer
https://dollarflightclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://dollarflightclub.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 08:32:05 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DBF2
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 15:27:04 GMT
x-content-type-options
nosniff
age
320701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DBF2
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:28:44 GMT
x-content-type-options
nosniff
age
396201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 18:28:44 GMT
www-embed-player.js
www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/ Frame DBF2
346 KB
108 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc05612abb942f1c013091f152ff58185c1eb77cae883f3c58d19e01efc9d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110661
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
base.js
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame DBF2
2 MB
602 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c597dd42d415ed20721af88a0b1960c390d5fc6e6c6d65c957c5b17525a115f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
260908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
616341
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:03:37 GMT
fetch-polyfill.js
www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/ Frame DBF2
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
www-player.css
www.youtube.com/s/player/9419f2ea/ Frame 8FD3
396 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/9419f2ea/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e5a350e35882205d6ffa3c8c493a2746268c8297fcd867349c95d88b93b2f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52120
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8FD3
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 15:27:04 GMT
x-content-type-options
nosniff
age
320701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8FD3
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:28:44 GMT
x-content-type-options
nosniff
age
396201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 18:28:44 GMT
www-embed-player.js
www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/ Frame 8FD3
346 KB
108 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc05612abb942f1c013091f152ff58185c1eb77cae883f3c58d19e01efc9d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110661
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
base.js
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame 8FD3
2 MB
0
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
260908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
616341
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:03:37 GMT
fetch-polyfill.js
www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/ Frame 8FD3
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
js
www.googletagmanager.com/gtag/ Frame 0031
111 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-52269-18
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
294ba876908c3234207c75c2ba7ffb7b0fddfc31caa9b067bd3a4967fa681618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44556
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Feb 2023 08:32:05 GMT
giveaway.css
kingsumo.b-cdn.net/css/ Frame 0031
164 KB
30 KB
Stylesheet
General
Full URL
https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
7c843b8625e7c185ab405a8c37aa19f9f1e6f9d5a31c996a8c01e5d54cde6999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1082
cdn-cachedat
02/04/2023 13:22:43
cdn-pullzone
103603
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 20:09:47 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63dd6a0b-28fa2"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
87409456ace8aae24f449089cff781e7
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
winner.svg
kingsumo.b-cdn.net/img/giv/ Frame 0031
2 KB
1 KB
Image
General
Full URL
https://kingsumo.b-cdn.net/img/giv/winner.svg
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
87e070f0e9784bf33ffa12691316e78cbd1954752e9bdbf4f42f926edfdbed65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1077
cdn-cachedat
02/03/2023 09:35:27
cdn-pullzone
103603
x-xss-protection
1; mode=block
last-modified
Wed, 18 Jan 2023 17:03:17 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63c82655-6f8"
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
6dadf9005498c03f104e4493323111e5
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
K9tyHJLZ6W5ImJ3Bc2OrS35RlTMYndWlwXIOrwWy.png
kingsumowebapp.b-cdn.net/logos/ Frame 0031
17 KB
17 KB
Image
General
Full URL
https://kingsumowebapp.b-cdn.net/logos/K9tyHJLZ6W5ImJ3Bc2OrS35RlTMYndWlwXIOrwWy.png
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
c456b369b0747228ea1d3598f3b95ee75ce847ae66ce3a3770f53e184b6ef16f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
cdn-edgestorageid
1082
x-amz-request-id
FH3TAN2CNSMNZQWM
cdn-cachedat
02/27/2023 08:32:05
cdn-pullzone
120658
content-length
17354
x-amz-id-2
w3pLsWQhUEu6+3F39ClxMtbPIsXyadiDHTkpU2nFG9bQ+tGAJ7q6aOpuPVJ0Nu+Tz/x+axTlncc=
last-modified
Mon, 10 May 2021 21:38:05 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"1527a0f65f3fed21cf1c24eb6ed8a978"
content-type
image/png
cdn-cache
MISS
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
16573fc03550b9782bb7bcb723244f81
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
logo-plain.svg
kingsumo.b-cdn.net/img/ Frame 0031
3 KB
2 KB
Image
General
Full URL
https://kingsumo.b-cdn.net/img/logo-plain.svg
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
d78eee5e147ece6afe84fb611720089981207201aa90588a682758f13fb2eac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1080
cdn-cachedat
02/04/2023 11:14:01
cdn-pullzone
103603
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 20:07:58 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63dd699e-dc2"
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
5aae2f5ed55a6c235b8f5f3bfa6282bc
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
app-giveaway.js
kingsumo.b-cdn.net/js/ Frame 0031
323 KB
108 KB
Script
General
Full URL
https://kingsumo.b-cdn.net/js/app-giveaway.js?id=02abf6e6093beaad0c7e
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
55c53ffd3583d9f8a2e58bd20a11cffd1d92d9da2d98291a1b6e8089be7eece3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1075
cdn-cachedat
02/03/2023 09:18:29
cdn-pullzone
103603
x-xss-protection
1; mode=block
last-modified
Wed, 18 Jan 2023 17:04:58 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63c826ba-50c92"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
e8f66e351e6c175eae9942dd14e526c1
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
embed.js
kingsumo.b-cdn.net/js/ Frame 0031
34 KB
13 KB
Script
General
Full URL
https://kingsumo.b-cdn.net/js/embed.js?id=6269564294f1b6324600
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
50126020728fee9d02e0bc1e939ff74e5e2f54e564a92877a2cb2f59bebb3f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:07 GMT
content-encoding
br
cdn-edgestorageid
723
cdn-cachedat
02/27/2023 08:32:07
cdn-pullzone
103603
last-modified
Monday, 27-Feb-2023 08:32:07 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
no-store, must-revalidate, proxy-revalidate, no-cache, max-age=0
cdn-requestid
a7eaea3bd7054e0b5bc56aa2af458627
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pixel;r=1056212368;source=wp;rf=0;a=p-brHrpdX4hwhmy;url=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F;uht=2;fpan=1;fpa=P0-1696495539-1677486725197;pbc=;ns=0;ce=1;qjs=1;qv=463...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1056212368;source=wp;rf=0;a=p-brHrpdX4hwhmy;url=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F;uht=2;fpan=1;fpa=P0-1696495539-1677486725197;pbc=;ns=0;ce=1;qjs=1;qv=463953fd-20230224153512;cm=;gdpr=0;ref=;d=dollarflightclub.com;dst=0;et=1677486725387;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Peru%20Adventure%20Giveaway%20by%20Dollar%20Flight%20Club%2Cdescription.Win%20flight%20cash%20and%20a%20Peru%20trip%20hosted%20by%20Dollar%20Flight%20Club!%20Fly%20into%20an%20advent%2Curl.https%3A%2F%2Fdollarflightclub%252Ecom%2Ffiji-adventure-sweepstakes-2%2F%2Csite_name.Dollar%20Flight%20Club%2Cimage.https%3A%2F%2Fdollarflightclub%252Ecom%2Fwp-content%2Fuploads%2F2022%2F09%2FSocial-Share-Banners%252Epng%2Cimage%3Awidth.1200%2Cimage%3Aheight.630;ses=b5599176-9e78-427c-8fab-2935a71bd9cb
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 08:32:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 0031
216 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-11WLFMD2HS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52269-18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ba0ad0cdeac9550106ed4162e639ff3b6419698e20a2598ab6a5f1f354af6fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77908
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Feb 2023 08:32:05 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-127.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

unused62
8096267
date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3DA20F33DFB043F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=38109
accept-ranges
bytes
content-length
948
x-amz-id-2
g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=
visit-data
in.hotjar.com/api/v2/client/sites/945023/
148 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/945023/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cb0a2331e3447a704b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.149.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-149-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b8a169e23c2ba4328eed7c91773d6be70514ede65b80e4569fc95472aa26bd86

Request headers

Referer
https://dollarflightclub.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
300lo.json
m.addthis.com/live/red_lojson/
89 B
249 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=63fc6a85c79d863b&bkl=0&bl=1&pdt=1072&sid=63fc6a85c79d863b&pub=wp-c5d52402499733790c4c2e44ff7bc196&rev=v8.28.8-wp&ln=en&pc=wpp&cb=0&ab=-&dp=dollarflightclub.com&fp=fiji-adventure-sweepstakes-2%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1677486725590&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-c5d52402499733790c4c2e44ff7bc196%22%2C%22page_info%22%3A%7B%22template%22%3A%22pages%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=4097&uvs=63fc6a85cc2ecb4d000&skipb=1&callback=addthis.cbs.jsonp__86748224786409470
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b9039097cb3a111f2ea97174fab19964412fd5100d863d9e934f596c276d0da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 08:32:05 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0248
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 6093
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://dollarflightclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Mon, 27 Feb 2023 08:32:05 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
css
fonts.googleapis.com/ Frame 0031
20 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i
Requested by
Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97169af18480b6433f39367d2d1c8dc4e03d8a07a847ba6c5755f4f2fbf31665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.b-cdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 08:32:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 08:32:05 GMT
Sweepstakes-Page-Background-2.png
dollarflightclub.com/wp-content/uploads/2022/10/
2 MB
2 MB
Image
General
Full URL
https://dollarflightclub.com/wp-content/uploads/2022/10/Sweepstakes-Page-Background-2.png
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a430c76595d3a65e132a989411c1dcaa48cfe773011b8c10fa5891df053c1c2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Wed, 26 Oct 2022 02:43:06 GMT
Server
Apache
ETag
"186a40-5ebe6fc02dfaf"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
1600064
slider.woff
dollarflightclub.com/wp-content/plugins/so-widgets-bundle/css/slider/fonts/
2 KB
2 KB
Font
General
Full URL
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/css/slider/fonts/slider.woff?8p86w5
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/css/slider/slider.css?ver=1.37.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7008b6f413eae5e872b1228ba6c876da9769ce4c48b45282ec1838a2942784d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dollarflightclub.com/wp-content/plugins/so-widgets-bundle/css/slider/slider.css?ver=1.37.0
Origin
https://dollarflightclub.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:05 GMT
Last-Modified
Fri, 08 Jul 2022 00:20:53 GMT
Server
Apache
ETag
"780-5e3402cd79a21"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=84
Content-Length
1920
2AZtQr71z-c
www.youtube.com/embed/ Frame EADB
66 KB
27 KB
Document
General
Full URL
https://www.youtube.com/embed/2AZtQr71z-c
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82e504c67300330e40d09b56532c3de6f412b521e74633c3a4726ff1de23a9be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dollarflightclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 08:32:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
IIFe9wEyjNk
www.youtube.com/embed/ Frame 7844
66 KB
27 KB
Document
General
Full URL
https://www.youtube.com/embed/IIFe9wEyjNk
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b17bc9ea1511bc722704292a441d847b9d9674d265dd4372780b5d1b56f6c88f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dollarflightclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 08:32:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
h
heapanalytics.com/
37 B
261 B
Image
General
Full URL
https://heapanalytics.com/h?a=1818647419&u=6109187936516074&v=8480312579733449&s=6256565315212132&b=web&tv=4.0&z=0&h=%2Ffiji-adventure-sweepstakes-2%2F&d=dollarflightclub.com&t=Fiji%20Adventure%20Sweepstakes%20-%20Dollar%20Flight%20Club&ts=1677486725702&st=1677486725704
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.117.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-117-104.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 08:32:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
a-07np
i.liadm.com/s/c/ Frame 1B29
1 KB
1 KB
Document
General
Full URL
https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.131.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-131-58.compute-1.amazonaws.com
Software
/
Resource Hash
850e0db135b56da353b99def5e339c9ae773b0b5c6591569143f81e0e07bf343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dollarflightclub.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
674
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Feb 2023 08:32:06 GMT
Request-Time
6
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
sdk.js
connect.facebook.net/en_US/ Frame 0031
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6474fc05cc17dd2a7008aa90a002b962670cf890c139e90c3add75ed99230f64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 08:32:05 GMT
content-md5
8sEl/AyUR65wcstcajhm/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
F3fF31gFjJRizMHz8OBsKif8thvPUtuZbH0pvIkpa/WBQRVAtp9fukQLqDCiCYsEGII5IZwKNLn9RMQBmkBKuA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
be98a18e3e5644a53c0e6c11291d254e
cross-origin-opener-policy
same-origin-allow-popups
etag
"758521a7f4e033eb55fa445e387ee770"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 27 Feb 2023 08:35:03 GMT
www-player.css
www.youtube.com/s/player/9419f2ea/ Frame EADB
396 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/9419f2ea/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e5a350e35882205d6ffa3c8c493a2746268c8297fcd867349c95d88b93b2f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52120
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
www-player.css
www.youtube.com/s/player/9419f2ea/ Frame 7844
396 KB
51 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/9419f2ea/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e5a350e35882205d6ffa3c8c493a2746268c8297fcd867349c95d88b93b2f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52120
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
www-embed-player.js
www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/ Frame 7844
346 KB
108 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc05612abb942f1c013091f152ff58185c1eb77cae883f3c58d19e01efc9d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110661
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
base.js
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame 7844
2 MB
602 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c597dd42d415ed20721af88a0b1960c390d5fc6e6c6d65c957c5b17525a115f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
260908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
616341
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:03:37 GMT
fetch-polyfill.js
www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/ Frame 7844
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
1f642.svg
s.w.org/images/core/emoji/14.0.0/svg/
525 B
541 B
Image
General
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f642.svg
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:50:59 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f389.svg
s.w.org/images/core/emoji/14.0.0/svg/
3 KB
1 KB
Image
General
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f389.svg
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
194de9942601b9a42cc9ea79663aaca170816cfc07cbe8b2a568852427fa7088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 27 Feb 2023 08:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:50:38 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EADB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 15:27:04 GMT
x-content-type-options
nosniff
age
320701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EADB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:28:44 GMT
x-content-type-options
nosniff
age
396201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 18:28:44 GMT
www-embed-player.js
www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/ Frame EADB
346 KB
108 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc05612abb942f1c013091f152ff58185c1eb77cae883f3c58d19e01efc9d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110661
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
base.js
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame EADB
2 MB
602 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c597dd42d415ed20721af88a0b1960c390d5fc6e6c6d65c957c5b17525a115f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
260908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
616341
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:03:37 GMT
fetch-polyfill.js
www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/ Frame EADB
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
261098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:00:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7844
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 15:27:04 GMT
x-content-type-options
nosniff
age
320701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7844
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:28:44 GMT
x-content-type-options
nosniff
age
396201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 18:28:44 GMT
sdk.js
connect.facebook.net/en_US/ Frame 0031
301 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=169a56dfc71b0bd12117f2a43ab15e40
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b1cc443f27200f128ac0c85dc8050dd869ac511974377220ba92a6a5f68d317a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://kingsumo.com/
Origin
https://kingsumo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 08:32:05 GMT
content-md5
XvOTcjzYgR5lhY62DUzhyw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87017
x-fb-rlafr
0
x-fb-debug
e5kg7pEMiVMjEx8c9oDzGyKeHNP8Q+aIspMiDXU+TZ9lFts4ZCVE5/pfWPQpltlwBosYS5udxMXMKSPc0HUP7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a584c4ae27943951ceb37620004d7150
cross-origin-opener-policy
same-origin-allow-popups
etag
"a16751d52abc3c2346eb02b5b203f27e"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 27 Feb 2024 06:24:26 GMT
/
www.facebook.com/tr/ Frame 0031
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=410195246098431&ev=fb_page_view&dl=https%3A%2F%2Fkingsumo.com%2F%2Fg%2Fvowgfu%2Ffiji-adventure-sweepstakes%3Fe%3Dhttps%253A%252F%252Fdollarflightclub.com%252Ffiji-adventure-sweepstakes-2%252F%26utm_source%3Dhttps%253A%252F%252Fdollarflightclub.com%252Ffiji-adventure-sweepstakes-2%252F%26utm_campaign%3Dembed&rl=https%3A%2F%2Fdollarflightclub.com%2F&if=true&ts=1677486726005&sw=1600&sh=1200&at=
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 27 Feb 2023 08:32:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
id
googleads.g.doubleclick.net/pagead/ Frame 7844
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e780738bbc0810ffef6e915949289ff276125ec49e38bdd14c2ded5c12af053c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 27 Feb 2023 08:32:06 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 7844
29 B
495 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:22:46 GMT
x-content-type-options
nosniff
age
560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Feb 2023 08:37:46 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 27 Feb 2023 08:32:06 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7844
65 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ee03524774ff8617dd08296d5ed960a96a3723e39c04c691f98283bfbecba6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30560
x-xss-protection
0
remote.js
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame 7844
116 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0258f92749598b55dc7dae43bb611ce3c5b3f490d62a5c96247dd94bcc9bbe7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
260587
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36521
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:08:59 GMT
vFaDJfJIVm6qJwr1Q_TXlkK1mHEnJDS7cZNH7dA7Ljk.js
www.google.com/js/th/ Frame 7844
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/vFaDJfJIVm6qJwr1Q_TXlkK1mHEnJDS7cZNH7dA7Ljk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc568325f248566eaa270af543f4d79642b59871272434bb719347edd03b2e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 05:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14059
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 05:58:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/IIFe9wEyjNk/ Frame 7844
39 KB
40 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/IIFe9wEyjNk/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edf369b7619407aad4d2c7f696edbb6ec7915ea5671a5e0bce1dc21eda5ce442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
x-content-type-options
nosniff
server
sffe
etag
"1612419613"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40258
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Feb 2023 10:32:06 GMT
embed.js
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame 7844
27 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f973da93d95af2cc415e022c5481cd7e257ad7abb6c39fb49c35256e51509c49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
260615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8518
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:08:31 GMT
truncated
/ Frame 7844
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJVt0n2Fm9RHmNLg5ZpIkn0TdBtggotWjf6532Q57Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7844
4 KB
5 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AL5GRJVt0n2Fm9RHmNLg5ZpIkn0TdBtggotWjf6532Q57Q=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c8e70c0693685deb12aaf10c6919f8989afa01e4642710b53899ca266986ac21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4459
x-xss-protection
0
server
fife
etag
"v3d3"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 23 Feb 2023 10:12:30 GMT
95917f934ded40a09f9bdd08e805f695
i.liadm.com/s/e/a-07np/0/ Frame 1B29
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-07np%2F0%2F95917f934ded40a09f9bdd08e805f695%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&c4f20df4-47aa-4774-97ac-476...
  • https://i.liadm.com/s/e/a-07np/0/95917f934ded40a09f9bdd08e805f695?mpid=7156&muid=293563fc-6a86-4600-ac2a-0e6da2a99bbc
43 B
274 B
Image
General
Full URL
https://i.liadm.com/s/e/a-07np/0/95917f934ded40a09f9bdd08e805f695?mpid=7156&muid=293563fc-6a86-4600-ac2a-0e6da2a99bbc
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
52.6.131.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-131-58.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:06 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Date
Mon, 27 Feb 2023 08:32:06 GMT
Server
MT3 530 4e92630 master zrh-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://i.liadm.com/s/e/a-07np/0/95917f934ded40a09f9bdd08e805f695?mpid=7156&muid=293563fc-6a86-4600-ac2a-0e6da2a99bbc
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Feb 2023 08:32:05 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1B29
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 27 Feb 2023 08:32:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
52164
i.liadm.com/s/ Frame 1B29
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=c4f20df4-47aa-4774-97ac-476a1fc9f87c&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=c4f20df4-47aa-4774-97ac-476a1fc9f87c&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=ae059818-6eb8-4cbc-87a5-459d53a51cce
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=c4f20df4-47aa-4774-97ac-476a1fc9f87c
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&&user_id=p5ncY6fLgjW8nI8zp5mXOPTIgjG8z45loZ-s4V-n
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=ae059818-6eb8-4cbc-87a5-459d53a51cce
43 B
436 B
Image
General
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=ae059818-6eb8-4cbc-87a5-459d53a51cce
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
52.6.131.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-131-58.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:07 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=ae059818-6eb8-4cbc-87a5-459d53a51cce
date
Mon, 27 Feb 2023 08:32:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
95917f934ded40a09f9bdd08e805f695
i.liadm.com/s/e/a-07np/0/ Frame 1B29
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=c4f20df4-47aa-4774-97ac-476a1fc9f87c&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-07np%2F0%2F95917f934ded40a09f9bdd08e805f695%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=c4f20df4-47aa-4774-97ac-476a1fc9f87c&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-07np%2F0%2F95917f934ded40a09f9bdd08e805f695%3Fmp...
  • https://i.liadm.com/s/e/a-07np/0/95917f934ded40a09f9bdd08e805f695?mpid=82775&muid=84825250284122469600530243571473249119
43 B
274 B
Image
General
Full URL
https://i.liadm.com/s/e/a-07np/0/95917f934ded40a09f9bdd08e805f695?mpid=82775&muid=84825250284122469600530243571473249119
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
52.6.131.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-131-58.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:07 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-2-v046-02d41f003.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
a41b7tauQdk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-07np/0/95917f934ded40a09f9bdd08e805f695?mpid=82775&muid=84825250284122469600530243571473249119
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame 1B29
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c4f20df4-47aa-4774-97ac-476a1fc9f87c
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c4f20df4-47aa-4774-97ac-476a1fc9f87c&rd=Y
43 B
603 B
Image
General
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c4f20df4-47aa-4774-97ac-476a1fc9f87c&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Mon, 27 Feb 2023 08:32:07 GMT
pragma
no-cache
date
Mon, 27 Feb 2023 08:32:07 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=c4f20df4-47aa-4774-97ac-476a1fc9f87c&rd=Y
pragma
no-cache
date
Mon, 27 Feb 2023 08:32:06 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Mon, 27 Feb 2023 08:32:06 GMT
/
trc.taboola.com/sg/liveintent/1/cm/ Frame 1B29
43 B
373 B
Image
General
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 27 Feb 2023 08:32:06 GMT
via
1.1 varnish
x-served-by
cache-hhn-etou8220026-HHN
server
nginx
x-timer
S1677486726.490548,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
35004
i6.liadm.com/s/ Frame 1B29
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
43 B
436 B
Image
General
Full URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-07np?s=&cim=&ps=true&ls=true&duid=28d78e0a0480--01gt9005hjkbdcg7r291g0msgx&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:603b:acd7:290f:c7dd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 08:32:07 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date
Mon, 27 Feb 2023 08:32:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
id
googleads.g.doubleclick.net/pagead/ Frame EADB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H3
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ba653cea20ff0e6defdd95437a71b7aa85db685649c30cdeb1558a5c3db0bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 27 Feb 2023 08:32:06 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame EADB
29 B
89 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:22:46 GMT
x-content-type-options
nosniff
age
560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Feb 2023 08:37:46 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 27 Feb 2023 08:32:06 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EADB
65 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e880116b5ac3010d5eb6d223b38dea6d2f6c2bb172cbf3d763e4bf1e9facf4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30634
x-xss-protection
0
remote.js
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame EADB
116 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0258f92749598b55dc7dae43bb611ce3c5b3f490d62a5c96247dd94bcc9bbe7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
260587
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36521
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:08:59 GMT
vFaDJfJIVm6qJwr1Q_TXlkK1mHEnJDS7cZNH7dA7Ljk.js
www.google.com/js/th/ Frame EADB
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/vFaDJfJIVm6qJwr1Q_TXlkK1mHEnJDS7cZNH7dA7Ljk.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc568325f248566eaa270af543f4d79642b59871272434bb719347edd03b2e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 05:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14059
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 05:58:09 GMT
sddefault.webp
i.ytimg.com/vi_webp/2AZtQr71z-c/ Frame EADB
35 KB
35 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/2AZtQr71z-c/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da2109f72ff833d308062c17512c246f104815d8b6888d41b4290aec492c30a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
x-content-type-options
nosniff
server
sffe
etag
"1624406596"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35890
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Feb 2023 10:32:06 GMT
embed.js
www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/ Frame EADB
27 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f973da93d95af2cc415e022c5481cd7e257ad7abb6c39fb49c35256e51509c49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
260615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8518
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 01:53:09 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Feb 2024 08:08:31 GMT
truncated
/ Frame EADB
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJVt0n2Fm9RHmNLg5ZpIkn0TdBtggotWjf6532Q57Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame EADB
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AL5GRJVt0n2Fm9RHmNLg5ZpIkn0TdBtggotWjf6532Q57Q=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c8e70c0693685deb12aaf10c6919f8989afa01e4642710b53899ca266986ac21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4459
x-xss-protection
0
server
fife
etag
"v3d3"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 23 Feb 2023 10:12:30 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 7844
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0ec766b0f25d8fabd14884a44e66b180a8b1f43285adf4a1d087240d6364563
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 27 Feb 2023 08:32:06 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EADB
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9248e1942c26acd6e1961fb0140759dfcd2cff0b611070fa0052e78cbb1c458c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 27 Feb 2023 08:32:06 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 7844
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 08:32:06 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame EADB
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 08:32:06 GMT
generate_204
www.youtube.com/ Frame 7844
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?m3pbmw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/IIFe9wEyjNk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
www.youtube.com/ Frame EADB
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?V2dwdg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2AZtQr71z-c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/2AZtQr71z-c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/110/ Frame 7844
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/110/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14851
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 16:13:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 28 Feb 2023 07:48:06 GMT
cast_sender.js
www.gstatic.com/eureka/clank/110/ Frame EADB
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/110/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14851
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 16:13:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 28 Feb 2023 07:48:06 GMT
7XPxpxWb8IYSwNEb6j8sfH11nTGAfNGxaYFgYLWH116453
kingsumowebapp.b-cdn.net/giveaways/ Frame 0031
552 KB
553 KB
Image
General
Full URL
https://kingsumowebapp.b-cdn.net/giveaways/7XPxpxWb8IYSwNEb6j8sfH11nTGAfNGxaYFgYLWH116453
Requested by
Host: kingsumo.com
URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
609a027e17ec3f399802ad39038f267014bdc1838a26f8ea5eab2de9b73829c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:08 GMT
cdn-edgestorageid
863
x-amz-request-id
CV6R6WXZPJ9Z31VP
cdn-cachedat
02/27/2023 08:32:08
cdn-pullzone
120658
content-length
565335
x-amz-id-2
pcmUgGBVfh+8SKhNKSUlZIFxbOMOgQUVTqIwj1tPTLhqnfSVznupbe5A3tHIX0fI5Yiy7rNaEgk=
last-modified
Wed, 26 Oct 2022 02:45:23 GMT
server
BunnyCDN-DE1-1082
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"02bd8caf3584363fedca867fe2ab14e0"
content-type
image/png
cdn-cache
MISS
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
147824c65dbbccdd9be05ac4af8f7d7a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
over-ribbon.svg
kingsumo.b-cdn.net/img/giv/ Frame 0031
3 KB
2 KB
Image
General
Full URL
https://kingsumo.b-cdn.net/img/giv/over-ribbon.svg
Requested by
Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
a52b921c6e8a46222fd342ad6262de47895a963f49cbe589d3f1a20d44248950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1053
cdn-cachedat
02/01/2023 19:20:33
cdn-pullzone
103603
x-xss-protection
1; mode=block
last-modified
Wed, 18 Jan 2023 17:03:17 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63c82655-c53"
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
b7b383ad48485b972c6668f76d4fc200
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
hr.svg
kingsumo.b-cdn.net/img/giv/ Frame 0031
271 B
701 B
Image
General
Full URL
https://kingsumo.b-cdn.net/img/giv/hr.svg
Requested by
Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
87b6419f64939b8b29786c254e83d68a4c5f4b7be01e791ce9b478541442022b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
874
cdn-cachedat
02/26/2023 10:13:00
cdn-pullzone
103603
x-xss-protection
1; mode=block
last-modified
Fri, 03 Feb 2023 20:07:58 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63dd699e-10f"
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
f317123daf789449039a922d0b470b66
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
hr-down.svg
kingsumo.b-cdn.net/img/giv/ Frame 0031
370 B
736 B
Image
General
Full URL
https://kingsumo.b-cdn.net/img/giv/hr-down.svg
Requested by
Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
1a52040f550b42d12e69ce0d8938e5d34e703682acda505b755b62b7bcd955ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
865
cdn-cachedat
02/01/2023 18:55:41
cdn-pullzone
103603
x-xss-protection
1; mode=block
last-modified
Wed, 18 Jan 2023 17:03:17 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63c82655-172"
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
01e169abc333e2039b486c780c2b100d
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
btn-icon-arrowright.svg
kingsumo.b-cdn.net/img/giv/ Frame 0031
310 B
732 B
Image
General
Full URL
https://kingsumo.b-cdn.net/img/giv/btn-icon-arrowright.svg
Requested by
Host: kingsumo.b-cdn.net
URL: https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
5b99e9d59277dbd2407aec935502e3472c57278385b1f8a59148627aa671fb28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kingsumo.b-cdn.net/css/giveaway.css?id=5b0adde7c1dac89e63c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 08:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1077
cdn-cachedat
02/03/2023 09:32:20
cdn-pullzone
103603
x-xss-protection
1; mode=block
last-modified
Wed, 18 Jan 2023 17:03:17 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63c82655-136"
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
e4891ec653094180eaa18a2014eecbbe
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0031
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kingsumo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 01:29:06 GMT
x-content-type-options
nosniff
age
25381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Feb 2024 01:29:06 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0031
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kingsumo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 09:37:51 GMT
x-content-type-options
nosniff
age
255256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 09:37:51 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0031
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kingsumo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 06:19:10 GMT
x-content-type-options
nosniff
age
267177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 06:19:10 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0031
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono:100,300|Roboto:100,300,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kingsumo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:21:08 GMT
x-content-type-options
nosniff
age
357059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 05:21:08 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 7844
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-Goog-Request-Time
1677486728914
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/IIFe9wEyjNk
X-YouTube-Client-Version
1.20230221.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgttU0VKZktqSU1DcyiF1fGfBg%3D%3D
X-YouTube-Ad-Signals
dt=1677486726000&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C540%2C304&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 27 Feb 2023 08:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Mon, 27 Feb 2023 08:32:08 GMT
log_event
www.youtube.com/youtubei/v1/ Frame EADB
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-Goog-Request-Time
1677486728923
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/2AZtQr71z-c
X-YouTube-Client-Version
1.20230221.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgttU0VKZktqSU1DcyiF1fGfBg%3D%3D
X-YouTube-Ad-Signals
dt=1677486726008&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C540%2C304&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 27 Feb 2023 08:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Mon, 27 Feb 2023 08:32:08 GMT
idayx9bm
widget.intercom.io/widget/
8 KB
4 KB
Script
General
Full URL
https://widget.intercom.io/widget/idayx9bm
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecd52673e207772acc0e67d469cbc4cfd89f8b6214db8799b353e0f88548624a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dollarflightclub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
q8aGpMx1PwfFf9wa5qmBsBbcV6lfruam
content-encoding
gzip
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
date
Mon, 27 Feb 2023 08:28:45 GMT
x-amz-cf-pop
FRA2-C1
age
224
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3261
last-modified
Fri, 24 Feb 2023 14:04:38 GMT
server
AmazonS3
etag
"7c5a9582f5d74f00620f706ab667c54d"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
eL3YHH-pmrzfK6mtd3_NIlcHd47wNYeNE17CUqPbWMaRkmJXPL3arQ==
mod_pagespeed_beacon
dollarflightclub.com/
0
200 B
XHR
General
Full URL
https://dollarflightclub.com/mod_pagespeed_beacon?url=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F
Requested by
Host: dollarflightclub.com
URL: https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
44.230.167.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-167-61.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dollarflightclub.com/fiji-adventure-sweepstakes-2/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 27 Feb 2023 08:32:09 GMT
Cache-Control
max-age=0, no-cache
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=86
X-Frame-Options
SAMEORIGIN
frame-modern.feb17e6c.js
js.intercomcdn.com/ Frame 66AF
485 KB
129 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.feb17e6c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/idayx9bm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6e87f4f93a379f05269bddd3acd54a253a3e50a48efb9127d9cb94cf3970333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
AoJSJyxDmkc3X1wFovBkmaMYXOEssazP
content-encoding
gzip
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
date
Mon, 27 Feb 2023 08:09:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
1370
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
131296
last-modified
Fri, 24 Feb 2023 14:02:17 GMT
server
AmazonS3
etag
"cd85ccf3dc368f2a6f1f9e4c25c1de45"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
5PzUz6CR2fDovoHUQN_WaJKK5FA2GNrF0UK_WDItbYyA3F20ZN2ujw==
vendor-modern.ebc5d705.js
js.intercomcdn.com/ Frame 66AF
236 KB
73 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.ebc5d705.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/idayx9bm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c17b1a7e002c083947f21ffac64eb85fc76f5e94c2460fb64876f56f6a37fdd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
xqEwbF2CIUTKfV0UlRFPA7_.rjojaJ_c
content-encoding
gzip
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
date
Mon, 27 Feb 2023 07:46:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
2716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74395
last-modified
Fri, 24 Feb 2023 14:02:17 GMT
server
AmazonS3
etag
"5d20e022d39aabb62bf802df0269ff81"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
XLNTGGlK0sUiQ0d1-cQNI9SRuYxCuMjQvvBMSJfRMtDpTZ-imN7Udw==
ping
api-iam.intercom.io/messenger/web/ Frame 66AF
5 KB
3 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.feb17e6c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.232.141 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6d8e2cb641d8a9536276711719e3f0a0cdaec609dd821c8e2718a7726b2f6fae
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Feb 2023 08:32:10 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0be81d9dffa4bc64a
status
200 OK
x-xss-protection
1; mode=block
x-request-id
000183qc9rjmkq41h3rg
x-runtime
0.326351
server
nginx
etag
W/"6d8e2cb641d8a9536276711719e3f0a0"
x-ratelimit-remaining
13332
vary
Accept,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dollarflightclub.com
x-intercom-version
e5dd66392f2e3407f7232f33ff912998e73dbde9
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1677486740
x-ratelimit-limit
13333
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless object| _wpemojiSettings object| onepress_js_settings undefined| $ function| jQuery function| Swiper object| hashbar_localize object| Cookies object| sowb function| hj object| _hjSettings function| rfsnLoadScript function| _refersion function| fbq function| _fbq object| heap function| profitwell string| TiktokAnalyticsObject object| ttq object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| pagespeed object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| LI object| __li__evt_bus object| liQ object| liQ_instances function| _typeof2 function| __liSync object| gaplugins object| gaGlobal object| gaData function| rfsn_getQS function| rfsn_trackCartMapping function| _pushLocalStorage function| _pullLocalStorage function| r_tracker string| ua object| _rfsn boolean| _rfsn_ready boolean| KS_EMBED_LOADED object| _bsa function| _bsa_go function| _bsa_serving_callback object| intercomSettings function| Intercom object| _qevents string| addthis_product string| wp_product_version object| addthis_share object| addthis_config object| addthis_layers object| addthis_layers_tools object| addthis_plugin_info object| php_data undefined| acEnableTracking object| wpcf7 object| hashbar_analytical object| mPS2id_params object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| quantserve function| __qc object| ezt object| _qoptions object| hurrytimer_ajax_object function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| HurrytimerAction function| _typeof function| HurrytimerCampaign function| WOW function| Waypoint function| Tether function| EvEmitter function| imagesLoaded object| isMobile function| preload_images function| _to_number function| _to_bool function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| OnePress_Plus object| panelsStyles boolean| current_nav_item boolean| __@@##MUH object| twemoji object| wp function| __intercomAssignLocation function| __intercomReloadLocation

43 Cookies

Domain/Path Name / Value
dollarflightclub.com/fiji-adventure-sweepstakes-2 Name: _liChk
Value: 0.23671821962347184
i.liadm.com/s Name: _li_ss
Value: Cj4KBQgKELsUCgUIeRC7FAoFCAYQuxQKBgiBARC7FAoJCP____8HEMUUCgUICxC7FAoGCIsBELsUCgUIfhC7FA
.dollarflightclub.com/ Name: _li_dcdm_c
Value: .dollarflightclub.com
.dollarflightclub.com/ Name: _lc2_fpi
Value: 28d78e0a0480--01gt9005hjkbdcg7r291g0msgx
.dollarflightclub.com/ Name: _ga
Value: GA1.2.1568255031.1677486725
.dollarflightclub.com/ Name: _gid
Value: GA1.2.1559332290.1677486725
.dollarflightclub.com/ Name: _gat_gtag_UA_125916046_1
Value: 1
.dollarflightclub.com/ Name: _fbp
Value: fb.1.1677486724791.313724106
.tiktok.com/ Name: _ttp
Value: 2MJXamEQqfsY8ziPINKYEaKWWHM
.dollarflightclub.com/ Name: _tt_enable_cookie
Value: 1
.dollarflightclub.com/ Name: _ttp
Value: n7k3X-mTFLELOzG6yTh-3Ez1WJO
.liadm.com/ Name: lidid
Value: c4f20df4-47aa-4774-97ac-476a1fc9f87c
.youtube.com/ Name: YSC
Value: Ja14KVUdFak
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekl3TkRjMU1EWXlNek01TmpRMk5UTTBNdz09EIXV8Z8GGIXV8Z8G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: mSEJfKjIMCs
kingsumo.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ikt2QkJhdnBmV3pSRmFuWWQ3bnF4Nnc9PSIsInZhbHVlIjoiUjhzcXpDS1hqd1p0dytKSXkyTytsdkROYnFFN1BNV0l1TmRUdXRKWkc4a1FtTmsyQVl0ZU5Fakg5eEhCOElycCIsIm1hYyI6ImY3ZWRjYjNkOTk0MWNmMDRiYmZkMTk3ODBjNGNjZDBhNmZmMmNjNzgwNDEzNmI1NjFlODc4ZDQ3OWNkMmI2ZDkifQ%3D%3D
kingsumo.com/ Name: kingsumo_session__
Value: eyJpdiI6IjFSZTNYOFZST3Y0MGRqWFFIV1J3UFE9PSIsInZhbHVlIjoiM1JuMERSNEtjSE1hNFhLYnlBc3FcL0tzb1M2RkNRVjdLYXlvN0oyTEhhR3k2dkpFK2g2K3JuMldlYXh6SitBWHQiLCJtYWMiOiI5NmI0YmU1MjI5YjhmNzM0NGQ4ODFkNmQ1YmIwYmJhMmU2OGQ4ZjU2NDYxOWI3ZjRmYjRhOTZiNmJjZWRlNDIzIn0%3D
.quantserve.com/ Name: mc
Value: 63fc6a85-65363-8eb81-e4e05
.dollarflightclub.com/ Name: __qca
Value: P0-1696495539-1677486725197
.dollarflightclub.com/ Name: _hjSessionUser_945023
Value: eyJpZCI6ImJlMDljOWQ2LWVlMTQtNTI2My05NzE4LTEyOTliNmY3Y2NhNiIsImNyZWF0ZWQiOjE2Nzc0ODY3MjQ5MTAsImV4aXN0aW5nIjpmYWxzZX0=
.dollarflightclub.com/ Name: _hjFirstSeen
Value: 1
.dollarflightclub.com/ Name: _hjIncludedInSessionSample_945023
Value: 0
.dollarflightclub.com/ Name: _hjSession_945023
Value: eyJpZCI6ImIwMDJhMTc1LWY1NjQtNGRjOC05M2U5LWJkNzI1YTE3ZDNiMiIsImNyZWF0ZWQiOjE2Nzc0ODY3MjU1NzAsImluU2FtcGxlIjpmYWxzZX0=
dollarflightclub.com/ Name: _hjIncludedInPageviewSample
Value: 1
.dollarflightclub.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
dollarflightclub.com/ Name: __atuvc
Value: 1%7C9
dollarflightclub.com/ Name: __atuvs
Value: 63fc6a85cc2ecb4d000
.dollarflightclub.com/ Name: _hp2_id.1818647419
Value: %7B%22userId%22%3A%226109187936516074%22%2C%22pageviewId%22%3A%228480312579733449%22%2C%22sessionId%22%3A%226256565315212132%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.addthis.com/ Name: uvc
Value: 1%7C9
.addthis.com/ Name: loc
Value: MDAwMDBFVURFSEUyMzA4MTg5MzAwMzAwMDBDSA==
.dollarflightclub.com/ Name: _hp2_ses_props.1818647419
Value: %7B%22ts%22%3A1677486725702%2C%22d%22%3A%22dollarflightclub.com%22%2C%22h%22%3A%22%2Ffiji-adventure-sweepstakes-2%2F%22%7D
.mathtag.com/ Name: uuid
Value: 293563fc-6a86-4600-ac2a-0e6da2a99bbc
.bidswitch.net/ Name: tuuid
Value: ae059818-6eb8-4cbc-87a5-459d53a51cce
.bidswitch.net/ Name: c
Value: 1677486726
.bidswitch.net/ Name: tuuid_lu
Value: 1677486726
.demdex.net/ Name: demdex
Value: 84825250284122469600530243571473249119
.addthis.com/ Name: na_id
Value: 2023022708320600082267309779
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 63fc6a86a0256de9
.addthis.com/ Name: ouid
Value: 63fc6a860001fac1e4c0771e48057f589a1871f27485816f8e09
.dpm.demdex.net/ Name: dpm
Value: 84825250284122469600530243571473249119
.quantserve.com/ Name: d
Value: EHIBDQGyKP7KwQA
.dlx.addthis.com/ Name: na_sc_x
Value: 1

1 Console Messages

Source Level URL
Text
security error URL: https://kingsumo.com//g/vowgfu/fiji-adventure-sweepstakes?e=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_source=https%3A%2F%2Fdollarflightclub.com%2Ffiji-adventure-sweepstakes-2%2F&utm_campaign=embed(Line 149)
Message:
Blocked autofocusing on a <input> element in a cross-origin subframe.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api-iam.intercom.io
b-code.liadm.com
b1sync.zemanta.com
cdn.heapanalytics.com
cms.quantserve.com
connect.facebook.net
dollarflightclub.com
dollarflightclubaffiliate.refersion.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heapanalytics.com
i.liadm.com
i.ytimg.com
i6.liadm.com
in.hotjar.com
jnn-pa.googleapis.com
js.intercomcdn.com
kingsumo.b-cdn.net
kingsumo.com
kingsumowebapp.b-cdn.net
m.addthis.com
m.servedby-buysellads.com
match.adsrvr.org
pixel.quantserve.com
public.profitwell.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.w.org
s7.addthis.com
script.hotjar.com
secure.quantserve.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
sync.mathtag.com
trc.taboola.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
yt3.ggpht.com
z.moatads.com
s7.addthis.com
13.224.189.35
13.224.189.42
13.225.78.108
13.225.78.57
13.225.78.67
151.139.128.10
18.194.204.81
18.66.97.10
185.29.132.241
192.0.77.48
2.23.97.122
23.203.125.127
23.206.208.114
2400:52e0:1e00::1082:1
2400:52e0:1e00::713:1
2600:1f18:730:b130:f3b5:1434:5323:cb38
2600:1f18:ed:550a:603b:acd7:290f:c7dd
2600:9000:225e:5c00:8:8845:1500:93a1
2600:9000:2304:da00:6:44e3:f8c0:93a1
2606:4700::6812:17d0
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2006
2a00:1450:4001:82a::2016
2a00:1450:400d:803::2001
2a00:1450:400d:804::2008
2a00:1450:400d:807::2004
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::200a
2a00:1450:4025:402::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
3.220.117.104
34.193.23.165
34.240.144.110
35.71.131.137
35.86.95.232
44.230.167.61
52.18.149.243
52.6.131.58
54.145.232.141
64.202.112.31
69.192.160.219
005dd77b13b2aeaaa417ae115df0c3a99325a55bcafdc4acb24e86650b288da9
0258f92749598b55dc7dae43bb611ce3c5b3f490d62a5c96247dd94bcc9bbe7b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03ae9c2909942f966813bd4c15fc7aecffaa9fdd497ec038a7febf1b0a6cdbe5
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
08663961ca42a3ec9d872d95e370f125db7b1937206037f7ac3a02ca7121e983
0b04e4878b872dd8e8a164db42f0d3cc0d7d9f82f07b8653add8e09e5ab96b21
0ba653cea20ff0e6defdd95437a71b7aa85db685649c30cdeb1558a5c3db0bf8
0d199379b6d9d1ef3eef44f5ebf34479c4c8fa33e4a39605d6905fabb67dc9b8
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
114e73f55b507d6cbf9b378d7f9c1e6d1a43761d52cc3e36cc589d5672b259ee
1189fb729e6b7726df4f1f782c3436a2de5e0f7a734f79fbfff2fcecf42e0963
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
194de9942601b9a42cc9ea79663aaca170816cfc07cbe8b2a568852427fa7088
1a52040f550b42d12e69ce0d8938e5d34e703682acda505b755b62b7bcd955ac
1c17b5d1d57e609696951637c56c737d41211f1c8054948ab9c49c3294b52fd9
1c6ce2e342930fbcd80af7e49d262b7531b6cf87b9b582bc0481bf7c7f0fbb5e
1f21683f671ac3f7cd50a0ec2bb7ae3a8a5b0f857d92b2581ecbd7781b3913d3
1f63f05c15f02b517aeb7bad8bcbda596a499e03ef3a1b47d6ebdb76b2dc7cc5
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
22f8dc56e8f9a551e8a039078843065fa060a1fd9b77f5766a8e0446ecfea14d
2321a958511643cba274924e61612d0636dd8c28204ce1a41bb1e7c013aea64a
24851aa6e7a247139ba52bb829d8141fcbe0d7f4eea7ef6b8bb8abf735227041
248ce97201b935106698d0c4caecb2ce9d8725a935016137be498c97d75920b9
25384fe47b27ce1acedb14e5e83c29b8b971b24a6b57d7a93e20bce7b2638135
26483bedf460df831aafc8a214d51bd2ba33c6b0df388f579c603295de92b321
294ba876908c3234207c75c2ba7ffb7b0fddfc31caa9b067bd3a4967fa681618
297c0561304620e0ad2c6caec8ccb36fb48964cf51973a012fa5d66655f372c1
3148990f9682e08774abe7214ad43640ad424dae014448b472c6df108d31101e
330ce8ea29318b0705e160099de66a5413331b55771e6ff6eec883071016df24
3475c7835d29df503446756f89c46d657248bcae45e638d4103a92c80e6aad96
3656061856224d3a8cd8e5937206dcf477cd979e1d981fcdd2c95708b3809f29
36ce88cbc3549df353175f2cb90fbe5b729174106643e9a8de2e7adde71c0e50
37569d024102d3b4fe238db257d1df719764726a86692aca7168bd92c9393d6f
3e212c6722881231cc060b8769f5d8103e6920bafe9ec80a4d90c15079f57845
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee3b9bad53194e55a730b6dbf231d6b8823248e53d17db283d9c5f04dc32794
4056ba5d36b8a1ec9a6cb990ccf60630b050bbc165564d5c2cf2a7a7e7b55ce3
476681c2c838bb23491340d7fc2d630557cd58e18e557f8ca4653cb78e55322a
47dd7ca58d5b8a06bbec1dd77c8160bd8a28e2d029cf6a91fbc968e36f7389f1
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d9074e3fda26a28e6500d3a1cbaa23bddaecd66d2e6129d850f3cdc40884906
4ef5e440b9553eddb24331c18f1046c5d85ef70bac167e87118065c380963774
4f3103cde82c301d2d5168277d84a1514c6d3940f1d927c1728d37a7b7d1482c
50126020728fee9d02e0bc1e939ff74e5e2f54e564a92877a2cb2f59bebb3f24
50357266fd96f59a221ecdc11521aed87ca092c72e11aff35621a005f1afbca9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
55c53ffd3583d9f8a2e58bd20a11cffd1d92d9da2d98291a1b6e8089be7eece3
572063a519e0f514fb8c502a8c58db8dc31c5654a1a023437422bd4763814fb1
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b9039097cb3a111f2ea97174fab19964412fd5100d863d9e934f596c276d0da
5b99e9d59277dbd2407aec935502e3472c57278385b1f8a59148627aa671fb28
5c05ad4614e4dbdad4ae694e311f86580afbc0e1592e8a7c7164eede9902e523
5cb0b2f5eb4883f5e386962a57e78d01db9f5fbb6e7f98298fe9e72ea47a9fcf
609a027e17ec3f399802ad39038f267014bdc1838a26f8ea5eab2de9b73829c6
623bf86c91a40663939b9c9b22bfbcb7c7a62afe9c81891352296ffaf6f4a5eb
645c7d7195adc03845c68decb10ca4bf1022e6b0b137724ef4d3543e400a5cca
6474fc05cc17dd2a7008aa90a002b962670cf890c139e90c3add75ed99230f64
6758330fd53a058376adf5173894c8d590c7e83aa1b4d3f8b512b292c9ed3c75
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b6b2e9929ad346c22863a0a968b4af18fe0e2fbbcdaffb277d8a9009db12c7a
6cfeb4dc63a002f81089de118530a92228c9094731a0ad9ca1900938bdf7fe56
6d4cf2ceaf19b3a74396cdc3be68709fef38a8e15dbd6b0fa1b7948a104e25d4
6d8e2cb641d8a9536276711719e3f0a0cdaec609dd821c8e2718a7726b2f6fae
6dc05612abb942f1c013091f152ff58185c1eb77cae883f3c58d19e01efc9d2e
6ea13741aecc9bba40c8b94e78efe045d05ec90f44fcc333776ef00b84d3c130
6ee03524774ff8617dd08296d5ed960a96a3723e39c04c691f98283bfbecba6c
7008b6f413eae5e872b1228ba6c876da9769ce4c48b45282ec1838a2942784d8
776f37cc596d12177378a99633e76c0a19d4bfb0913f71faae9a73d272412222
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bb167b25d3bbae5246019df9d374fc0663a67a7adf5f74cb9a62c85d6b1493d
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
7c843b8625e7c185ab405a8c37aa19f9f1e6f9d5a31c996a8c01e5d54cde6999
7cc76ca3e09766e39dbc4fa9486a53cd2d0a6540be839d247a899a3e5938fd32
7e5a350e35882205d6ffa3c8c493a2746268c8297fcd867349c95d88b93b2f15
82e504c67300330e40d09b56532c3de6f412b521e74633c3a4726ff1de23a9be
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850e0db135b56da353b99def5e339c9ae773b0b5c6591569143f81e0e07bf343
85a9cbba40dfc67d7e46f29ed518a7ed0e2d2a1808239c760f448e7c69a0976a
86669411833ff621f7bba1b6aa6418ff160cf4c99a519980b8c63d8a5b0e0fa9
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87b6419f64939b8b29786c254e83d68a4c5f4b7be01e791ce9b478541442022b
87e070f0e9784bf33ffa12691316e78cbd1954752e9bdbf4f42f926edfdbed65
88e7e2277f9948b9635eac546281a39c7fddba5f24be5c14fd59a1cc2e84d1c5
8ba0ad0cdeac9550106ed4162e639ff3b6419698e20a2598ab6a5f1f354af6fe
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e84ba17064b80311ede3c628425e243688ee49e53bcd70fc2d6357250fe58a6
9043986fde648c179ce63d202242b956fe5bae1cbba32612c721e28aeeae65ab
915c90474da768801b13e23f5b46fb0809dd729917097a3d87f88600fea3001a
9248e1942c26acd6e1961fb0140759dfcd2cff0b611070fa0052e78cbb1c458c
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
97169af18480b6433f39367d2d1c8dc4e03d8a07a847ba6c5755f4f2fbf31665
98c2152333a88fc6445e64fed30c3152a965fa94e6e3ebef5dd80422d4ee5470
9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390
9f58b2c2ce7858f4254c5edd6e3c747bc139248f25ccdf6bcb6c0053cd199538
9f5aacd2c120fd4d3e730e2290001de3abf9cdec6309f36844807b74183f266b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e17e4a9e26313141e61c2e8dbf35ef21a176047858bf4680b926607aa3c60d
a430c76595d3a65e132a989411c1dcaa48cfe773011b8c10fa5891df053c1c2c
a52b921c6e8a46222fd342ad6262de47895a963f49cbe589d3f1a20d44248950
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b13e0818464555ef081df39ac40cb95bb23c541a211fba8aa76905a97ee59699
b141da8911457cd595d68ee6b6a924cc3fa8b0124b877cef0c92bf62de254933
b17bc9ea1511bc722704292a441d847b9d9674d265dd4372780b5d1b56f6c88f
b1cc443f27200f128ac0c85dc8050dd869ac511974377220ba92a6a5f68d317a
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b686495414a0cc7cf70528be9f0660bd5f19cd393b5c80435e6a3f469f6ab308
b8a169e23c2ba4328eed7c91773d6be70514ede65b80e4569fc95472aa26bd86
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc568325f248566eaa270af543f4d79642b59871272434bb719347edd03b2e39
bcb66ff9cbfa5bdd463f4ace03b7a7a42c6d13435eea7842692ca2f1bace87d1
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c17b1a7e002c083947f21ffac64eb85fc76f5e94c2460fb64876f56f6a37fdd3
c456b369b0747228ea1d3598f3b95ee75ce847ae66ce3a3770f53e184b6ef16f
c597dd42d415ed20721af88a0b1960c390d5fc6e6c6d65c957c5b17525a115f9
c5b5596d79f43551f448d6db57c6e6fe71088013d32a71b00634b2f0f4e4e06c
c664b12f3480ecc79264b1c43347b5addc462aada4f184febaea7bfbb8a2c750
c8e70c0693685deb12aaf10c6919f8989afa01e4642710b53899ca266986ac21
ca4a8df38c6d4d0a40bc0cc963662e6003c83eed50dd63dbf456177c4725d0bc
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cd11935edc02f9fa1e754c0be00911623028aa3334e36188365dc39b10817352
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d0ec766b0f25d8fabd14884a44e66b180a8b1f43285adf4a1d087240d6364563
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d34f1c2130b6b8a2e282412caca9e14c9923098adf646f7d76febe59f787c84f
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
d6d7dde19006b8b91d2bc4938e496cb62626265e393ee97e551d3cddb185161d
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d78eee5e147ece6afe84fb611720089981207201aa90588a682758f13fb2eac1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9977b98502521dc2992b26e12a61ea1738043f66af9daec8a3c81cbedecf852
d99949aa1dcf989ea57c59b2ea99ce92a9840eb7ab740750c4edd2aa14255830
da2109f72ff833d308062c17512c246f104815d8b6888d41b4290aec492c30a9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee393e1d0f5a95991f8bd02057537726d4903dc5bc42df6910b9e518d580061
e38b3c0dd17fe35a70b8e6c5c1988b5ab09996160ac92e402065a52f318be069
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e609d9723f2f846fe9dcab4ff0901eb314afae147d15f0a834467021f5f00d82
e6e87f4f93a379f05269bddd3acd54a253a3e50a48efb9127d9cb94cf3970333
e7408ed066d89e3949277997fdfe15f743cb93287eb2093e0f6d80f4008cf54c
e780738bbc0810ffef6e915949289ff276125ec49e38bdd14c2ded5c12af053c
e880116b5ac3010d5eb6d223b38dea6d2f6c2bb172cbf3d763e4bf1e9facf4ec
ecd52673e207772acc0e67d469cbc4cfd89f8b6214db8799b353e0f88548624a
edf369b7619407aad4d2c7f696edbb6ec7915ea5671a5e0bce1dc21eda5ce442
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef0c19241036cb636684d2ff29f13ea9eda4571edbc2ad6e1902f0f2c0d61864
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ea77c95d614496735fc9e17e96d45cd15fe4e142dc1686afcd25d1cde0888
ef52ead07fdb220ecd63baa9d08c80142239de79e4e1e4a1b15298f9d075950b
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efd73dde524aebbb466d7333c1d9984e0529ba73a6be6a7b473a22925ac6e170
f052f0fad1f828f1e6f8386cbfaab632bc985748adef85934d157ad9d5d5f2cd
f322b4cf5f758214277a24f0f0c52c178cb8f7ab35b7dbf4afbd595e76b33ecf
f3e6105a99b2932b8353609dd39c828a69ed56cb9f96a2f6f1a025237ec62898
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f86bd7f41d14bcd6c5fff0b35d9ca7e21d16824d93a92bf5f4263e31e358441b
f973da93d95af2cc415e022c5481cd7e257ad7abb6c39fb49c35256e51509c49
fa89a14fe95a49dad894a1e3c1e53566b2e7697042a4a9e1c02dda667251352c
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
fd05e9e0ec403a89165ecd5a3e2cb0c23efa7376ed35f8364da8604ba3e296ae