www.offermate.us Open in urlscan Pro
2604:a880:2:d0::867:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://offermate.us/
Effective URL:
https://www.offermate.us/
Submission: On February 26 via api (February 26th 2024, 11:28:08 pm UTC) from NL — Scanned from US

Summary HTTP 222 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 35 IPs in 2 countries across 28 domains to perform 222 HTTP transactions. The main IP is 2604:a880:2:d0::867:1, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.offermate.us. The Cisco Umbrella rank of the primary domain is 992162.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.

This is the only time www.offermate.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 22	2604:a880:2:d... 2604:a880:2:d0::867:1	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::54	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
29	2606:4700:20:... 2606:4700:20::681a:364	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
31	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
23	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
6	23.200.88.30 23.200.88.30	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.58.90.38 23.58.90.38	16625 (AKAMAI-AS) (AKAMAI-AS)
5	142.251.40.166 142.251.40.166	15169 (GOOGLE) (GOOGLE)
11 14	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
8 14	2606:4700:440... 2606:4700:4400::6812:249b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 10	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	23.56.162.28 23.56.162.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.28.61.13 184.28.61.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:d	27630 (AS-XFERNET) (AS-XFERNET)
2 2	54.174.143.135 54.174.143.135	14618 (AMAZON-AES) (AMAZON-AES)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	195.244.31.10 195.244.31.10	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	50.31.142.95 50.31.142.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	35.207.24.140 35.207.24.140	15169 (GOOGLE) (GOOGLE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	23.196.3.201 23.196.3.201	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.35.93.20 13.35.93.20	16509 (AMAZON-02) (AMAZON-02)
2	44.214.189.209 44.214.189.209	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:261... 2600:9000:261f:e00:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
5	23.56.162.52 23.56.162.52	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.210.177.128 3.210.177.128	14618 (AMAZON-AES) (AMAZON-AES)
4	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
222	35

22 2604:a880:2:d0::867:1 (Santa Clara, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

offermate.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.offermate.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:20::681a:364 (United States)

ASN13335 (CLOUDFLARENET, US)

na.leafletscdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:820::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80b::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.200.88.30 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-88-30.deploy.static.akamaitechnologies.com

c.pm-serv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.pm-serv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.58.90.38 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-90-38.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.166 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.65.226 (Plainview, United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::6812:249b (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 68.67.160.137 (New York, United States) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.56.162.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-28.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.28.61.13 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-61-13.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:d (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.143.135 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-143-135.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.10 (Newark, United States) 1 redirects

ASN63140 (IGUANA-WORLDWIDE, US)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.95 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.3.201 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-201.deploy.static.akamaitechnologies.com

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-20.jfk50.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.214.189.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-189-209.compute-1.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:261f:e00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.56.162.52 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-52.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.177.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-177-128.compute-1.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	658 KB
31	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 ad.doubleclick.net — Cisco Umbrella Rank: 157 cm.g.doubleclick.net — Cisco Umbrella Rank: 264	340 KB
29	leafletscdns.com na.leafletscdns.com — Cisco Umbrella Rank: 897136	98 KB
22	offermate.us 2 redirects offermate.us — Cisco Umbrella Rank: 988326 www.offermate.us — Cisco Umbrella Rank: 992162	187 KB
18	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 24 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665 www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 159	154 KB
14	casalemedia.com 8 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 628	9 KB
14	media.net warp.media.net — Cisco Umbrella Rank: 2840 contextual.media.net — Cisco Umbrella Rank: 746 hblg.media.net — Cisco Umbrella Rank: 2271 cs.media.net — Cisco Umbrella Rank: 1320	40 KB
10	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 953 d9.flashtalking.com — Cisco Umbrella Rank: 1704 cdn.flashtalking.com — Cisco Umbrella Rank: 1291 ad-events.flashtalking.com — Cisco Umbrella Rank: 1351 stat.flashtalking.com — Cisco Umbrella Rank: 1422 secure.flashtalking.com — Cisco Umbrella Rank: 2532	104 KB
10	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 259	11 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 317	217 KB
6	pm-serv.co c.pm-serv.co — Cisco Umbrella Rank: 19778 l.pm-serv.co — Cisco Umbrella Rank: 19799	117 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 368	28 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	92 KB
5	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3273 data.ad-score.com — Cisco Umbrella Rank: 2815	163 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 377	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	257 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	3 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1664 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1433	29 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 500	970 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 363	669 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1222	832 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 638	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 920	2 KB
1	omnitagjs.com 1 redirects visitor.omnitagjs.com — Cisco Umbrella Rank: 748	417 B
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 626	569 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1001	723 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 861	677 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	25 KB
222	28

	Domain	Requested by
31	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.offermate.us 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
29	na.leafletscdns.com	www.offermate.us
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.offermate.us 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com googleads.g.doubleclick.net
20	www.offermate.us	www.offermate.us
14	dsum-sec.casalemedia.com	8 redirects googleads.g.doubleclick.net
14	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net
11	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
10	contextual.media.net	0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com contextual.media.net
10	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
8	s0.2mdn.net	www.offermate.us 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com s0.2mdn.net
6	0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	bat.bing.com	www.googletagmanager.com bat.bing.com www.offermate.us
6	googleads.g.doubleclick.net	www.offermate.us www.googletagmanager.com 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	ad.doubleclick.net	www.offermate.us 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	www.offermate.us securepubads.g.doubleclick.net 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
4	data.ad-score.com	js.ad-score.com
4	c.pm-serv.co	0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com c.pm-serv.co
3	cdn.flashtalking.com	ajs-assets.ftstatic.com
3	x.bidswitch.net	3 redirects
3	www.gstatic.com	www.offermate.us 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
3	analytics.google.com	www.googletagmanager.com
3	www.google.com	1 redirects www.offermate.us tpc.googlesyndication.com
3	www.googletagmanager.com	www.offermate.us www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.offermate.us s0.2mdn.net
2	d9.flashtalking.com	ajs-assets.ftstatic.com d9.flashtalking.com
2	creativecdn.com	2 redirects
2	match.adsrvr.org	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pm.w55c.net	2 redirects
2	cs.media.net	contextual.media.net
2	servedby.flashtalking.com	0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
2	l.pm-serv.co	0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com c.pm-serv.co
2	offermate.us	2 redirects
1	secure.flashtalking.com
1	stat.flashtalking.com
1	ad-events.flashtalking.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	visitor.omnitagjs.com	1 redirects
1	dis.criteo.com	1 redirects
1	sync.go.sonobi.com	1 redirects
1	p.rfihub.com	1 redirects
1	hblg.media.net	0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	warp.media.net	0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	accounts.google.com	www.offermate.us
222	50

This site contains links to these domains. Also see Links.

Domain
www.kimbino.com
b2b.kimbino.green
d34seexzbffcio.cloudfront.net

Subject Issuer	Validity	Valid
offermate.us R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-04` - `2024-08-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
c.pm-serv.co R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-10-22`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.offermate.us/
Frame ID: 6446962FD5D87B66E1DBE46565C40587
Requests: 90 HTTP requests in this frame

Frame: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8BDAF0B0191E3E013A073146C16136F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B41763E1B73BBE544E537CF68803C17
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE09C73CB7FD4955997DA632E2F0DA7E
Requests: 2 HTTP requests in this frame

Frame: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF9512C9C71999CB0C96073B71504B4A
Requests: 4 HTTP requests in this frame

Frame: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F3E3F9BF9A2C36C8455CBB8F858A07B
Requests: 13 HTTP requests in this frame

Frame: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0B5FE88C7A0CED44BBDB7C8F120F0EB7
Requests: 11 HTTP requests in this frame

Frame: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B9CDDFDAC1E6998B4781F1AC5337FB39
Requests: 36 HTTP requests in this frame

Frame: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7716F547906316EE265E1391CB44ADE6
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 517B77980AD55C05B8666720713D12F8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQ6t2eAhjY4uXzATAB&v=APEucNUXa3Of0fs5NFR4s7Ya-A1xSqFSbKDpjKOBWi--KdKCFC1tBIK6OHNnm-DzcpsXnafjhTqBqiw-H6fQUD6thqfWr4eQL-Xo7oyQDFIjAPVGdZh1d2k
Frame ID: 701CB43E35E07034C2940F6CC7DC135D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjw-oSAAjAB&v=APEucNVS2XYgeUoXh-QVag55V7p7PMWYPawF_bZ9GlicMRTBcIIDJiw7LrsSBLhGMjyRTRWVsO0sJdox8CsUUEMQUEd-2_XZIlrpz-fV8piLzcQ9VQHEF0o
Frame ID: F178E1046EB511F3D826AC5F40E56C29
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjF_Y3eATAB&v=APEucNUq4I6YgNN45NFm7KoMfcB-hd-hH7HN7NFYQ0w2z4kKyO5KS3HzzXNJG2Y7BSBeRbd2o1koW_YiSw-cen9Hso21UGq6KFOhnX47qS5wGBwKFKtVcdM
Frame ID: 75A2AB96C28856C3C99C4DEC08BDF8CA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DE089BF8FB92F51C45E9AEC8C1961087
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 376B1537E2FA448CD6DEDC9E6FEA14AB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250
Frame ID: 665F83E4D00F2D147408DAC9E6BE3FD1
Requests: 9 HTTP requests in this frame

Frame: https://c.pm-serv.co/sr/2722522032/SAFEFRAME.html?ule=3960&&kkdd=u*%7C3%7CAn*9H&j*=a4_iII__izzzac4iKIJ&5Po~=_&2Mou=_&XPj=aa4z&CMX1=fqza&X*P=iGd6hczc4&XoXP=Io!0!dZHCwjUY7NWM~hcN)%3D%3D&X~*P=cc_4qK_4c&M*A1=4zigI_&XX=dp&MX=Wy&X7l2=D)6!8Wy&o*P=ie8aKxdKe&Co*P=0pk(Szi&7CCoM=a&~~~=CA6s7fXvsfOQo)GjfK4*5n7Pet*2Z!R)SJ.yXzq4DI.%3D&lM1=c&v.=a&-5P=q&uPCa=iGdt6KpQ6&uPCz=K_KzczqIc&ZPuCu=LZgOv1l%3DaqKKLZ7o%3D_LZ*P%3D_rKi_LZgOulX1MCY~%3DasKEaiszEz_sKLZgOuMl%3D4aJLZgO1go%3D_rcLZgO5*lM-%3D_LZgO*uZ%3DN)wzzLZgO*lC2P%3D_LZgO~7%3Dq4kxToRiDwLZgO~oX%3D_______LZgOM*A1%3D4zigI_LZgOC2ug%3Dzq_LZgOC2vOM-UU*g%3D%2FLX*C3%3DwdQQ)f8LXnOUv%3D_LPX%3D5Xos-Ms1uMCasPLP22OPa%3D_LP22OPa_%3DaLP22OPaz%3DaLP22OPaq%3DzLP22OPac%3DaLP22OPaJ%3DKLP22OPa4%3DzLP22OPai%3DK_LP22OPaI%3Daa__LP22OPz%3D0LP22OPza%3DsaLP22OPzz%3D_ra_LP22OPzq%3DcLP22OPzc%3DfOP1ULP22OPzi%3DzLP22OPzI%3Dar__LP22OPK%3D_rcLP22OPK_%3D_LP22OPKz%3D_LP22OPKK%3D_LP22OPKJ%3DW)LP22OPK4%3D0LP22OPq%3D__LP22OPq_%3D_LP22OPqz%3D_LP22OPqK%3D_LP22OPqq%3Do~YPLP22OPqc%3D_LP22OPqJ%3D6LP22OPca%3D_LP22OPcz%3Dar__LP22OPcJ%3D_LP22OP4%3D_LP22OPi%3DaLP22Ov%3D_raiqLP22O2a%3D_rKizLP22O2a_%3Dar___LP22O2aa%3Dar___LP22O2az%3D_rIaqLP22O2aK%3Dar___LP22O2aq%3Dar___LP22O2ac%3D_rIiiLP22O2aJ%3D_ra4ILP22O2z%3D_rz_aLP22O2za%3Dar___LP22O2zK%3Dar___LP22O2zq%3Dar___LP22O2zc%3Dar___LP22O2z4%3Da_LP22O2zI%3Dar___LP22O2K%3Dar___LP22O2K_%3Dar___LP22O2Kz%3D_rzK_LP22O2Kq%3Dar___LP22O2Kc%3Dc_Kr___LP22O2KJ%3Dc_Kr___LP22O2K4%3Dar___LP22O2Ki%3Dar___LP22O2KI%3DciIir4JcLP22O2q_%3DJqqKr___LP22O2qa%3DaarIiqLP22O2qz%3DaKr___LP22O2qK%3D_r__KLP22O2c%3Dar_zJLP22O2ca%3Dc_Kr___LP22O2cz%3D_rq__LP22O2cK%3D_rzK4LP22O2cq%3DKr___LP22O2cc%3D_raJqLP22O2cJ%3Dzr___LP22O2c4%3Dar___LP22O2cI%3Dar___LP22O2J%3Dar___LP22O24%3D_riIaLP22O24K%3Dc_Kr___LP22O24q%3Dc_Kr___LP22O24c%3Dar___LP22O24J%3Dar___LP22O2I%3Dar___LP22O~%3D_rz_iL1O~o2%3D_rKizL1~o2%3D_rKizL7X%3D_%20%2B%20_L*7u%3D_L*C3o1%3Dxwk)L25*%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PL~OXX%3DdpL~O*o%3DzJ_zsUUXiszssL~OMX%3DWyL~ZY%3DcOKL~1UOXlC%3D_LM1vv1~OCu5O*P%3DP*js5oCsuPszs_LMCP%3DP*js5oCsuPszs_L-u7%3DC*Ua0Aq(tbsnAaXLjZ~%3D_LXZPo%3D_rzI_LZMZ%3DKLC5M%3DKKJgzi_%7C4zigI_%7CI4_gzc_LlMA%3DKL2gZnC%3D_LZMo%3DsaLC2g%3DzqaL*C3o1O*P%3DzLM1vv1~OCu5O*P%3DP*js5oCsuPszs_LM-oov3OCu5O*P%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PLP1C1XC1POCu5O*P%3DP*js5oCsuPszs_Lj*1.uZ*v*C3%3D_rqLoYM%3DKLuPZvn%3DKiKzqziiqzLu2o%3DaLXu~~*1~NP%3D_LY5Z*P%3D_rKi____LZUv~%3D_rzK_LM-*P%3DLPCX%3D1uMCOMXL*MOY~CZ%3DaLP22O1~o2%3DUuvM1LP22%3D7u~2Yl3LZPoXuoP%3D_LPuv5%3DP1Uu-vCLMYZo%3DL7C2v%3DaLPX-C%3DzcLPY5Z%3D_saL1XoO-M1P%3DZ1vY.Om_cL1XoOj1~%3D2-vC*m-ulC*v1OjaL1XoOo_c%3D_r4q4qK__JJ4KcI444L1XoOoa_%3Darczz4aciqca_qJ_KL1XoOoac%3DzraqK4Ja_KIIc__aJ4L1XoOoz_%3DzrJ4K__4_KI_IcKiaKL1XoOozc%3DKrqzaaKq44aJqziJIL1XoOoK_%3Dqrzq4JJa_JJqqiqqKL1XoOoKc%3Dcr_KiaaIKaJJ_i44L1XoOoq_%3Dcr4_cz4z_aaic4zcIL1XoOoqc%3DJrqI44JIK_J_a_4qKL1XoOoc_%3D4rKa4KqJcJaiIiJKiL1XoOocc%3DirizK4cKc4_cqiKKqL1XoOoJ_%3Da_rqcz_c4_iai_aIzzL1XoOoJc%3DazraciJJJazcJIqJaqL1XoOo4_%3DaKriKz__caccKJKIzL1XoOo4c%3DairKqzqc_qKKciaIiiL1XoOoi_%3DK4ri4zKqKcKIKaIqJL1XoOoic%3Daa_r_4a__qaqiKczIL1XoOoI_%3DzzcrcJcKiKaciciIccL1XoOoIc%3DKJIr44I_z_IaiI_iiL1XoOoII%3Dq_qrIJ_accIczIIzIL*ZX%3DaL&lCj=_&*.=4zi&*lNU~=a&ZP~NP=qJa&.vMCo=a&2XU=JizK4&3PMo~=a&Zu1=wg1muu11mwLwg1muu1qmwLq11&nuCo~1=a&nuMCM=ZCP%3D4i%7C%7CCMC3o1%3Dsa_q_i%7C%7CCZC3o1%3Dj4_z%7C%7CCoX%3Dq%7C%7CCX%3Dq&nuCZ*P=sza&nuC*P=i_i_4JziK&nuoX=Kz&nuvM=CZ*P%3Dsza%7C%7CCC3o1%3Da__aI%7C%7CoC%3Da%7C%7Cv2*P%3Dj4_z%7C%7CXC~%3D_r_aJ%7C%7C~oX%3D_raz4%7C%7CCCP%3Di&nuCu=uCYl&nuvY5=!N%3DKJ_q%7C%7CpNk%3Di%7C%7C0fNk%3Dac%7C%7C!e0k%3DJq_%7C%7C00G%3Dq%7C%7C0e0k%3D4ciqz44KaKqazq__J4J%7C%7CpN%3DKcIi%7C%7CGN%3DKJ_q%7C%7CDNk%3D_%7C%7CddNk%3DzNunp(wRC*iC4xIFTw&XuPY2u*l=CA6s7fXvsfO2aNxWZY(7S0aa_4icDnMMmXk)DMNMcDT%3D&3ovo=a&*M*P=c&uPj=e~12*-2%20p1u~X71M&uXC=ewNqwlK1KqmlW1Wg5U)qqAAW~UWuA-U)-1~&o5*P=o_J44cq_KzzCz_zq_zzJzKzi&MMvP=%7B%22MM*o%22%3A%22zJ_z%3AUUXi%3Az%3A%3A%22%2C%22MMXX%22%3A%22dp%22%2C%22MMMX%22%3A%22Wy%22%2C%22MMXC3%22%3A%22w-UUuvY%22%7D&7C2vM~X=a&sflct=9147666&CXUOX2o=a&ure=1
Frame ID: BD107A9C9359ECA9307AC9FC6D6FF997
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js
Frame ID: 6F520BE2136F5E5DDF2035B7F5DC79C9
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUKR3SFR&prvid=2034%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C550%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C3016%2C2025%2C117%2C3014%2C459%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C2040%2C261%2C141%2C262%2C461%2C222%2C102%2C201%2C3007%2C246%2C301%2C4%2C203%2C2037%2C10000%2C80%2C108%2C9&itype=EBDA&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&gpp_sid=-1
Frame ID: 2E335E44885E1130F5E1AD61551CD6E8
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9FC1405B64FA290EC88DF0863BD99AC8
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=6&vsid=3519916826633991000V10&type=rkt&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=1813050730174731733
Frame ID: 23375CD528FA53E289E970C79925814D
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 181D65934BD3E4E5353640F68835908F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offermate.us | Weekly Ads, Deals and Sales Ad Preview!

Page URL History Show full URLs

http://offermate.us/ HTTP 301
https://offermate.us/ HTTP 301
https://www.offermate.us/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Page Statistics

222
Requests

88 %
HTTPS

50 %
IPv6

28
Domains

50
Subdomains

35
IPs

2
Countries

2517 kB
Transfer

6626 kB
Size

62
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kimbino.com/partnership/
Title: Publication of the offer

Search URL Search Domain Scan URL

URL: https://www.kimbino.com/partnership/#how-we-will-proceed
Title: How we will proceed

Search URL Search Domain Scan URL

URL: https://b2b.kimbino.green/
Title: For partners

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/a94464aff8a69ba3b7b48aee44397d866191662a65485.pdf
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/f99397dcc5231c8fb6021fd90ae44dd0642d143f9d072.pdf
Title: The personal data processing

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://offermate.us/ HTTP 301
https://offermate.us/ HTTP 301
https://www.offermate.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.google.com/pagead/landing?gcs=G1-1&gcd=13l3v3l3l5&rnd=1322052668.1708990081&url=https%3A%2F%2Fwww.offermate.us%2F&dma=0&npa=0&gtm=45He42l0n91MH37JX9Fv9166450603za200&auid=1903580459.1708990081 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G1-1&gcd=13l3v3l3l5&rnd=1322052668.1708990081&url=https%3A%2F%2Fwww.offermate.us%2F&dma=0&npa=0&gtm=45He42l0n91MH37JX9Fv9166450603za200&auid=1903580459.1708990081

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbTKL__Be6sVEaIhvFzZ8o&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbTKL__Be6sVEaIhvFzZ8o&google_cver=1&gdpr=0&C=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zd0egtHM510AAHu8AH5A7AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEEoszF0mbEa0_Qcs58K5LlI%26google_cver%3D1

Request Chain 118

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMzQ3ODQ1NDYxNjY4OTk2Nw%3D%3D

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zd0egtHM510AAHu8AH5A7AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1

Request Chain 124

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMzQ3ODQ1NDYxNjY4OTk2Nw%3D%3D

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0&C=1

Request Chain 126

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zd0egtHM510AAHu8AH5A7AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1

Request Chain 128

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1NzMwODczNTU3MDg3NTUzNg%3D%3D

Request Chain 185

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D6%26vsid%3D3519916826633991000V10%26type%3Drkt%26refUrl%3D%26vid%3D89900829323519916826633991000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=6&vsid=3519916826633991000V10&type=rkt&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=1813050730174731733

Request Chain 186

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=son&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=[UID] HTTP 302
https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=son&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=304a7e3f-1b8e-450b-b017-79c9809b224c

Request Chain 187

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzUxOTkxNjgyNjYzMzk5MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIKOzjF_sxHwiBb1oALKKhQ&google_cver=1

Request Chain 188

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3519916826633991000V10%26type%3Ddxu%26refUrl%3D%26vid%3D89900829323519916826633991000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3519916826633991000V10%26type%3Ddxu%26refUrl%3D%26vid%3D89900829323519916826633991000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=dxu&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=hodtDhbO1REKob5

Request Chain 189

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=-1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=43a84aad-ca6b-4698-8b86-b61a8e134b26&gdpr=0&gdpr_consent=&us_privacy=&gpp=

Request Chain 190

https://visitor.omnitagjs.com/visitor/bsync?uid=4ed0cff4eef188d3fb2e7e9025d7855b&name=MEDIANET&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3519916826633991000V10%26type%3Dayl%26refUrl%3D%26vid%3D89900829323519916826633991000V10%26axid_e%3D%26ovsid%3D%3Creplace_userID%3E HTTP 307
https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=ayl&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=8e75e148b8602a8ba114af1396e81534

Request Chain 191

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=7215d344-640d-44cb-beb6-9324ccfb46e2&google_hm=NzIxNWQzNDQtNjQwZC00NGNiLWJlYjYtOTMyNGNjZmI0NmUy&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOMQXQsnEA7y8E95ckqzaJo&google_cver=1&ssp=medianet&bsw_param=7215d344-640d-44cb-beb6-9324ccfb46e2&gdpr_consent= HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=7215d344-640d-44cb-beb6-9324ccfb46e2&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 192

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=XarFFe4ja-aMg8VUTQKT

Request Chain 193

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3519916826633991000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3519916826633991000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=961a93e1-0521-4789-bbf5-dffa04bbd1b0&cs=1

Request Chain 194

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=cffbde74-2b37-4237-bdf0-164645297b4e

Request Chain 195

https://creativecdn.com/cm-notify?pi=medianet HTTP 302
https://creativecdn.com/cm-notify?pi=medianet&tc=1 HTTP 302
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=TxopWIPD_7sPLjm4L0c6LZ6SZz2904SdgmIPoH9aARg&pi=medianet&tc=1

222 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.offermate.us/
Redirect Chain

http://offermate.us/
https://offermate.us/
https://www.offermate.us/

149 KB
35 KB

193ms
171ms

Document
text/html

2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

071e7dc9b3bc80d1c438d1b429d2a7c81162eb6b2200792fbcdb2ec55e506e10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 33295
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 23:28:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
link: </js/joined/necessary.min.js?t=29e7b633ead2210ba4d7a452ffc83262>; rel="preload"; as="script"
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: []
server: nginx
strict-transport-security: max-age=10; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Hyperia
x-proxy-cache: HIT
x-proxy-cache-type: nl30m
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-date: Mon, 26 Feb 2024 23:19:55 GMT
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-upstream-server: letakomat-frontend-all-5dfd6df9b-s4mdk
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com

Redirect headers

content-length: 162
content-type: text/html
date: Mon, 26 Feb 2024 23:28:00 GMT
location: https://www.offermate.us/
server: nginx
x-content-type-options: nosniff

GET
H2 200 necessary.min.js Show response
www.offermate.us/js/joined/ 7 KB
3 KB 86ms
86ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/necessary.min.js?t=29e7b633ead2210ba4d7a452ffc83262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d2358cafab2d5c2250af8aa9b7ee9d9834a783f81bc4303a66811da7114275a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 10:14:47 GMT
content-encoding: br
expires: 31556926
last-modified: Thu, 22 Feb 2024 07:16:33 GMT
server: nginx
etag: W/"65d6f4d1-1d61"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 101ms
45ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20ba73bd31c1174f4bb0ca95fa30d9953bc20f2f5124305b62b1598955324d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 22:49:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 23:28:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 138ms
63ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b167be4303c7eb6ba565de551b2d1e749aecb7cd578132492b3487b72b996dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28734
x-xss-protection: 0
server: cafe
etag: 715 / 19779 / m202402200101 / config-hash: 7072685077548390353
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 23:28:00 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 209 KB
80 KB 113ms
50ms Script
application/javascript 2607:f8b0:4004:c08::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client?hl=en-US

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4c9fdab7eea26d7200ede9a5233bb3f10735be58a4f718435e962efa3723757

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-W2qQmSLz82MB0l5Fc0N5UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-W2qQmSLz82MB0l5Fc0N5UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 26 Feb 2024 23:28:00 GMT

GET
H2 200 external.min.js Show response
www.offermate.us/js/joined/ 145 KB
45 KB 100ms
100ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7880048fc3a87e5f1e5c724cd30b64c10b095061d165d7595dbd4fdb081a64f7

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 22:04:55 GMT
content-encoding: br
expires: 31556926
last-modified: Mon, 26 Feb 2024 21:11:45 GMT
server: nginx
etag: W/"65dcfe91-2452e"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 tr.min.js Show response
www.offermate.us/js/joined/ 25 KB
7 KB 161ms
159ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/tr.min.js?t=bbf3afa531b951f981cf055bb98f96c6
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c216fe18386ae65e76cf562148c974ecb4135a13ec73e6d0789a63573b00b697

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 22:04:55 GMT
content-encoding: br
expires: 31556926
last-modified: Mon, 26 Feb 2024 21:11:43 GMT
server: nginx
etag: W/"65dcfe8f-654d"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 common_co.min.js Show response
www.offermate.us/js/joined/ 62 KB
18 KB 161ms
160ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/common_co.min.js?t=d7f3a22ae4d19897c69aadb3b810c2b4
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b285705431162bb9cb45e4a022d4b720fe52af48bcc43fe464eb56e7fa713ab5

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 12:35:03 GMT
content-encoding: br
expires: 31556926
last-modified: Mon, 26 Feb 2024 10:16:52 GMT
server: nginx
etag: W/"65dc6514-f670"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 homepage.min.js Show response
www.offermate.us/js/joined/ 24 KB
7 KB 161ms
160ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/homepage.min.js?t=ad4c9750d058fc6f9d78e5ad9e2bef23
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f8ba16342f041e0a09453f1d4ce9bd8962a06ecb0d521dd5b71c8e26bd96482

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 16:46:16 GMT
content-encoding: br
expires: 31556926
last-modified: Mon, 26 Feb 2024 13:00:13 GMT
server: nginx
etag: W/"65dc8b5d-60da"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 typeahead.bundle.min.js Show response
www.offermate.us/js/ 39 KB
11 KB 161ms
161ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/typeahead.bundle.min.js?t=890958d29ed52338066a079264b13202
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e46cc50f2ffd82147edb852b25c0dada85eb2a46f3b9dc2f8da17a178dfea5c3

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 12:26:42 GMT
content-encoding: br
expires: 31556926
last-modified: Mon, 26 Feb 2024 10:16:54 GMT
server: nginx
etag: W/"65dc6516-9ab8"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7368f0ad139592962f015c33a985f9114e12b422d986707d7986c1fc882b0151

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 90ms
25ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 06:33:36 GMT
x-content-type-options: nosniff
age: 320064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 06:33:36 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7493bc8f10ecb323c57fb310ad1c1ad920509bacfcaca6bb678b5a47e29fce3b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 80ms
31ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:37:39 GMT
x-content-type-options: nosniff
age: 402621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:37:39 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/ 428 KB
135 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137981
x-xss-protection: 0
server: cafe
etag: 12437356588311396475
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 25 Feb 2025 23:26:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 274 KB
93 KB 121ms
62ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MH37JX9F

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/common_co.min.js?t=d7f3a22ae4d19897c69aadb3b810c2b4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

633837b5c6b28911c276a3ec74d14808b4919cda54613aeab619530062973c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94982
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 22:34:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Feb 2024 23:28:00 GMT

GET
H2 200 fontello.css
www.offermate.us/fonts/fontello/css/ 4 KB
2 KB 87ms
85ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c1e0c28137c42797a894fe2267653af646136000fc5c53cb82c0f85971a1b45

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 12:26:42 GMT
content-encoding: br
expires: 31556926
last-modified: Mon, 26 Feb 2024 10:16:14 GMT
server: nginx
etag: W/"65dc64ee-1165"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 global.css
www.offermate.us/css/ 135 KB
20 KB 96ms
95ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/global.css?t=fe00c269099575e3aa287dbe0d4d0927
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 71382614005bd02120a7bc9a27d77dd2b10a629fd494e4d14182773993685756

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 22:04:56 GMT
content-encoding: br
expires: 31556926
last-modified: Mon, 26 Feb 2024 21:11:51 GMT
server: nginx
etag: W/"65dcfe97-21dec"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 homepage.css
www.offermate.us/css/ 12 KB
2 KB 97ms
96ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/homepage.css?t=11200a58e67dcbf2301f9017c7c250af
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 558ebce1d2b900ba52e06fc622d589c48f124dd79168903816d1fc7c7fdb3849

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 11:51:17 GMT
content-encoding: br
expires: 31556926
last-modified: Mon, 26 Feb 2024 10:16:56 GMT
server: nginx
etag: W/"65dc6518-3058"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 globalDefer.css
www.offermate.us/css/ 25 KB
5 KB 97ms
97ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/globalDefer.css?t=17b1e13d50f87cd979d4b260921bc0ef
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 165f3431cc9d44decf858da2227abcc9f2df705622c1448d9af2f1de97ae04b1

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 10:14:50 GMT
content-encoding: br
expires: 31556926
last-modified: Thu, 22 Feb 2024 07:16:38 GMT
server: nginx
etag: W/"65d6f4d6-6484"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache: HIT

GET
H2 200 google-play-badge-en.png
na.leafletscdns.com/us/img/google-btns/ 5 KB
6 KB 120ms
35ms Image
image/png 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/img/google-btns/google-play-badge-en.png
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 267b44d44ef568e0d7663211a7bf8737b286d82d0dd540b294ec1339ce4550cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: 31556926
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 12:45:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38568
cf-polished: origSize=6056
x-from-origin: true
x-proxy-cache: MISS
x-proxy-date-now: Monday, 26-Feb-2024 12:45:12 GMT
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:100,h2pri
last-modified: Mon, 26 Feb 2024 10:16:14 GMT
server: cloudflare
etag: W/"65dc64ee-17a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW6fVfAlp1IVLgxzUtlElV8Fr10ggHWN2JO69yJrroA34NyCCFoez6ECNRLwqIupa8lnNUF2VRqjMDFi0G4QGGRkVq%2Fz0X09Pwm7jt82D8t2EjWxYo%2FxlL5iMVA9NskHPJyyw7AM388bxqyobdLduGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf6444f1d4bbb-BUF
x-proxy-cache-type: 5

GET
H2 200 Badge-Black.svg
na.leafletscdns.com/us/img/huawei-btns/en/ 19 KB
6 KB 121ms
36ms Image
image/svg+xml 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/img/huawei-btns/en/Badge-Black.svg
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a521850a396d7f0d090d0beed72427558eccc10542f4b817bf430450876ce5a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Wed, 24 Jan 2024 05:30:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2915821
x-from-origin: true
x-proxy-cache-type: 5
x-proxy-date-now: Wednesday, 24-Jan-2024 05:30:59 GMT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Jan 2024 13:36:06 GMT
server: cloudflare
etag: W/"65afc0c6-4c9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAqK95WkPyFtPcUauvpDdzyPW1KecIEwm%2Bh%2Btm%2FuQPl1eSGHQNaVUSOl95c7F709luJKI4EeoBDbDBZvpcsfLKaAwaFQu4H7eB8lYV6d5rEqyGhq8qRSjJSkJ6DScNyj30hH3Emuo2wgfAll322UUCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf6444f1e4bbb-BUF
expires: 31556926

GET
H2 200 App_Store_Badge_en.svg
na.leafletscdns.com/us/img/apple-btns/ 11 KB
4 KB 121ms
37ms Image
image/svg+xml 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/img/apple-btns/App_Store_Badge_en.svg
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 12:45:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38568
x-from-origin: true
x-proxy-cache-type: 5
x-proxy-date-now: Monday, 26-Feb-2024 12:45:12 GMT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 26 Feb 2024 10:16:14 GMT
server: cloudflare
etag: W/"65dc64ee-2a34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=admBtkLKWJHvC8hDaFxmaqOnBaBj8s9Q3RaZMen3yjOlwr9n5Y26Q1mFlyENA%2Bubp8n%2BwEWenHeRNMiykhIs4grL6xgj58P3GJx1v36tl%2FnEcwmTGy6jnFKxiFAVW3owb52TZDcZ%2Bg%2FsSmfGEds1%2BJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf6444f204bbb-BUF
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/39/ 956 B
1 KB 443ms
358ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/39/logo_ss.webp?318c91f379f66e9affad73dcc9d0faef
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3d97d8e7618dc3fca098d51d9d6b6c604f23f49db9a5a7ef76ed91deff1ee5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 15:49:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uc8g%2F4UFHFqlASMKN5%2FjUtAwXviMaPgi%2FVQKw3s7a4a66vLUt83zLFAS%2FlnIFeDo1HLlDj7bDdez6Dkp%2BUJXQM3EabWCtDd4o3ppHbnQF4N32Bdm9n4bpG5XrSmCvK2uqATR4bbzxbg%2BBlpddLjkDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf6444f1c4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/224/ 976 B
1 KB 443ms
359ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/224/logo_ss.webp?158e702d18538fa20e4d9ee4020c3a99
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67452257f29300906697a38828f0b94afb9f90434788f1992d5858954502cd14

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 15:45:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxRHzO50mvKXmpTkEOulseXLZQ9OK7VppGDyXdTKCYsQE7MXp5VK%2BAcvqP4ZvnHZarcMtUJbBobdfbVtxpm0QLu963VwLCoRJH8focL3FSzijuo1OP14XAB76fSjd8IpIe%2FLcJzCg45PBZbdnVwa0Mc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf6444f244bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/240/ 866 B
1 KB 355ms
355ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/240/logo_ss.webp?158e702d18538fa20e4d9ee4020c3a99
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd05162afe4eb3d765898d2e9b81cb2691daee479e6b1d30f1e8f212e65af49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Jul 2022 00:07:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wD3PlKElbj13WOeCf6BxtiB8dpRAQe1XHUPj4%2BeZhyQz8r1%2BDxRTfpVOX3xuGxXuYCiCsht64SVejLKcRkR8MXXGpF%2Bn4Y4NGZxo2m5aInWrJqe03dWgUNjvHq3SACG1tob0dTJoLiF%2BvoJ9fJKP54A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf6446f2c4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/5/ 1 KB
2 KB 367ms
367ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/5/logo_ss.webp?318c91f379f66e9affad73dcc9d0faef
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbebeebff6cbc1b28a7777bb74e99f59bbf9fdee4459b013900731f3e75156ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 16:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tveGcu6UAuBCmwnwJlcSzOq8fCnJDiMLLhHw6Sd%2FsNtYNyCKmBQMP7OZFZXGT9MhSz6HBMrqA6l6TaYeIG8w4%2FPjt%2B9n4Gt8XmvFwJG8RLkZ%2BSwFYgQzM2Fy3lQWu%2FuKlgFKy4O5UOg4ZFYMybS9db0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf6446f354bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 0_s.webp
na.leafletscdns.com/us/data/39/89756/ 12 KB
12 KB 455ms
372ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/39/89756/0_s.webp?t=1708976151
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c7d23170b1c7c9f479019be27cf822bdd9352d821315ec852654ec923cc7a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Feb 2024 13:37:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCgkzmPo2sfaFiQXdPY5MkUaMFeHy0YysQHkhg4wqwYe2Bl0B9JHbv6NOI4%2B5hCKTePP%2BwRBSAkoEj3kuW2bW1aycuBxqoqoegRVKDVLvIm46WDLWbJGhQYgPjRU8CRnXpbjWN6anZmaASk443jjqOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 85bbf6444f224bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 11824
expires: 31556926

GET
H2 200 0_s.webp
na.leafletscdns.com/us/data/224/89735/ 15 KB
16 KB 532ms
449ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/224/89735/0_s.webp?t=1708960447
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41318df5dc8958b61e4460dcc848755a144f6d664e58c1b0b1779163d85573f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Feb 2024 09:36:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rehOsRfNKMSZ7UY143s8oXVDKuZZTqPAGTOmVFzjJkh5xjNHZy%2BBGeR1Xh990QHPv%2B158ESu6uzBaFtNyhwSOZIGhbvFq%2FUDjj4gQO9dxONlQEM6BCdW02TyQRKHrpBWzGP%2B7%2FxKk2odzDyetck%2Bhz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 85bbf6444f234bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15808
expires: 31556926

GET
H2 200 0_s.webp
na.leafletscdns.com/us/data/240/89732/ 14 KB
14 KB 444ms
443ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/240/89732/0_s.webp?t=1708960512
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 007395778d89fad6f9e3ce72d29109accf5363494d53d3927a6c2046f8bcdc28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Feb 2024 09:29:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgVZu4HTeyPDvhR%2Bs1zJbuuuDY1MNUGv%2BzwfYUAuAZi072pZjLvI%2BljXk6bewX8BsnhibZ5gUv3%2BJnIBodZi2rAo4zGqmwnmBQFB4zAYM4keJnk1WZT2oc4IRUGqcYAEj4VsHYBodK4yN7iqd1LiMEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 85bbf6446f364bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 14018
expires: 31556926

GET
H2 200 0_s.webp
na.leafletscdns.com/us/data/5/89723/ 13 KB
13 KB 446ms
446ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/5/89723/0_s.webp?t=1708957197
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4df0af34bb671470996af5c264f78c2f0a351850a608965fd313bca63b971ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Feb 2024 06:59:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UjFgBhUrEv8eLOhsofKQ4F7bo%2Fi9b5icYvCoDTlNnMK9lDL2NjqnkUeb6qDjo%2FM02pOJ413YOF39mKzPCk1vU%2B2n4i3q2epGV0YBcHXbHBkbvUozgLoI5LvVsUrMEK67oPjrvbqIqtEGc4vSLQdGos%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 85bbf6446f374bbb-BUF
alt-svc: h3=":443"; ma=86400
content-length: 13162
expires: 31556926

GET
H2 200 / Show response
www.offermate.us/ajax/get-menu-items/ 6 KB
4 KB 86ms
86ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/ajax/get-menu-items/

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

e65e14feb4cad3907737e95ed4f953712aa39a74698b4837c5071981439e2b71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: F9vXar8gp5J9ME1_c7atmB2A6gSrzQkaclCFFFl2lVhQr7Mc4GTToyJVAxQc8cTMT-KMMtiKZHc5OsssFQ-mPA==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Feb 2024 23:28:00 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 26 Feb 2024 22:58:52 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
content-length: 2459
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 22:58:52 GMT
server: nginx
x-upstream-server: letakomat-frontend-all-5dfd6df9b-ztptt
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
dynamicurl: ajax/get-menu-items/
x-proxy-cache-type: a30m

GET
H2 200 27957108 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 122ms
63ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/27957108?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40c0937c1d34358e28a9825afd8588386a40bead44fa1e7d147ecea98cf0d085

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b1BX5J4mQCeTKkFAN3OGGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-b1BX5J4mQCeTKkFAN3OGGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPR8PeL-vYBA7MXviICQCVgUOo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontello.woff2
www.offermate.us/fonts/fontello/font/ 9 KB
9 KB 87ms
87ms Font
application/octet-stream 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/fonts/fontello/font/fontello.woff2?51555792
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bdee25441d23d999ce7010694fcaf06b184e8ed8b21393af67ce1b31d96637e

Request headers

Referer: https://www.offermate.us/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: 31556926
date: Mon, 26 Feb 2024 23:28:00 GMT
x-proxy-date: Mon, 26 Feb 2024 12:30:49 GMT
x-proxy-cache: HIT
x-from-origin: true
x-proxy-date-now: Monday, 26-Feb-2024 23:28:00 GMT
content-length: 9176
last-modified: Mon, 26 Feb 2024 10:16:14 GMT
server: nginx
etag: "65dc64ee-23d8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache-type: s24h

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G1-1&gcd=13l3v3l3l5&rnd=1322052668.1708990081&url=https%3A%2F%2Fwww.offermate.us%2F&dma=0&npa=0&gtm=45He42l0n91MH37JX9Fv9166450603za200&auid=1903580459.170...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G1-1&gcd=13l3v3l3l5&rnd=1322052668.1708990081&url=https%3A%2F%2Fwww.offermate.us%2F&dma=0&npa=0&gtm=45He42l0n91MH37JX9Fv9166450603za200&auid=1...

42 B
588 B

51ms
41ms

Ping
image/gif

2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G1-1&gcd=13l3v3l3l5&rnd=1322052668.1708990081&url=https%3A%2F%2Fwww.offermate.us%2F&dma=0&npa=0&gtm=45He42l0n91MH37JX9Fv9166450603za200&auid=1903580459.1708990081

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G1-1&gcd=13l3v3l3l5&rnd=1322052668.1708990081&url=https%3A%2F%2Fwww.offermate.us%2F&dma=0&npa=0&gtm=45He42l0n91MH37JX9Fv9166450603za200&auid=1903580459.1708990081
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 63ms
62ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BJSLJRYJJN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH37JX9F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e9903e27296ef268141ce06123081f59494518457c8124694a55bb1aeef5be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92479
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Feb 2024 23:28:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 217ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH37JX9F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

45396b8359112c614d4aab3fcb716deaabc47e477078f675d7bf69f5791c8f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 26 Feb 2024 23:28:00 GMT
last-modified: Thu, 22 Feb 2024 21:00:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 269D05FA765C4BC88EBE76A146E18555 Ref B: EWR311000101053 Ref C: 2024-02-26T23:28:00Z
etag: "0adee36d265da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13197

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 62ms
61ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-868040956&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MH37JX9F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dff00c0fcfdccce517df71da9f82a4f3c8dd0f8a29f1c8f61f17a2ebde751b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75043
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 22:34:15 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Feb 2024 23:28:00 GMT

GET
H2 200 AGSKWxWT_vLrMt3WgqsIrjULf11mYtD5gblnXjENTfPSj6jpDTmsxe-zXK8FD6wbj_LxszPfavI8gOHUNsLCwhqdZ2w_9lruu54xuvlrkrrhXnPej1i0Qhm7e7mY-7WHR9FJRxjZrt1CcQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 68ms
68ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWT_vLrMt3WgqsIrjULf11mYtD5gblnXjENTfPSj6jpDTmsxe-zXK8FD6wbj_LxszPfavI8gOHUNsLCwhqdZ2w_9lruu54xuvlrkrrhXnPej1i0Qhm7e7mY-7WHR9FJRxjZrt1CcQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTkwMDgwLDg2OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cub2ZmZXJtYXRlLnVzLyIsbnVsbCxbWzgsInNQT2lmTWNfcGFJIl0sWzksImVuLVVTIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyMTQ0OCw5NTMyNTk5MV0sbnVsbCw3XSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c177fd4a2905b3c84b1287512f9cf2d2064ca951264f04e5c5a4da0fb012b393

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NhBoDFbbvGWfkCAm0vPmxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NhBoDFbbvGWfkCAm0vPmxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsGoxSXF4KAhxbCIfxfTeac7TNeB-KLKU6abQFzL8IypFYgfhD9jegHEBhrPmSyAmPHPCyZOIH735SUTz9eXTBJArAHE7yRfMX0D4h0-Hix866azqgCx7vrprKFAHPN8OmsKEC9mncG6Goid0mewBgHx58wZrL-B2Kd-BmsMEJuuPM9qC8RCPBwNe7-sYxNYcXPCVmYAc8FE8g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 452 KB
137 KB 1126ms
1125ms Fetch
text/plain 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995549775612014&correlator=2044515998848341&eid=31080116&output=ldjh&gdfp_req=1&vrg=202402200101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=27957108%2Clet_us_global%2Cus_global_interstitial%2Cus_global_anchor%2Clet_us_home%2Cus_all_rightup%2Cus_all_mid%2Cus_desk_sidebar_left%2Cus_desk_sticky&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F4%2F5%2C%2F0%2F4%2F6%2C%2F0%2F4%2F6%2C%2F0%2F4%2F6%2C%2F0%2F4%2F6%2C%2F0%2F1%2F7%2C%2F0%2F4%2F8&prev_iu_szs=1x1%2C1x1%2C728x90%7C750x100%7C750x200%7C970x90%7C970x250%2C336x280%7C728x90%7C750x100%7C750x200%7C750x300%7C970x90%7C970x250%7C970x300%2C336x280%7C728x90%7C750x100%7C750x200%7C750x300%7C970x90%7C970x250%7C970x300%2C336x280%7C728x90%7C750x100%7C750x200%7C750x300%7C970x90%7C970x250%7C970x300%2C336x280%7C728x90%7C750x100%7C750x200%7C750x300%7C970x90%7C970x250%7C970x300%2C120x600%2C300x600&ifi=1&sfv=1-0-40&ists=256&fas=8%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1708990080901&lmt=1708990080&adxs=-9%2C-9%2C376%2C572%2C572%2C572%2C572%2C80%2C1245&adys=-9%2C-9%2C167%2C1317%2C2096%2C2845%2C3564%2C167%2C167&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C1%7C2%7C3%7C4%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.offermate.us%2F&vis=1&psz=0x-1%7C0x-1%7C970x270%7C970x320%7C970x320%7C970x320%7C970x320%7C170x620%7C300x620&msz=0x-1%7C0x-1%7C970x250%7C970x300%7C970x300%7C970x300%7C970x300%7C170x600%7C300x600&fws=2%2C2%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=0%2C0%2C1000%2C1000%2C1000%2C1000%2C1000%2C1600%2C1600&ga_vid=1848573309.1708990081&ga_sid=1708990081&ga_hid=831320968&ga_fc=false&dlt=1708990080335&idt=287&prev_scp=%7C%7Crepetition%3D1%7Crepetition%3D4%7Crepetition%3D4%7Crepetition%3D4%7Crepetition%3D4%7Crepetition%3D1%7Crepetition%3D1&cust_params=ts%3Dot&adks=3511635576%2C1428740552%2C1556417377%2C3832428842%2C3832428843%2C3832428844%2C3832428845%2C2378431352%2C1173781178&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03bf1977f857000a7f2498c2e2bbf35449bcc0bfe7af5401d746115b2dd91d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,587585,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140393
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-1,-2,-1,-2,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-1,-2,-1,-2,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BDA 6 KB
3 KB 125ms
41ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:01 GMT
expires: Tue, 25 Feb 2025 23:28:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/ 46 KB
15 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51cedd78bb282a5680c39864d40c404bbb049b02d4fc854adfd4d4f97bb21607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11030
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15022
x-xss-protection: 0
server: cafe
etag: 12039705104838093267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 25 Feb 2025 20:24:10 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/ 2 KB
2 KB 108ms
51ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/?random=1708990081000&cv=11&fst=1708990081000&bg=ffffff&guid=ON&async=1&gtm=45be42l0z89166450603za201&gcd=13l3v3l3l5&dma=0&tcfd=14I44&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.offermate.us%2F&hn=www.googleadservices.com&frm=0&tiba=Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!&npa=0&us_privacy=1---&gdpr=0&gdpr_consent=tcempty&pscdl=noapi&auid=1903580459.1708990081&uamb=0&uaw=0&data=AdBlock%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-868040956&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e07cadd301a175ce4f3d9d3160af811715461acb2050e9a9b057937c76bef06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
246 B 110ms
39ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BJSLJRYJJN&gtm=45je42l0v888987118z89166450603za220&_p=1708990080546&_gaz=1&gcs=G1-1&gcd=13l3v3l3l5&npa=0&dma=0&tcfd=14I44&cid=1848573309.1708990081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708990081&sct=1&seg=0&dl=https%3A%2F%2Fwww.offermate.us%2F&dt=Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!&en=page_view&_fv=1&_ss=1&ep.pageGroup=site%2Findex&ep.adClickId=&ep.userLogged=0&ep.adBlock=0&tfd=1374
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BJSLJRYJJN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 101ms
38ms Ping
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BJSLJRYJJN&cid=1848573309.1708990081&gtm=45je42l0v888987118z89166450603za220&aip=1&dma=0&gcs=G1-1&gcd=13l3v3l3l5&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BJSLJRYJJN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 27016625.js Show response
bat.bing.com/p/action/ 1 KB
841 B 44ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27016625.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

13507628fbddf9166fc956aa7b04493d42fd735960378fd8da3ac8768cbfab6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 26 Feb 2024 23:28:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2E1ACF1AC9F44C89A2458CD26334BC3 Ref B: EWR311000101053 Ref C: 2024-02-26T23:28:01Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
361 B 69ms
68ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27016625&tm=gtm002&Ver=2&mid=fe1238c5-a3f6-4599-803c-250b7438c922&sid=ae932ad0d4fe11eeb4fd17df7eecae31&vid=ae935350d4fe11ee87da51a811825bb3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Offermate.us%20%7C%20Weekly%20Ads,%20Deals%20and%20Sales%20Ad%20Preview!&kw=Latest%20special%20offers,%20offermate.co.uk,%20special%20buys,%20special%20offers,%20catalogues,%20weekly%20ads,%20weekly%20offers&p=https%3A%2F%2Fwww.offermate.us%2F&r=&lt=885&evt=pageLoad&sv=1&rn=513353

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Feb 2024 23:28:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DD0F4AD65424139BAAC7FB798971B1F Ref B: EWR311000101053 Ref C: 2024-02-26T23:28:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 27016625 Show response
bat.bing.com/p/insights/t/ 724 B
933 B 53ms
53ms Script
application/x-javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/27016625

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/27016625.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dfaa89a4fdeb4182fb62b6f8fdfd670be064c5d2a9152fefcd56bf0dfa4c653b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 26 Feb 2024 23:28:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E1010F4F657148059337E0B5DE2E39BA Ref B: EWR311000101053 Ref C: 2024-02-26T23:28:01Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
x-azure-ref: 0gR7dZQAAAAD5tFu9QX1ySb6zWVQ9xWtYQk4xQUEyMDUxMDIxMDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control: no-cache, no-store
content-length: 614
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 /
www.google.com/pagead/1p-user-list/868040956/ 42 B
108 B 41ms
40ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868040956/?random=1708990081000&cv=11&fst=1708988400000&bg=ffffff&guid=ON&async=1&gtm=45be42l0z89166450603za201&gcd=13l3v3l3l5&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.offermate.us%2F&frm=0&tiba=Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!&npa=0&gdpr=0&gdpr_consent=tcempty&data=AdBlock%3D0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqNk7EpXuitzI09iBHDL6nJ3ar-_bjlQ&random=3410891664&rmt_tld=0&ipr=y

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.7.20 Show response
bat.bing.com/p/insights/s/ 34 KB
12 KB 47ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.20

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/27016625

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 26 Feb 2024 23:28:00 GMT
x-azure-ref-originshield: 0xL3cZQAAAAATZx3/91ljSaDPQgDfjIXSTU5aMjIxMDYwNjEyMDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
content-length: 12044
last-modified: Wed, 24 Jan 2024 14:34:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 696C3DD3229045A69DB2D071AD5316FF Ref B: EWR311000101053 Ref C: 2024-02-26T23:28:01Z
etag: "0x8DC1CE988AFCDA8"
x-azure-ref: 0gR7dZQAAAAD2iumCXTlARbUU+Udfn3T5Qk4xQUEyMDUxMDIxMDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8ffc3687-901e-0026-75d1-6866c3000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 123ms
66ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

826b1c23af12cfeb4bf433addfe82fa96d0f608c2fc336957a979afd674528a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12314
x-xss-protection: 0

POST
H2 204 o Show response
bat.bing.com/p/insights/c/ 0
211 B 71ms
71ms XHR
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/o

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Feb 2024 23:28:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AA85FAAC3965450787A8306221517D50 Ref B: EWR311000101053 Ref C: 2024-02-26T23:28:01Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://www.offermate.us
access-control-allow-credentials: true
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 152ms
44ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 23:28:01 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B41 13 KB
5 KB 27ms
24ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 11964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 20:08:37 GMT
expires: Tue, 25 Feb 2025 20:08:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE09 829 B
560 B 43ms
43ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3df21c12cc30ffaee7051dc2a30708bd1b4dbcb1a7ecda761655130633b10319

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IEGhJ87H6WNaYU0DrSqTXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IEGhJ87H6WNaYU0DrSqTXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:01 GMT
expires: Mon, 26 Feb 2024 23:28:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B41 39 KB
15 KB 79ms
26ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:08:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Feb 2025 20:08:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FE09 0
0 119ms
82ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402200101&jk=1995549775612014&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3 200 xads.js Show response
fundingchoicesmessages.google.com/f/AGSKWxX7pcYhVoInulUM9PvI_3LADkWAmZgNPag6Rf_HnSV8xR7_YP9UE4w3aKksRteTASstR9H-d2b3WM7PBBt_69SWABksNxPh580Szeua9ExTPTwIfP4dtzuXIng2VVjTyvgqyPo-IQDxsGC7aoTM_f5h7SUK5... 54 B
109 B 51ms
49ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX7pcYhVoInulUM9PvI_3LADkWAmZgNPag6Rf_HnSV8xR7_YP9UE4w3aKksRteTASstR9H-d2b3WM7PBBt_69SWABksNxPh580Szeua9ExTPTwIfP4dtzuXIng2VVjTyvgqyPo-IQDxsGC7aoTM_f5h7SUK5ROqenXl-1--RdYtzk06hLBUAx7skp-J/_/video_ad_-300x100ad2.-api.adyoulike.com/oas_mjx3./xads.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxb0iEu73VBukPBvXN_NXSR2nwuaw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

762308075b254ce3ff7c4c2561387aeaba35d05bbdede4f29b42b33cd38ab510

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oip1JvONrFR0QJOelF8_kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-oip1JvONrFR0QJOelF8_kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPR-PeL-vYBCbs-bmcCQCPhkOt"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 59ms
32ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 22:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 22:13:49 GMT

POST
H3 204 AGSKWxUfHWO1dmN3CUwi5U5OIJla5GynhVLEmWasNgnvGHX8Bo_zxRPQnmVp9vn2HhmRKJHw5wYJX4IwxBv3c9Q0t0qCXdyetddSce1xJ52mPSuNWkonW-Jx813VhlDb-Bj_Pa_r3wJZqg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 106ms
53ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUfHWO1dmN3CUwi5U5OIJla5GynhVLEmWasNgnvGHX8Bo_zxRPQnmVp9vn2HhmRKJHw5wYJX4IwxBv3c9Q0t0qCXdyetddSce1xJ52mPSuNWkonW-Jx813VhlDb-Bj_Pa_r3wJZqg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VNAtBH-kravjk7FOH0bAnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VNAtBH-kravjk7FOH0bAnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4Wjc-2Udm8CDCVMPMgEARA4Vbg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offermate.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUfHWO1dmN3CUwi5U5OIJla5GynhVLEmWasNgnvGHX8Bo_zxRPQnmVp9vn2HhmRKJHw5wYJX4IwxBv3c9Q0t0qCXdyetddSce1xJ52mPSuNWkonW-Jx813VhlDb-Bj_Pa_r3wJZqg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
51ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUfHWO1dmN3CUwi5U5OIJla5GynhVLEmWasNgnvGHX8Bo_zxRPQnmVp9vn2HhmRKJHw5wYJX4IwxBv3c9Q0t0qCXdyetddSce1xJ52mPSuNWkonW-Jx813VhlDb-Bj_Pa_r3wJZqg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k0RoShNmsck1tab_dfnctQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-k0RoShNmsck1tab_dfnctQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4Wjc-2Udm8CGDc8OMAEAR7kVvQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.offermate.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUfHWO1dmN3CUwi5U5OIJla5GynhVLEmWasNgnvGHX8Bo_zxRPQnmVp9vn2HhmRKJHw5wYJX4IwxBv3c9Q0t0qCXdyetddSce1xJ52mPSuNWkonW-Jx813VhlDb-Bj_Pa_r3wJZqg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 52ms
52ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUfHWO1dmN3CUwi5U5OIJla5GynhVLEmWasNgnvGHX8Bo_zxRPQnmVp9vn2HhmRKJHw5wYJX4IwxBv3c9Q0t0qCXdyetddSce1xJ52mPSuNWkonW-Jx813VhlDb-Bj_Pa_r3wJZqg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mTxvFHK-HS4tYZD4RJ8Bsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mTxvFHK-HS4tYZD4RJ8Bsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmII1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4Wjc-2Udm8CMb1fOMgEASN8V6Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offermate.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUfHWO1dmN3CUwi5U5OIJla5GynhVLEmWasNgnvGHX8Bo_zxRPQnmVp9vn2HhmRKJHw5wYJX4IwxBv3c9Q0t0qCXdyetddSce1xJ52mPSuNWkonW-Jx813VhlDb-Bj_Pa_r3wJZqg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 50ms
50ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUfHWO1dmN3CUwi5U5OIJla5GynhVLEmWasNgnvGHX8Bo_zxRPQnmVp9vn2HhmRKJHw5wYJX4IwxBv3c9Q0t0qCXdyetddSce1xJ52mPSuNWkonW-Jx813VhlDb-Bj_Pa_r3wJZqg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uyLCzn3wJE0CTWu_7Mukaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uyLCzn3wJE0CTWu_7Mukaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4Wjc-2Udm8CHJevOMgEARvcVwA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offermate.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVFM5UrQ0obqFyB2nGFNv5oJZeHV2boPxX06TFWETrwXCf3i7go_5G4Pql841KVSjk9eZdBdW_r5iRoMThmt29cOlOkLkkeiKK-nQKEH5DX6RPHtxeXkGlLOZmhiK19yWrCr85Z1g== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 62ms
61ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVFM5UrQ0obqFyB2nGFNv5oJZeHV2boPxX06TFWETrwXCf3i7go_5G4Pql841KVSjk9eZdBdW_r5iRoMThmt29cOlOkLkkeiKK-nQKEH5DX6RPHtxeXkGlLOZmhiK19yWrCr85Z1g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTkwMDgxLDY3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm9mZmVybWF0ZS51cy8iLG51bGwsW1s4LCJzUE9pZk1jX3BhSSJdLFs5LCJlbi1VUyJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjE0NDgsOTUzMjU5OTFdLG51bGwsN10iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

952a8cc80146284f4c5938946ee0004f5abb583bbffdac34a90308afa524977d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-I5ugWSP7T-Cf9NIU_u9sbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-I5ugWSP7T-Cf9NIU_u9sbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPR-PeL-vYBE786bvCBACNoUPi"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3B41 0
10 B 24ms
24ms Image
text/plain 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xHgigw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 AGSKWxWl8PYjzs0LLEANlhqFgMQhScj08e1ZwhOTnTOnNSaREW1HkbJ1I0moua4-LprwwLy-icpsPRTYSOJTdQiM1XNXa3SvZEe4SepM_Ua1izeZSzcwo_W4PtbDt9eBLrmqrk6z_R_4tg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
60ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWl8PYjzs0LLEANlhqFgMQhScj08e1ZwhOTnTOnNSaREW1HkbJ1I0moua4-LprwwLy-icpsPRTYSOJTdQiM1XNXa3SvZEe4SepM_Ua1izeZSzcwo_W4PtbDt9eBLrmqrk6z_R_4tg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTkwMDgxLDczODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm9mZmVybWF0ZS51cy8iLG51bGwsW1s4LCJzUE9pZk1jX3BhSSJdLFs5LCJlbi1VUyJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjE0NDgsOTUzMjU5OTFdLG51bGwsN10iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b99aa4dfb6365b95ec7f7091cf0e039143258fd6427bb196be848546b0b0fd1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OMadKpRoXTi-cUb4xohKbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-OMadKpRoXTi-cUb4xohKbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4KYhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8_UlkwQQawDxO8lXTN-AeIePBwvfuumsKkCsu346aygQxzyfzpoCxItZZ7CuBmKn9BmsQUD8OXMG628g9qmfwRoDxKYrz7PaArEQD0fj3i_r2AQads__wgQAvn9InQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWqNevMVp6cB67YCBTywZIqiH619TiQ0P-w0YCIzGlU5Ee94BL0BD79xYpwPGuAzU6YhXumEMvzMr0ij-Sw7wqbXGoEElaxYqm3bLROB0bFvmSMS1djeycBOGOuLcH93zUIATA4xg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 67ms
66ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWqNevMVp6cB67YCBTywZIqiH619TiQ0P-w0YCIzGlU5Ee94BL0BD79xYpwPGuAzU6YhXumEMvzMr0ij-Sw7wqbXGoEElaxYqm3bLROB0bFvmSMS1djeycBOGOuLcH93zUIATA4xg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4OTkwMDgxLDgwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cub2ZmZXJtYXRlLnVzLyIsbnVsbCxbWzgsInNQT2lmTWNfcGFJIl0sWzksImVuLVVTIl0sWzIwLCJbbnVsbCxudWxsLFs5NTMyMTQ0OCw5NTMyNTk5MV0sbnVsbCw3XSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba677be4778620477ac3242a7a992a6fd026f00e4ca3e186974d195578843b12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HioInZBNZna0Wb0PWj2HYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-HioInZBNZna0Wb0PWj2HYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KIhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPR-PeL-vYBBoaFkxjBgCL3kL2"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUCTcyDgbd8HCx1YS7n2zsBe8l1by3YLbty7OtGIL2o6IKOqdpG2RvsaZ3SCM6WX9mUk3ZfR3BBmCYYTRPNF8sAVf44hZNQ0r2US2yERqYvC2bdTRv-_Xm6RKgV9-tz8GkoCd2Kmg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 49ms
48ms XHR
text/html 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUCTcyDgbd8HCx1YS7n2zsBe8l1by3YLbty7OtGIL2o6IKOqdpG2RvsaZ3SCM6WX9mUk3ZfR3BBmCYYTRPNF8sAVf44hZNQ0r2US2yERqYvC2bdTRv-_Xm6RKgV9-tz8GkoCd2Kmg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0KwskjClYRCnH-I-sf1m8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Feb 2024 23:28:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0KwskjClYRCnH-I-sf1m8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi4Wjc-2Udm8CHzb_WMwMASBIV_w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.offermate.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF95 6 KB
3 KB 25ms
24ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:01 GMT
expires: Tue, 25 Feb 2025 23:28:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F3E 6 KB
3 KB 25ms
24ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:01 GMT
expires: Tue, 25 Feb 2025 23:28:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B5F 6 KB
3 KB 25ms
24ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:01 GMT
expires: Tue, 25 Feb 2025 23:28:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9CD 6 KB
3 KB 25ms
24ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:01 GMT
expires: Tue, 25 Feb 2025 23:28:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7716 6 KB
3 KB 25ms
24ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:01 GMT
expires: Tue, 25 Feb 2025 23:28:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 40ms
38ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BJSLJRYJJN&gtm=45je42l0v888987118z89166450603za220&_p=1708990080546&gcs=G1-1&gcd=13l3v3l3l5&npa=0&dma=0&tcfd=14I44&cid=1848573309.1708990081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sid=1708990081&sct=1&seg=0&dl=https%3A%2F%2Fwww.offermate.us%2F&dt=Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!&_s=2&tfd=2514
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BJSLJRYJJN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 517B 14 KB
1 KB 41ms
40ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 22:50:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 23:28:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 517B 2 KB
822 B 25ms
25ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:01:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 517B 23 KB
9 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:01:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 517B 3 KB
1 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 16:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 16:32:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 517B 20 KB
8 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 13:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 13:34:47 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 517B 204 KB
61 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 00:25:45 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 517B 36 KB
15 KB 86ms
27ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 May 2024 07:49:02 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame CF95 22 KB
9 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9139
x-xss-protection: 0
server: cafe
etag: 14231659491099539135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:01:07 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CF95 205 B
296 B 87ms
34ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:43:19 GMT
x-content-type-options: nosniff
age: 402283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Feb 2025 07:43:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CF95 604 B
920 B 86ms
33ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 06:33:36 GMT
x-content-type-options: nosniff
age: 320066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Feb 2025 06:33:36 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 701C 645 B
568 B 58ms
57ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQ6t2eAhjY4uXzATAB&v=APEucNUXa3Of0fs5NFR4s7Ya-A1xSqFSbKDpjKOBWi--KdKCFC1tBIK6OHNnm-DzcpsXnafjhTqBqiw-H6fQUD6thqfWr4eQL-Xo7oyQDFIjAPVGdZh1d2k

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:02 GMT
expires: Mon, 26 Feb 2024 23:28:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9F3E 111 KB
39 KB 105ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Origin: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Feb 2024 14:11:17 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame 9F3E 8 KB
3 KB 94ms
93ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:01:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 9F3E 23 KB
9 KB 90ms
90ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:01:02 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F3E 41 KB
14 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 13:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:35:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 9F3E 3 KB
1 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 16:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 16:32:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 9F3E 20 KB
8 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 13:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 13:34:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F3E 42 B
63 B 90ms
89ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-OFaPRoHpIbyhol-vOfmDC6wGKMsZdJ9YaoMyX3o80YpITzo8bz6lJdzfcNiy-6hv_-q8eiRj79EKQVyoBqphzNxmwSfEfWqsluKcOj7Ps4YS2-A

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9F3E 204 KB
61 KB 30ms
30ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 00:25:45 GMT

GET
H2 200 npfm.js Show response
c.pm-serv.co/ Frame 0B5F 110 KB
38 KB 173ms
49ms Script
text/javascript 23.200.88.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pm-serv.co/npfm.js?cid=8CURV5257&ydspr=1
Requested by: Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-30.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 53845dcb324e0cfd0528d20d6bc39fb58af2750126c0df3feb240b80dc4c896c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-mnt-h: 22-s1v0
content-encoding: gzip
date: Mon, 26 Feb 2024 23:28:02 GMT
server: Apache
etag: "fb42b2c49086ead16d8ffad0eb75fed6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-5h9m
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 38699
expires: Mon, 26 Feb 2024 23:33:02 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame 0B5F 72 KB
25 KB 113ms
31ms Script
application/javascript 23.58.90.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-58-90-38.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Mon, 26 Feb 2024 23:28:02 GMT
x-guploader-uploadid: ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Tue, 27 Feb 2024 00:28:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 0B5F 3 KB
1 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 16:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 16:32:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 0B5F 20 KB
8 KB 30ms
29ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 13:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 13:34:47 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0B5F 24 KB
6 KB 33ms
31ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 05:43:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 24 Feb 2025 05:43:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0B5F 204 KB
61 KB 32ms
30ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 00:25:45 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F178 645 B
516 B 65ms
61ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjw-oSAAjAB&v=APEucNVS2XYgeUoXh-QVag55V7p7PMWYPawF_bZ9GlicMRTBcIIDJiw7LrsSBLhGMjyRTRWVsO0sJdox8CsUUEMQUEd-2_XZIlrpz-fV8piLzcQ9VQHEF0o

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:02 GMT
expires: Mon, 26 Feb 2024 23:28:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B9CD 93 KB
33 KB 78ms
75ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 26 Feb 2024 23:28:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9CD 42 B
63 B 85ms
83ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8qDopB3eWMIk5UZllqMKEgacVzWFs2k_yKwga6lx9P_wOaU8f07ZP4elivGyxH4wos4Iw2xPYROGvLW_vXzhn95Y66Tkfp_C6LZKFNOjfVp8kQbU

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame B9CD 3 KB
1 KB 33ms
31ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 16:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 16:32:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame B9CD 20 KB
8 KB 31ms
28ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 13:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 13:34:47 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B9CD 204 KB
61 KB 37ms
34ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 00:25:45 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 75A2 645 B
518 B 63ms
61ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjF_Y3eATAB&v=APEucNUq4I6YgNN45NFm7KoMfcB-hd-hH7HN7NFYQ0w2z4kKyO5KS3HzzXNJG2Y7BSBeRbd2o1koW_YiSw-cen9Hso21UGq6KFOhnX47qS5wGBwKFKtVcdM

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:28:02 GMT
expires: Mon, 26 Feb 2024 23:28:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 7716 23 KB
9 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8988
x-xss-protection: 0
server: cafe
etag: 12564770436581814922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:01:02 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/ Frame 7716 8 KB
3 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:01:03 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 7716 0
0 189ms
98ms Fetch
image/gif 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstzE8za95qt2oY_JajSsvNd0E9SPJt-5rygOD0MYQHPj_OgXW-3WwD_yroVesXDaLkcdOvhh0q1p6T_vGijDbphzi4ihYY9AZy4nPG0J16BNG9NNvFIWDBbeuxO4NQabG2ORf8rAywoeEcfkjtE9fW3vuLUo4lT2mhNvZ9Kgggya3V5j0U-m7zY8E-FI6g_Uu9jfPpWsCVw76w1q1Rquu-DzAmWJQwfCWMzGdCxu68M4V6PqPFsjQ8GbOgCC2dowc9CpxEOGjN7LuTCucIspuCPH1xOu79hJ1rRVtX8nXw8yiqff0GM9Ep9NiKDNgXuttHCzE0QckKLZ102nNYVaXeCQQC2PmiYyXm4_2wWZ87tV7pvPJhxgzNNGyujrC8SiH1mWAK7Ntnrq4un3yiFCo1htDOD2boexhsUdtTkK_yJd-J2Mo7aFBo-zRlAhKNhf9BTaa7BRPOiVBMuOk7Tl2xII_UveBUndrmswzcu-A_bD_MVMYJd3m0x7vF7qKPkc15l3zOiEfUNrNKF4gqg3D1TptIlMkx_9D1wzbHouKaQCpKsXw1UFRFqIYhgAFjaVetPCWfTO39JUQQ9RQYF97-Xz9fqlhuhF1SVkgYHz3H0nNxoUlTArT7_C8wbK-pXZJacSE5-WI0xAGf77OdaChmAKmy4iOAEiuGgSKJIAnYr7rWsOTzSB4b-Xj0JN55nUP6YYnToIYZxPGj9hZdfehyndYKtO-Psxl_kXtVg060rODl3EpIr-_RxBm10QLgQ7vLEQeQCmvdYNfwT54q6LbwKcwqiMnpvZF8JC3r2DjF1WcBSLRNjtGlAT2--BZW82k5FxjVWdgabhkA2af2pT4MT1G287gDK5jlTkG3gHUecNluf6ujyVWOgHiCvU9Bpg3zBVSJGnUrX9d5QxmaJYhZ5L6vUQ4QVGHEsLq6tXo-xKGHCUSM8R3x52E4o2PCHi81jrY1MtAdTV6DKK8UyIUTKwNzU5vT7rXTbQfHL2VlZoxpsMENu77C-LEwjPa367PBVFto5sPARNiUj_9mfyMT-AVvcdhGLwMRk_VowgjAURvKaMq56wTbl44icAzKWErPbIrsy60CcWrq4xGdluMWNcPkaEBTJFEhHJfX3GgbQJtQTAbvZ3TxXnFbJPWX3uKXCPi3vGg_EDWpmQ_y10mM-yMqdxlO70ril5NoI4DlWMB-uUj3fTNCmvXfr6rebPLEoI9tyiVMWyWi9bNL-Ln82qk4kNRrT8Zxt6dodC54UpZdvACteC8X--aJP1-LP675J5DSyeg4zWC7yJ9dGxgVS26_nrE-p_o4YrmY3GK_RRFeT8qVjA5be48TzRdamOKwgC6O3zHnwUCKDY5_T7mS4iDXXFD1p8WyCU3apHbOyzC1_VktoYCvFDDGZlarIci5E8Xx0c9Vi1Z8ILpf4nq-moKj3CgI-CtNwAB8-M-dJfbUBVs1DAA&sai=AMfl-YTwUB6mxdZf6NNeX0znuoiihrFIvcAUOq8e77tbwwMNpnMCdzpM0-oZf7-L1RQEiKl5OCHGOtMNjkV85nG-JTRdGGQPLSbk30eRO-2MI1RkX2dZH4Bj_XvZHALAC5m2HjHChj3mTvKiE1vL6D6b9OtgtxRGjcHKvbuKe_piLTsohYlGetfjyfCb-XCB6N9piXYsqTRw3KMcmfrYobaPAGIR2anLflHqOhoZpjvtjOuSAV9L70RioteGgg1VwX1NQXuym3VU9yiaG45oDXG7Bgc6Maiq1114J43_tpKKROzOA-OTD4nLjCI8f38NOJZfX6Il28YHrhRLnmLY8o-psyonlpJ7BpxjwH14SQbpjCtWWtZWuWTtWRCgKWKPgu2dUwxNKZ500AKtnXNu0HtaoqPbzTJxy_DdTaQdqy-ZWvOckf4E1RmwDCl0lhrLadx5SD-auetmqeSeTFhPnIY57PjqSKmHOU8YuQBRlmYnw4W51atMnWC1vnijFHh0PsaWVQ8aHA&sig=Cg0ArKJSzDYI647BFOhfEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zZXBob3JhLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240221.92514&arae=0&ftch=1&adurl=

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 26 Feb 2024 23:28:02 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7716 41 KB
14 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 13:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:35:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7716 3 KB
1 KB 32ms
32ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 16:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 16:32:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 7716 20 KB
8 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 13:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 13:34:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7716 42 B
63 B 87ms
86ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfJc6pVv9Ph-DThb9k55bEaDNVz7aASdmr9_uiK_hfOMAz9woMQG8Poo4byQEpxQ3lfA06bMtkRStjYPZBErjhoEHPwBg2JinxILD0Ls9iyYB4LOE

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7716 204 KB
61 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 00:25:45 GMT

GET
H2 200 3284683000747024652
s0.2mdn.net/simgad/ Frame 7716 146 KB
146 KB 84ms
22ms Image
image/gif 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3284683000747024652

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ae080fe6f525f1c24ac4a6029c3cdf9d5166539e0577ae7c79dacc3a45169b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 08:00:46 GMT
date: Thu, 22 Feb 2024 08:00:46 GMT
x-content-type-options: nosniff
age: 401236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149178
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 01:57:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
87ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402200101&jk=1995549775612014&bg=!W1ilWBfNAAZ3BdUuVwU7ADQBe5WfOLzbpRF0zRDGydg8rEdLQ4oMHKGpv-5eEfgEQvSvftu8hD51bFBnwkydHynwRCPzAgAAAEJSAAAAAmgBBwoAYur6BffaaoIu6qK4gcKYh-FTmvCTj-Ei0NncNcpfFTz6PGlhcifqEEmroAXLsWDl1BLBp2GCdWcceL7yi-5D7uEKSumYyM_2dCxEAgAPZy42FBSZNPwSEiue7XejnNZFGxAimQLBOIZx52UL1WRyN8P1ZXbFf07ByqOQQ_wcuMMxJGocy5W2k1KNbzFzY5ocQwvqcTlsV1OaMQGQb_UBSbwe6N17ilCxf1zR6B07bKyeoonDxejdMv6Wkpns8JkG28TV4nwEqIvyfvb2R3KUUhQ2WQjtMZsZczEcVy3-8lyFIM_xoJO2Vo0wLbBavGiWeauuy2OHZhQfGx_2x90zBlVvkPrzUcb-bttDAtxuuAg_PgBr7T3wpteFN-1CUIpDjVt-Zk_uBO6BU9_vsJ1e6k6RIjcPTnxTI8ezAdfP99AIpuEhLilSIQCVfVbpVfJwI1u23ljB-1vkydC375fgs5w9PmGtyuuc-0teVhdVRja2yYKl412k6hYnQdelEK0sqUbNsryFJuIW5z9B3OzZI6aLI1pUfiFNu620PLTjRQVn16R7eePHnp-2jUi85zzFme1mSVY_5-w5bmpITfjC_UQE_Ju4CaNYEeCeRQmldJFvzcGu01SGZGESdbtZWK8csDxQrg_CkgkhbzdUFocn2a9-wQBtvfpn3_oq9Os1sTDPiTafk6GMPWVaD3O6HgPSBXS8BnjihVMW3kVslz7KcXqnZ1E9e6-niv0bN6FasT79U-Wql8Qi6e0NtOZJq3MrrX54cLfGSMVDZStI-P8_5nDt_Cc1nhafGpoYKOh7hWvC6QtdJ2MqOXveQPYalC33RJ6JIQXpS-rojafDFekDxsiNNRJJi-FBK_fwE-0GzZUAfA71XR64pV3ipLlXlRlGRCB_6NIYoqH5VD_QNabCpSmXsRS2valk1mGquJjIu1m2H3xdB_uevdvLijW5E8SV_IgIL-tir5yG-ffrLLxSkv0FN4oYu-g1TMNhJiISSERFhMOY8opqIjbwI6ci_VS8-D2vOrrE5gIcFc3zhFCBGmeE8-2Jn1XCb6E7DJdNEOF77IeG5XPa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 701C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbTKL__Be6sVEaIhvFzZ8o&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbTKL__Be6sVEaIhvFzZ8o&google_cver=1&gdpr=0&C=1

43 B
778 B

54ms
54ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbTKL__Be6sVEaIhvFzZ8o&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQ6t2eAhjY4uXzATAB&v=APEucNUXa3Of0fs5NFR4s7Ya-A1xSqFSbKDpjKOBWi--KdKCFC1tBIK6OHNnm-DzcpsXnafjhTqBqiw-H6fQUD6thqfWr4eQL-Xo7oyQDFIjAPVGdZh1d2k
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4N7clfDcV3tuSlsXNNu6Jq%2BawZXk7fgeXDo1oodJZoakGe7e13o8n0oa5JBco672501nQv9ZOsDj%2FA%2Brdy5cwVGrRU0zzcroJH4K6cbKdrckc5DWJUXouWh3JmOlmhupVVkVOpF2EM4Iv%2BMmDNcw78fDcr6XJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85bbf64ffd904bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4pSzOPwbjPhN1l5cGWdFs9%2Fmyio4CW7u9biPuk1zZZyN9cwu8xSmAsFlzoTNb%2BOoF%2F5NsQxx%2FwAECGgvshyH%2FxUqGfQ1zdzv6M%2BDIqaNo8ZesSF14nG7INx9CLSCoSYFwqbPU8gua2ViYlJTPmLNGBP4%2FPydw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEMbTKL__Be6sVEaIhvFzZ8o&google_cver=1&gdpr=0&C=1
cache-control: no-cache
cf-ray: 85bbf64f9a4c4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 701C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zd0egtHM510AAHu8AH5A7AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1

43 B
743 B

56ms
56ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQ6t2eAhjY4uXzATAB&v=APEucNUXa3Of0fs5NFR4s7Ya-A1xSqFSbKDpjKOBWi--KdKCFC1tBIK6OHNnm-DzcpsXnafjhTqBqiw-H6fQUD6thqfWr4eQL-Xo7oyQDFIjAPVGdZh1d2k
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yP5R6xVyVMYasUUvXQQ9gTJcmcHNWPOWA0uNy5JUIfsDrliuqT0YSPCIFJf7o4xzumuOdx%2BF934tLftDsnxE0NE2LpDdcVkXOtK6kNwCiOIr4uwwnT6F3lwOchYHdO7qIgRD%2Bs0WAqXXMP4kBZmmoYGdbgwGtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85bbf6504daf4bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 701C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEEoszF0mbEa0_Qcs58K5LlI%26google_cver%3D1

43 B
1 KB

33ms
32ms

Image
image/gif

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEEoszF0mbEa0_Qcs58K5LlI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQ6t2eAhjY4uXzATAB&v=APEucNUXa3Of0fs5NFR4s7Ya-A1xSqFSbKDpjKOBWi--KdKCFC1tBIK6OHNnm-DzcpsXnafjhTqBqiw-H6fQUD6thqfWr4eQL-Xo7oyQDFIjAPVGdZh1d2k

Protocol

Server

68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
an-x-request-uuid: 580a0bce-236b-46ec-a92f-690fbbcbe1bf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.35; 96.9.249.35; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
an-x-request-uuid: 09435939-e064-4e6f-a6ec-0242f22e9206
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEEoszF0mbEa0_Qcs58K5LlI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.35; 96.9.249.35; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 701C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMzQ3ODQ1NDYxNjY4OTk2Nw%3D%3D

170 B
188 B

46ms
46ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMzQ3ODQ1NDYxNjY4OTk2Nw%3D%3D

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
an-x-request-uuid: 5e6eec09-de61-4302-b9e6-153885c93747
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMzQ3ODQ1NDYxNjY4OTk2Nw%3D%3D
x-proxy-origin: 96.9.249.35; 96.9.249.35; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DE08 38 KB
13 KB 25ms
24ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 121975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 13:35:07 GMT
expires: Mon, 24 Feb 2025 13:35:07 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9F3E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c86261a7108f8b60655740621add6b6c672624b6cf492b1aa6d85a72972cffa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F178
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0

43 B
551 B

53ms
51ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjw-oSAAjAB&v=APEucNVS2XYgeUoXh-QVag55V7p7PMWYPawF_bZ9GlicMRTBcIIDJiw7LrsSBLhGMjyRTRWVsO0sJdox8CsUUEMQUEd-2_XZIlrpz-fV8piLzcQ9VQHEF0o
Protocol: H2
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkK6%2BIYzD6L1Exak2OelBK82zDy8WRhmmJDwthLyH8zc9SMs%2FsfJdoOK1Tdt%2BZTI7ypjryv9MVUSj%2F2F6Ryqh5i9CszEUr1TadHIo3dDzVXptQLuD%2FkDS9oHdaSyrNUENBO9ZvFxrCkyt6cvMQ0FNFfDv9a3VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85bbf64f9a4e4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F178
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zd0egtHM510AAHu8AH5A7AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1

43 B
752 B

55ms
54ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjw-oSAAjAB&v=APEucNVS2XYgeUoXh-QVag55V7p7PMWYPawF_bZ9GlicMRTBcIIDJiw7LrsSBLhGMjyRTRWVsO0sJdox8CsUUEMQUEd-2_XZIlrpz-fV8piLzcQ9VQHEF0o
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdVAkmH%2FlxfYNkGeiKtm232NYZFs2Kh2iakYjgOWMOuH7auG8EikVnPUfVZfWkOwaBwFwTX%2FqkhO75bySN85UbrF06CjY15YCXcAJWCPG%2FQe%2BGQ%2FOq3%2BF0z5QzZrbwhxB%2BTCWah57XYGXrJnmS8IrYvLxhR%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85bbf6504dae4bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F178
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1

43 B
1 KB

33ms
32ms

Image
image/gif

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjw-oSAAjAB&v=APEucNVS2XYgeUoXh-QVag55V7p7PMWYPawF_bZ9GlicMRTBcIIDJiw7LrsSBLhGMjyRTRWVsO0sJdox8CsUUEMQUEd-2_XZIlrpz-fV8piLzcQ9VQHEF0o

Protocol

Server

68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
an-x-request-uuid: 9eebe8bb-0ee8-4c8f-a25b-4575e85f968b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.35; 96.9.249.35; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F178
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMzQ3ODQ1NDYxNjY4OTk2Nw%3D%3D

170 B
188 B

46ms
46ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMzQ3ODQ1NDYxNjY4OTk2Nw%3D%3D

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
an-x-request-uuid: 7cd89eb0-5a8b-4270-8d80-b7c66cfa70fb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzczMzQ3ODQ1NDYxNjY4OTk2Nw%3D%3D
x-proxy-origin: 96.9.249.35; 96.9.249.35; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 75A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0&C=1

43 B
746 B

59ms
59ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjF_Y3eATAB&v=APEucNUq4I6YgNN45NFm7KoMfcB-hd-hH7HN7NFYQ0w2z4kKyO5KS3HzzXNJG2Y7BSBeRbd2o1koW_YiSw-cen9Hso21UGq6KFOhnX47qS5wGBwKFKtVcdM
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfzjLUXW4aqMOCRQy2ski3ULdWpnn94ILa%2FidMZHRtJfZZ2ki5etY9ybYGXdFJJtl%2FePl6b95L9SeU6gTHEAMGNDauk6Q8xZ8DG2CkjmGmr%2Bj5gqw8XNiFv9arx%2FcVO3zGcsbo3xGdSTYIZbFWDc1jMlVtEffw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85bbf64ffd8e4bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqSA%2F8SpoppKDNXOqLlLebgaTzK4ADOwN5ymj5hjP%2BbXkhCfcJtP25cSAouG0c27j%2FFFJbLT0OdWBAJvJSNoiqRKO9ttcHiZns7C0mdQtFfzGR10Av%2B2fomU2BloA1%2BakKLo9T0AnRuKanUSkV6PCoCGcT6lqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEFIseoZBIwxLQ1RgHQ0EIJU&google_cver=1&gdpr=0&C=1
cache-control: no-cache
cf-ray: 85bbf64f9a4b4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 75A2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zd0egtHM510AAHu8AH5A7AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1

43 B
746 B

55ms
55ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjF_Y3eATAB&v=APEucNUq4I6YgNN45NFm7KoMfcB-hd-hH7HN7NFYQ0w2z4kKyO5KS3HzzXNJG2Y7BSBeRbd2o1koW_YiSw-cen9Hso21UGq6KFOhnX47qS5wGBwKFKtVcdM
Protocol: H3
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMVpcu3EWQrkEQdJ2YUYUaWdY0Ue2Lxdjh%2FMsqiY%2Fo6B3CO2Nw7E2Yuc4KrAv3CJo08Zw7U3gmV%2FkMiIak%2FVBjVdUPUjMP07TtI4bADsvZuOW%2Fy27kpKb0MsRurAg9VKfKE4YJkhjp456lnRuXzPjAiFTfKV5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85bbf6504db34bc0-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDA62FOdtWvrWdOjEZBccYg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 75A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1

43 B
1 KB

103ms
102ms

Image
image/gif

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLLVmQIQ2riaAhjF_Y3eATAB&v=APEucNUq4I6YgNN45NFm7KoMfcB-hd-hH7HN7NFYQ0w2z4kKyO5KS3HzzXNJG2Y7BSBeRbd2o1koW_YiSw-cen9Hso21UGq6KFOhnX47qS5wGBwKFKtVcdM

Protocol

Server

68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
an-x-request-uuid: c4536878-161d-4923-803e-ea0a0e1862f7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.35; 96.9.249.35; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEEoszF0mbEa0_Qcs58K5LlI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75A2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1NzMwODczNTU3MDg3NTUzNg%3D%3D

170 B
188 B

46ms
45ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1NzMwODczNTU3MDg3NTUzNg%3D%3D

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
an-x-request-uuid: 6bc8647b-1f0e-45d5-87ee-19a166b707ef
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ1NzMwODczNTU3MDg3NTUzNg%3D%3D
x-proxy-origin: 96.9.249.35; 96.9.249.35; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 3 KB
3 KB 90ms
89ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist11&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-11-shop-tiles-prepend&d%5Bcategory_id%5D=11&d%5Btype%5D=visible&d%5Bshops_in_line%5D=12&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

d963456878b636ec75d6cb61464ba7919c762f42bcb788ba426f86310aca2c2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: F9vXar8gp5J9ME1_c7atmB2A6gSrzQkaclCFFFl2lVhQr7Mc4GTToyJVAxQc8cTMT-KMMtiKZHc5OsssFQ-mPA==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Feb 2024 23:28:02 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 26 Feb 2024 23:09:14 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 26-Feb-2024 23:28:02 GMT
content-length: 607
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 23:09:14 GMT
server: nginx
x-upstream-server: letakomat-frontend-all-5dfd6df9b-ztptt
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
3 KB 90ms
90ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist14&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-14-shop-tiles-prepend&d%5Bcategory_id%5D=14&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

3f2f7f9b277189f1f0091fd7b7ce4dbc9142f9fec488acdd9a125894337f8691

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: F9vXar8gp5J9ME1_c7atmB2A6gSrzQkaclCFFFl2lVhQr7Mc4GTToyJVAxQc8cTMT-KMMtiKZHc5OsssFQ-mPA==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Feb 2024 23:28:02 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 26 Feb 2024 23:09:14 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 26-Feb-2024 23:28:02 GMT
content-length: 473
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 23:09:14 GMT
server: nginx
x-upstream-server: letakomat-frontend-all-5dfd6df9b-ztptt
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
3 KB 90ms
90ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist12&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-12-shop-tiles-prepend&d%5Bcategory_id%5D=12&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

0b045979ba93452d33711cc59f8d3f50423fd32e59721233b6a2d363154d02fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: F9vXar8gp5J9ME1_c7atmB2A6gSrzQkaclCFFFl2lVhQr7Mc4GTToyJVAxQc8cTMT-KMMtiKZHc5OsssFQ-mPA==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Feb 2024 23:28:02 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 26 Feb 2024 23:09:15 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 26-Feb-2024 23:28:02 GMT
content-length: 469
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 23:09:15 GMT
server: nginx
x-upstream-server: letakomat-frontend-all-5dfd6df9b-s4mdk
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
3 KB 172ms
172ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist15&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-15-shop-tiles-prepend&d%5Bcategory_id%5D=15&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

79dc35e12656f226ed10a67726eccd06a5b7513c8687413c3e62d9b898c34eb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: F9vXar8gp5J9ME1_c7atmB2A6gSrzQkaclCFFFl2lVhQr7Mc4GTToyJVAxQc8cTMT-KMMtiKZHc5OsssFQ-mPA==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Feb 2024 23:28:02 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 26 Feb 2024 23:09:16 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 26-Feb-2024 23:28:02 GMT
content-length: 486
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 23:09:16 GMT
server: nginx
x-upstream-server: letakomat-frontend-all-5dfd6df9b-s4mdk
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 172ms
172ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist16&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-16-shop-tiles-prepend&d%5Bcategory_id%5D=16&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

40d8f08299fd8535ffa29639b9d2da766a408198896a266c463fdeb144342e9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: F9vXar8gp5J9ME1_c7atmB2A6gSrzQkaclCFFFl2lVhQr7Mc4GTToyJVAxQc8cTMT-KMMtiKZHc5OsssFQ-mPA==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Feb 2024 23:28:02 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 26 Feb 2024 23:09:14 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 26-Feb-2024 23:28:02 GMT
content-length: 449
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 23:09:14 GMT
server: nginx
x-upstream-server: letakomat-frontend-all-5dfd6df9b-s4mdk
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
3 KB 172ms
172ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist17&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-17-shop-tiles-prepend&d%5Bcategory_id%5D=17&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

f86bb16ebd6a64e23d833fad58856180cb50246b0d35d615142fb88ef8bfcb44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: F9vXar8gp5J9ME1_c7atmB2A6gSrzQkaclCFFFl2lVhQr7Mc4GTToyJVAxQc8cTMT-KMMtiKZHc5OsssFQ-mPA==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Feb 2024 23:28:02 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 26 Feb 2024 23:09:15 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 26-Feb-2024 23:28:02 GMT
content-length: 474
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 23:09:15 GMT
server: nginx
x-upstream-server: letakomat-frontend-all-5dfd6df9b-s4mdk
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
3 KB 173ms
172ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist26&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-26-shop-tiles-prepend&d%5Bcategory_id%5D=26&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=8f96944e8bf6ca28b0c18cc0f7ed7a7c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

ed4acc46b829b0b6e0742fbab9f3f7102c6e69f6e0f11720aa320905b8c5507a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: F9vXar8gp5J9ME1_c7atmB2A6gSrzQkaclCFFFl2lVhQr7Mc4GTToyJVAxQc8cTMT-KMMtiKZHc5OsssFQ-mPA==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Feb 2024 23:28:02 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 26 Feb 2024 23:09:14 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 26-Feb-2024 23:28:02 GMT
content-length: 486
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Feb 2024 23:09:14 GMT
server: nginx
x-upstream-server: letakomat-frontend-all-5dfd6df9b-ztptt
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-ua: ibt-0-ibr-1-imb-0
x-proxy-cache-type: a30m

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9CD 0
20 B 83ms
82ms Ping
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9177871225487&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9CD 0
20 B 82ms
82ms Ping
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9177871225487&version=m202401290101&ct=77&x=1&cor=12346517626059457000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B9CD 34 KB
20 KB 76ms
76ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9gJ2oQzN-KkA9tueHtW9rCreWi5qzQ7np1LDUNwe441i1R-dIPzYdEp-MK5AnJZehfquvQ7S7m3ryEXmunvfXe69Z2ruA_b7Os5Dcu8DOX8oLAXxm7lyfSkxEH7Cxzq-HPtWN3PKTkjJ9B3f3QG5tubohuqDE689khc3dK-dVETH_OYcVaU7-rDoyH6k-DvTGattdNeYka_THj8x0WvjBwmDRDw&cry=1&dbm_d=AKAmf-Cyn2yXoEhGrrbC4_8rWaxZQiuCt0mD76r6ntdWXFUGCNI9cUZxKUU-BQgLHO8xV__V0XGKPFWxE4oK2JBCxvpDqDifhZTIHsxqP0C1qqDDueclGf6uOS2zETyrGCinv53XUs5N-Lqvhlmkqwngf67dS400J_3g8fs40cHjOQLW0U46TJB3qVa4LleLX5AVUMkCsoXSBKs3y6rTMMwhPhqlIwughTM5bLYX7s3OmVaTjUOiLUBVzifKVlcmM_DkZ8SGv_ohOt7k1tEjp5ZOkhB9f__I7lyaS6N_cngKocmNE7jYZEUR97MQ70mgh3hktSazDuMvdRwxIoHnasFkubd7QiY6IeZEP-DXP84xDN4oqeEQ0DJ6FxPG4zyRZvcJla-cLWRM0b4CtxnIcTDStwGKM6Gj7hL3YGrbsPG0aIr31ppNfgHG7DrwJgm_43B9F9FHueSJAumUMtVHVhmwr1oO1yrQoNQjoDdjnl4I4g2qc2sam7mZa3oijcQ_eoMn_ZPqn54rn1HEsObT_Hq63iNY38xRa3FR3z9qiiiCCYZVslpAYwzaq8lKuG-oeb_ryInkQqBa8s6DBy4qJ8fk3PkHOSKbN8iP5s38-WI6dyheXPA_8Y7m1RQ8LVe_LCRDT_-iDdIRivFHWkfP1oc_b51Z-v03HLJGIwFkgdkTMKGGQiBRcvUmlxQGbjWWklxk50l4gWVenRE_mxo3MlFKkPQQBa3imN5xZuQtDirDv_fw0ihrGjxOP_s7yiScI7UMnvCI2RvW_ebV3IiCCIaFry3ZJ4Kb8hTWzU9-6Fjj__jKWErdfPFxhRKt4fJeglYoLlS6a9MMviueapPysJ5AHklNrb7YtjDRc2Rz5PCST4YIot0wO12HLzbVBcPAI7iGxjYxROAFyxaMjC9FBbph_SVTM68U65UhL0ExJ-eq3JXRRSYEKFKRdzMrIAZ91hClcDD1fiLXmRj4_qQuhdG4XzQFJkWFo7ag6pMXTrTiMxigIQSId1qKQEJyjrBhzLv2bpJlJAbnXaZnMmdrEWBgTr38pTilEnVeTV8nYuqlGFQU_OBfffdLJjw4D8XzhfXiZQbw5Yet93jhW1Czy6zqON2O-8ah1nYPML9OFyOMJAnxVAtnY1aojiUsepkLppz-LbNqswB_8fSSnAp0ze4TvCX8IIxw7LIydgKN7xK3gV4EYsBNLj2hp3tHF7DWYiuDwlwZ0y7o3DW1ZNB80lGRDGstdyJeiFrWTpgo9DXuJe8Wh4BDUovIQXoXApva_v5t6sEOmm058OwjYfSyHfHrghJl6wR93IDnxzn05M_M3mMCk69r_3uUP3eyVSH-TvCQoDC4p91O40vw0UYIR-DTjMfYRHG4Ew8wR0vpUOoQfnlEe7i8szwGISzqoD5r3klH2wPG4NTVYRrtZKAPeRWewqnjksy8k9maXS4Vn9kwUDoWGup4oa9aOEBQ5Pnpk67lKG-qv0sNbQQ4mb7Oh7MyXmA7SgcxI36Ho7h1UuO3scM2mibkQd5og4NvneeLPYNgfqBvLUXq1LtaMySApmp9voSQ2BS7RDjPxX5b6EWk8m395eVPfzQJ-esxsRjGFIPc7UtrWLRgChCXtoVGvSjejSkJoQb5JlpZfcaUItUBNkvBTON-2WgVbhScmO06sSgoYUlOixDkST51M9dTqmRtyFTxsnGB9kwo5ru6HK7l4NatsHC54OTYJq0idRCF5PXRzlJ4PHnptVSrCnuojoYsFPmgGoFyLfcQnAmDv5FvGErOzDaexmx1ilRBamQpPtYjB_s2jEcvPJbW2oN3xg7CxEr6EjPzo1K8YgY2oV1ErGJYywt0D0yK23atf1QIML0oww4KmxrgOMar2vfI_WAtw09Sig1cysurS3sF67VSg5bYSGVO1Rk1msfAIbgKfd6wpUKZelzF9PyENhQ9Xk7VPqPAAVjcfoEKf2SOhR4b0eVqJHmSbRUSMxQJYT_z6ImdRVIEdwEFGi487V6d4hntuSWBH-b8kTrZJOA4yvM2iSgUCR9ebCVmTI5LLbkTC1XL9-y_5iZJc_urG295STwz9Csa6YcJ3Ogs91zR0KNsiquYIF56X0ZlJ3lhG9pV44ayG9yX1hHN18TWhQhWn5R4uWjlAwk6oS9_K-vV-RwyCb7qOtbRBH1PSH6hoI1f-uczS0JdeMPmJWxulxn4UP3CuhZZQ7875Qej5_CfJHFMEVvkHW2WFenZ6mYkrOVBgTbyW8qEYMZ0DW1CbdfrhXU7shkAhI_gooWp1_EOgzkVLyiWTIZw_403age2Emaegi1CHwCVdTQBJpaVQyGDPfqJ67t6f4FX9fJU6Xhy2I0AIpOt--MRh4uXiSqXeRo_wVOzZA_lWEotmJPxaJA8zh_W49BD1XE57FzkkmETZkMIevqbqJrR2fHkODmS_f08-pb5X7WPO-qPXdYTmMnNJM5qmsQtCc0Dq83XtqBneNUI587n4X4EKlb0YnTsxpA4xKuhDYE-5lEfaz31OPf85WVgt3NcObg2S2mr90E2IIYHx-iIzuRcOoLXooXO1mBPxrBhnPh2WKkOr8-E7YeI3dnWajsBXHFRqp5VHSMiQfuWnhLsU-GDPa23dcOugq7sno6_EWOD9hdVKuzAvYbYrCdly5GQUmoFegga75GYCVq_TCnJrpWOg7nc4H7qROAQaS3yeeiaAxnxE3BU9zF2AnNM35jjDkvnzFf_73QdJ_S5R4nWSlKtq_ee1QP2eFgCXE5Rw0sNvhteKobMUTODqN0araRCC6CWgO5mDnS8jbavOtp3Tnm3XhJXIDvFJBdZODAs17dSIYCHFQc6Bqc7uZSdCHuZsIA3F8g1CPW3G86GN-BF1oJDWo8MSSrGT1lZ36MQorYPTeTXHXOuTSq3KmKMLAm9ZWEuJPusIuJBwBoMNMvkH-UGEimLrJRNvEK5HCwm5LygR_eDnqN49w0VJhK-npghwDvtLogp19dw_JVJKmty0VnSBQfL8HR1PZrXXsGtfMeye74GbPTX1_uiWqxrf_cZ5gaCP_7o0_kWBJBJUJye_84pF8jS9NTWSw0TWEoZQH_Y51IpssLoru6EchBeT7cZeoQ4jR0DJ_mbDGKQa2g7RQpq79bax1PgNNOYm-M2JtF0XgNN6zgvwVVwkcIxzIT9DIv5NLnYeEC0LgroWy6dxiPXpdG5t9mDEmoqDilLAcigTmjxkomSpIdMtW0Du-Nyx3L6PP4--M9tHHiKckMkBTtkMQoTh4JQTwA6DhoM50D2LSCuDP3cAmo03tNMs2_wgt3UqKmalKZeyBbLhHmXrpWbu0kft5v9tu0DeW_rmMXfWsakz7jJV9RJ8dEUdX5tRrpuF7fjsF8mLhbtDCnj3e2yrhxeJI8A66ZnCCGNeO6VRJSh5mk0m0Le53kCAi2pPulMcn14TfGTKprcywKKrBMVukg6HmcgqokNssVKqVh78SFAJ6DzpDQ-n_-4K3pqBa2C0KAUwrbiiT37LEQSpR6nfHy2Rc8L_AShfsXtHRMp0w031bY6s_Lml_NNYk2LtiJ9bMpfwd1frcN5LAcJy0pFMkv2ah0xZPcS5Sjpt8K-mGKu9Cd9iJKSQUPLXgDy3EtiOHoHG2yhy-eau6LWFGj0v2Ozy9Z5S2TzkHyDUpxaEzHL1p5TNYB3epk2iK4zaNaJanWWXnms_kDaV_4RxkDPDiQxF8w290-kZ19ZOkbl9BcmRUUElgDH13O4YXqX3VMfXcBrImwO-9XsYvVpcbIbU-V6lXVHTfa2QjNCrar6t2YLQb2s--7vk1IS5H0Gypt50Q&cid=CAQSTgB7FLtq5GUcW7fYeoVFN_yAdlWhxm5SZrX2SoB_KW4KBJ7bnBeY5altkiwC5LX0J9MJ4CA88yMiexXfSNt3lyhBiKIXf4kUz_d-QRsqyhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.offermate.us%2F&ds=l&xdt=1&iif=1&cor=12346517626059457000&adk=3690638928&idt=80&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c717f6913ff81f2d1c54dd570e26212eea92fe6a43ca52b53c28fa80484de21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20042
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7716 223 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7908986050058038cb2e3d5cd1f2774b8929dd4d34d255c4d2d69596677d7bc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 376B 38 KB
13 KB 25ms
24ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 121975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 13:35:07 GMT
expires: Mon, 24 Feb 2025 13:35:07 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 7716 0
0 89ms
88ms Fetch
image/gif 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstzE8za95qt2oY_JajSsvNd0E9SPJt-5rygOD0MYQHPj_OgXW-3WwD_yroVesXDaLkcdOvhh0q1p6T_vGijDbphzi4ihYY9AZy4nPG0J16BNG9NNvFIWDBbeuxO4NQabG2ORf8rAywoeEcfkjtE9fW3vuLUo4lT2mhNvZ9Kgggya3V5j0U-m7zY8E-FI6g_Uu9jfPpWsCVw76w1q1Rquu-DzAmWJQwfCWMzGdCxu68M4V6PqPFsjQ8GbOgCC2dowc9CpxEOGjN7LuTCucIspuCPH1xOu79hJ1rRVtX8nXw8yiqff0GM9Ep9NiKDNgXuttHCzE0QckKLZ102nNYVaXeCQQC2PmiYyXm4_2wWZ87tV7pvPJhxgzNNGyujrC8SiH1mWAK7Ntnrq4un3yiFCo1htDOD2boexhsUdtTkK_yJd-J2Mo7aFBo-zRlAhKNhf9BTaa7BRPOiVBMuOk7Tl2xII_UveBUndrmswzcu-A_bD_MVMYJd3m0x7vF7qKPkc15l3zOiEfUNrNKF4gqg3D1TptIlMkx_9D1wzbHouKaQCpKsXw1UFRFqIYhgAFjaVetPCWfTO39JUQQ9RQYF97-Xz9fqlhuhF1SVkgYHz3H0nNxoUlTArT7_C8wbK-pXZJacSE5-WI0xAGf77OdaChmAKmy4iOAEiuGgSKJIAnYr7rWsOTzSB4b-Xj0JN55nUP6YYnToIYZxPGj9hZdfehyndYKtO-Psxl_kXtVg060rODl3EpIr-_RxBm10QLgQ7vLEQeQCmvdYNfwT54q6LbwKcwqiMnpvZF8JC3r2DjF1WcBSLRNjtGlAT2--BZW82k5FxjVWdgabhkA2af2pT4MT1G287gDK5jlTkG3gHUecNluf6ujyVWOgHiCvU9Bpg3zBVSJGnUrX9d5QxmaJYhZ5L6vUQ4QVGHEsLq6tXo-xKGHCUSM8R3x52E4o2PCHi81jrY1MtAdTV6DKK8UyIUTKwNzU5vT7rXTbQfHL2VlZoxpsMENu77C-LEwjPa367PBVFto5sPARNiUj_9mfyMT-AVvcdhGLwMRk_VowgjAURvKaMq56wTbl44icAzKWErPbIrsy60CcWrq4xGdluMWNcPkaEBTJFEhHJfX3GgbQJtQTAbvZ3TxXnFbJPWX3uKXCPi3vGg_EDWpmQ_y10mM-yMqdxlO70ril5NoI4DlWMB-uUj3fTNCmvXfr6rebPLEoI9tyiVMWyWi9bNL-Ln82qk4kNRrT8Zxt6dodC54UpZdvACteC8X--aJP1-LP675J5DSyeg4zWC7yJ9dGxgVS26_nrE-p_o4YrmY3GK_RRFeT8qVjA5be48TzRdamOKwgC6O3zHnwUCKDY5_T7mS4iDXXFD1p8WyCU3apHbOyzC1_VktoYCvFDDGZlarIci5E8Xx0c9Vi1Z8ILpf4nq-moKj3CgI-CtNwAB8-M-dJfbUBVs1DAA&sai=AMfl-YTwUB6mxdZf6NNeX0znuoiihrFIvcAUOq8e77tbwwMNpnMCdzpM0-oZf7-L1RQEiKl5OCHGOtMNjkV85nG-JTRdGGQPLSbk30eRO-2MI1RkX2dZH4Bj_XvZHALAC5m2HjHChj3mTvKiE1vL6D6b9OtgtxRGjcHKvbuKe_piLTsohYlGetfjyfCb-XCB6N9piXYsqTRw3KMcmfrYobaPAGIR2anLflHqOhoZpjvtjOuSAV9L70RioteGgg1VwX1NQXuym3VU9yiaG45oDXG7Bgc6Maiq1114J43_tpKKROzOA-OTD4nLjCI8f38NOJZfX6Il28YHrhRLnmLY8o-psyonlpJ7BpxjwH14SQbpjCtWWtZWuWTtWRCgKWKPgu2dUwxNKZ500AKtnXNu0HtaoqPbzTJxy_DdTaQdqy-ZWvOckf4E1RmwDCl0lhrLadx5SD-auetmqeSeTFhPnIY57PjqSKmHOU8YuQBRlmYnw4W51atMnWC1vnijFHh0PsaWVQ8aHA&sig=Cg0ArKJSzDYI647BFOhfEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zZXBob3JhLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=236&vt=11&dtpt=234&dett=2&cstd=0&cisv=r20240221.92514&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Feb 2024 23:28:02 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/10100941472053833796/ Frame 665F 4 KB
2 KB 25ms
24ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42db1c827cd7bf33e07d8d81857238abf05aebfab909b67bfc0fa288080be0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 399576
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1669
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Feb 2024 08:28:26 GMT
expires: Fri, 21 Feb 2025 08:28:26 GMT
last-modified: Wed, 16 Aug 2023 15:59:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9F3E 0
0 98ms
98ms Fetch
image/gif 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst6zOBGfSFoxjepQGIRVvgorjKF084-1VlCjQgVDzHdioW1MZvXNqDh84FcOFMSdIn0tbfxDSg5uXB2m0qJkscj3grOTmNdFnpWTVVZOnpQkHXWpQMXapk5tVZx3GQPx54kIs7zq5VvFPbGnlK0zln_SizhUH0U-EBobR9i7l_DiHfbmnP-ugkZQTY82LwMaRpBs-PaTiyVtM7nJUFXZzUHWPw2iRBnaOLHOfGMiDr8djmlgojsDa732ZpQYvi_JkEyX5FvTWLSblLQyRdBfKlsPh3VsHf7VF4jIbABis8O-BfS-ns5fZBeoscHYhS8k5i8SHmAg21-fszVVUcylyyMBdzlDqNYcyKn7pKHXQuq4cJETUDPksCysozsbTOtqjQjzX3BCvu0W1GQDGeXbrpBzoajR5Mz6wgnCyC3-NJSSOX7ceatO5l0HANU3o3VGtpc-f_JeRiIQXfnl7U0UBG6JplC7XBSGjdOwapilUlJDLKv4XDG27XhCbBeSSXo90kS0Akv80vCLWmS-KkQTODd3Z9FuLab1TLzgp1Xl2TpS-zIFHQCeBbE-dMC81jjTfBKbx3Eb1vLI6kv8s60pEjCevIy2IWQCvyP_0nngEL-UWJkvfs6ZZj0bMQG32LpVRDWYIckOq6Wp_7P85wRMkNyhxl5WcN63G29aB7GNuaF8jBvpePOkYBAU8alGsKcsdav7CC8ImjKCXlYhdKbR2ptphqYu5x7N0XsEM4HYlW9aKkiq9tAKM-lZqjzpKMkaa92AwioLTz1FeYxwuree8FSXMCTZVO9x3xU8-gAhYM4fSZjGraaSTf561a92zVO81DlZ6xrNUQldBuq53ROQek9J3cJaV3FpqCnRDlr2C_r01ICiCtY9Uld2GvoQ_MCRdCw_LIFc8URPpPe-HkIiGMeKNG6h5ZW5VW40dijYjFImTMfGS3nLOTVhOoOQjUEuQgOjGbY2-hrwSjvoEpsvOeoF8w205Auvkp6n2g-Hfm-g-N5OdSM-5TYpqKz7_k5Kac4V6VnH2whlDZ1skO0yj2WmN2O6t6naVsyl0L-Ofwsg3-cRJCFiSnjIpHdhM7iHGcxmoTUbteYx0O0HTFagsUFJIPQZ30fw8K0ut6JOs3pulhPYBYoMXy71p55HeTcih2lIMT1iQMmZypx4hmPv_UdN5qCYU2k7kVzQtNzsq7QT3NEllYe9G7RAEOnBGO7K_a99YjKHiJH7NoKCR3xevvkEyo-pi0V7yrKpIBFH0WNVX4IxYIVlM_riM4_ytbpjzHXkynW_lI0fEJdJVrkjhHyD1SEe-INDf4vybBiVyXeBE4yBatNMQLfM8U9XlSVHMtVv0O-4K7lqR03LHNCQ4ZIGDjfiF8Ve94peye34tDiOPsF&sai=AMfl-YQSboqZFig-AdgXUVmiy4YRWLQ0viPkGiWFn6OSyLgqJyUcjNilvDRFwKU77PaP5pv2lBr_n-sFrrMixTxAUtBUW0xZ_SPADCTXDesx20fI_urEqIyNs7-ebuPa-VWLoPdHjZSInYKGc2M1tCbKnjn03gehkXPqbPrYxHj6oF3xkcYYUUW2KsWuzcCMjA-EIFicEmFsm54qWvw8crxH34PboiY5lfxd7hL99B3-LTwaLEyjIWDkzH8vTbnC3skRHjg7A0lPlWwIghq0P-LEZDenBRplQuse7QltZEzg0A-6WIFBbT-u5YIlJ1Cn8glgPiTwppY6SHqv2IxjwWEi2-JuuD57m0C0e-ZG3cypoIH-HuFcWHsClf3kC-oGYwtHdU2otMFACCoFff4MqkwM5fdaq3SAwCRYIMDNTEHKuTqWvzoDIkVfVBZMG49Dz8BeZKLV7KcngG8CnRHrrdrMgvYTMIv2FbXc0paX6c_Ll_nHNUgf_FsKLpwuei4bhU8fsnQDNQ&sig=Cg0ArKJSzImay6BfsGXwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ub3J0b24uY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=288&cbvp=1&cstd=285&cisv=r20240221.30128&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 26 Feb 2024 23:28:02 GMT

GET
H2 200 SAFEFRAME.html Show response
c.pm-serv.co/sr/2722522032/ Frame BD10 83 KB
30 KB 164ms
163ms Document
text/html 23.200.88.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pm-serv.co/sr/2722522032/SAFEFRAME.html?ule=3960&&kkdd=u*%7C3%7CAn*9H&j*=a4_iII__izzzac4iKIJ&5Po~=_&2Mou=_&XPj=aa4z&CMX1=fqza&X*P=iGd6hczc4&XoXP=Io!0!dZHCwjUY7NWM~hcN)%3D%3D&X~*P=cc_4qK_4c&M*A1=4zigI_&XX=dp&MX=Wy&X7l2=D)6!8Wy&o*P=ie8aKxdKe&Co*P=0pk(Szi&7CCoM=a&~~~=CA6s7fXvsfOQo)GjfK4*5n7Pet*2Z!R)SJ.yXzq4DI.%3D&lM1=c&v.=a&-5P=q&uPCa=iGdt6KpQ6&uPCz=K_KzczqIc&ZPuCu=LZgOv1l%3DaqKKLZ7o%3D_LZ*P%3D_rKi_LZgOulX1MCY~%3DasKEaiszEz_sKLZgOuMl%3D4aJLZgO1go%3D_rcLZgO5*lM-%3D_LZgO*uZ%3DN)wzzLZgO*lC2P%3D_LZgO~7%3Dq4kxToRiDwLZgO~oX%3D_______LZgOM*A1%3D4zigI_LZgOC2ug%3Dzq_LZgOC2vOM-UU*g%3D%2FLX*C3%3DwdQQ)f8LXnOUv%3D_LPX%3D5Xos-Ms1uMCasPLP22OPa%3D_LP22OPa_%3DaLP22OPaz%3DaLP22OPaq%3DzLP22OPac%3DaLP22OPaJ%3DKLP22OPa4%3DzLP22OPai%3DK_LP22OPaI%3Daa__LP22OPz%3D0LP22OPza%3DsaLP22OPzz%3D_ra_LP22OPzq%3DcLP22OPzc%3DfOP1ULP22OPzi%3DzLP22OPzI%3Dar__LP22OPK%3D_rcLP22OPK_%3D_LP22OPKz%3D_LP22OPKK%3D_LP22OPKJ%3DW)LP22OPK4%3D0LP22OPq%3D__LP22OPq_%3D_LP22OPqz%3D_LP22OPqK%3D_LP22OPqq%3Do~YPLP22OPqc%3D_LP22OPqJ%3D6LP22OPca%3D_LP22OPcz%3Dar__LP22OPcJ%3D_LP22OP4%3D_LP22OPi%3DaLP22Ov%3D_raiqLP22O2a%3D_rKizLP22O2a_%3Dar___LP22O2aa%3Dar___LP22O2az%3D_rIaqLP22O2aK%3Dar___LP22O2aq%3Dar___LP22O2ac%3D_rIiiLP22O2aJ%3D_ra4ILP22O2z%3D_rz_aLP22O2za%3Dar___LP22O2zK%3Dar___LP22O2zq%3Dar___LP22O2zc%3Dar___LP22O2z4%3Da_LP22O2zI%3Dar___LP22O2K%3Dar___LP22O2K_%3Dar___LP22O2Kz%3D_rzK_LP22O2Kq%3Dar___LP22O2Kc%3Dc_Kr___LP22O2KJ%3Dc_Kr___LP22O2K4%3Dar___LP22O2Ki%3Dar___LP22O2KI%3DciIir4JcLP22O2q_%3DJqqKr___LP22O2qa%3DaarIiqLP22O2qz%3DaKr___LP22O2qK%3D_r__KLP22O2c%3Dar_zJLP22O2ca%3Dc_Kr___LP22O2cz%3D_rq__LP22O2cK%3D_rzK4LP22O2cq%3DKr___LP22O2cc%3D_raJqLP22O2cJ%3Dzr___LP22O2c4%3Dar___LP22O2cI%3Dar___LP22O2J%3Dar___LP22O24%3D_riIaLP22O24K%3Dc_Kr___LP22O24q%3Dc_Kr___LP22O24c%3Dar___LP22O24J%3Dar___LP22O2I%3Dar___LP22O~%3D_rz_iL1O~o2%3D_rKizL1~o2%3D_rKizL7X%3D_%20%2B%20_L*7u%3D_L*C3o1%3Dxwk)L25*%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PL~OXX%3DdpL~O*o%3DzJ_zsUUXiszssL~OMX%3DWyL~ZY%3DcOKL~1UOXlC%3D_LM1vv1~OCu5O*P%3DP*js5oCsuPszs_LMCP%3DP*js5oCsuPszs_L-u7%3DC*Ua0Aq(tbsnAaXLjZ~%3D_LXZPo%3D_rzI_LZMZ%3DKLC5M%3DKKJgzi_%7C4zigI_%7CI4_gzc_LlMA%3DKL2gZnC%3D_LZMo%3DsaLC2g%3DzqaL*C3o1O*P%3DzLM1vv1~OCu5O*P%3DP*js5oCsuPszs_LM-oov3OCu5O*P%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PLP1C1XC1POCu5O*P%3DP*js5oCsuPszs_Lj*1.uZ*v*C3%3D_rqLoYM%3DKLuPZvn%3DKiKzqziiqzLu2o%3DaLXu~~*1~NP%3D_LY5Z*P%3D_rKi____LZUv~%3D_rzK_LM-*P%3DLPCX%3D1uMCOMXL*MOY~CZ%3DaLP22O1~o2%3DUuvM1LP22%3D7u~2Yl3LZPoXuoP%3D_LPuv5%3DP1Uu-vCLMYZo%3DL7C2v%3DaLPX-C%3DzcLPY5Z%3D_saL1XoO-M1P%3DZ1vY.Om_cL1XoOj1~%3D2-vC*m-ulC*v1OjaL1XoOo_c%3D_r4q4qK__JJ4KcI444L1XoOoa_%3Darczz4aciqca_qJ_KL1XoOoac%3DzraqK4Ja_KIIc__aJ4L1XoOoz_%3DzrJ4K__4_KI_IcKiaKL1XoOozc%3DKrqzaaKq44aJqziJIL1XoOoK_%3Dqrzq4JJa_JJqqiqqKL1XoOoKc%3Dcr_KiaaIKaJJ_i44L1XoOoq_%3Dcr4_cz4z_aaic4zcIL1XoOoqc%3DJrqI44JIK_J_a_4qKL1XoOoc_%3D4rKa4KqJcJaiIiJKiL1XoOocc%3DirizK4cKc4_cqiKKqL1XoOoJ_%3Da_rqcz_c4_iai_aIzzL1XoOoJc%3DazraciJJJazcJIqJaqL1XoOo4_%3DaKriKz__caccKJKIzL1XoOo4c%3DairKqzqc_qKKciaIiiL1XoOoi_%3DK4ri4zKqKcKIKaIqJL1XoOoic%3Daa_r_4a__qaqiKczIL1XoOoI_%3DzzcrcJcKiKaciciIccL1XoOoIc%3DKJIr44I_z_IaiI_iiL1XoOoII%3Dq_qrIJ_accIczIIzIL*ZX%3DaL&lCj=_&*.=4zi&*lNU~=a&ZP~NP=qJa&.vMCo=a&2XU=JizK4&3PMo~=a&Zu1=wg1muu11mwLwg1muu1qmwLq11&nuCo~1=a&nuMCM=ZCP%3D4i%7C%7CCMC3o1%3Dsa_q_i%7C%7CCZC3o1%3Dj4_z%7C%7CCoX%3Dq%7C%7CCX%3Dq&nuCZ*P=sza&nuC*P=i_i_4JziK&nuoX=Kz&nuvM=CZ*P%3Dsza%7C%7CCC3o1%3Da__aI%7C%7CoC%3Da%7C%7Cv2*P%3Dj4_z%7C%7CXC~%3D_r_aJ%7C%7C~oX%3D_raz4%7C%7CCCP%3Di&nuCu=uCYl&nuvY5=!N%3DKJ_q%7C%7CpNk%3Di%7C%7C0fNk%3Dac%7C%7C!e0k%3DJq_%7C%7C00G%3Dq%7C%7C0e0k%3D4ciqz44KaKqazq__J4J%7C%7CpN%3DKcIi%7C%7CGN%3DKJ_q%7C%7CDNk%3D_%7C%7CddNk%3DzNunp(wRC*iC4xIFTw&XuPY2u*l=CA6s7fXvsfO2aNxWZY(7S0aa_4icDnMMmXk)DMNMcDT%3D&3ovo=a&*M*P=c&uPj=e~12*-2%20p1u~X71M&uXC=ewNqwlK1KqmlW1Wg5U)qqAAW~UWuA-U)-1~&o5*P=o_J44cq_KzzCz_zq_zzJzKzi&MMvP=%7B%22MM*o%22%3A%22zJ_z%3AUUXi%3Az%3A%3A%22%2C%22MMXX%22%3A%22dp%22%2C%22MMMX%22%3A%22Wy%22%2C%22MMXC3%22%3A%22w-UUuvY%22%7D&7C2vM~X=a&sflct=9147666&CXUOX2o=a&ure=1
Requested by: Host: c.pm-serv.co
URL: https://c.pm-serv.co/npfm.js?cid=8CURV5257&ydspr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f15ab3acea377e9099cc65a036b5bc8d21fcb26780f010f70be3e507fef8ed9

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 30091
content-type: text/html
date: Mon, 26 Feb 2024 23:28:02 GMT
expires: Mon, 26 Feb 2024 23:28:02 GMT
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-7h8k

GET
H2 200 bping.php
l.pm-serv.co/ Frame 0B5F 35 B
164 B 45ms
34ms Image
image/gif 23.200.88.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.pm-serv.co/bping.php?vgd_len=3215&&vgd_cdv=1172&vgd_cage=0&vgd_tsce=L421&vgd_wlstp=1&vgd_mcf=68237&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CURV5257&crid=550743075&vi=1708990082221578396&ugd=4&lf=6&cc=US&sc=NY&lper=100&wsip=170785085&r=1708990082621&rrr=tzR-hLcl-L_FpACvL37igkhdPKimbMjAW6wYc247H9w%3D&requrl=https%3A%2F%2Fwww.offermate.us%2F&vgde_bdata=~G-MjJzvuHAA~GwEv9~G8Ov9.AW9~G-M1zNJQ7mLvuoA*uWof*f9oA~G-M1QzvhuF~G-MJ-Ev9.X~G-My8zQxv9~G-M81GvVKRff~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvhfW-i9~G-M7Y1-vfH9~G-M7YjMQxkk8-vS~N875vRPssKTa~NUMkjv9~ONvyNEoxQoJ1Q7uoO~OYYMOuv9~OYYMOu9vu~OYYMOufvu~OYYMOuHvf~OYYMOuXvu~OYYMOuFvA~OYYMOuhvf~OYYMOuWvA9~OYYMOuivuu99~OYYMOfv_~OYYMOfuvou~OYYMOffv9.u9~OYYMOfHvX~OYYMOfXvTMOJk~OYYMOfWvf~OYYMOfivu.99~OYYMOAv9.X~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfvu.99~OYYMOXFv9~OYYMOhv9~OYYMOWvu~OYYMjv9.uWH~OYYMYuv9.AWf~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.iuH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWW~OYYMYuFv9.uhi~OYYMYfv9.f9u~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.fA9~OYYMYAHvu.999~OYYMYAXvX9A.999~OYYMYAFvX9A.999~OYYMYAhvu.999~OYYMYAWvu.999~OYYMYAivXWiW.hFX~OYYMYH9vFHHA.999~OYYMYHuvuu.iWH~OYYMYHfvuA.999~OYYMYHAv9.99A~OYYMYXvu.9fF~OYYMYXuvX9A.999~OYYMYXfv9.H99~OYYMYXAv9.fAh~OYYMYXHvA.999~OYYMYXXv9.uFH~OYYMYXFvf.999~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhv9.Wiu~OYYMYhAvX9A.999~OYYMYhHvX9A.999~OYYMYhXvu.999~OYYMYhFvu.999~OYYMYivu.999~OYYMLv9.f9W~JMLEYv9.AWf~JLEYv9.AWf~wNv9n%2Bn9~8w1v9~875EJv4RrK~Yy8vSfhiXhu9WSjJ7MxQMwmYJSxQM1jjMY8O~LMNNvPb~LM8EvfF9fokkNWofoo~LMQNvI3~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvO8eoyE7o1Oofo9~Q7OvO8eoyE7o1Oofo9~x1wv78ku_lHtCZoUluN~eGLv9~NGOEv9.fi9~GQGvA~7yQvAAF-fW9%7ChfW-i9%7Cih9-fX9~zQlvA~Y-GU7v9~GQEvou~7Y-vfHu~875EJM8Ovf~QJjjJLM71yM8OvO8eoyE7o1Oofo9~QxEEj5M71yM8OvSfhiXhu9WSjJ7MxQMwmYJSxQM1jjMY8O~OJ7JN7JOM71yM8OvO8eoyE7o1Oofo9~e8JB1G8j875v9.H~EmQvA~1OGjUvAWAfHfWWHf~1YEvu~N1LL8JLVOv9~myG8Ov9.AW9999~GkjLv9.fA9~Qx8Ov~O7NvJ1Q7MQN~8QMmL7Gvu~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv~w7Yjvu~ONx7vfX~OmyGv9ou~JNEMxQJOvGJjmBM%209X~JNEMeJLvYxj78%20x1z78jJMeu~JNEME9Xv9.hHhHA99FFhAXihhh~JNEMEu9vu.XffhuXWHXu9HF9A~JNEMEuXvf.uHAhFu9AiiX99uFh~JNEMEf9vf.FhA99h9Ai9iXAWuA~JNEMEfXvA.HfuuAHhhuFHfWFi~JNEMEA9vH.fHhFFu9FFHHWHHA~JNEMEAXvX.9AWuuiAuFF9Whh~JNEMEH9vX.h9Xfhf9uuWXhfXi~JNEMEHXvF.HihhFiA9F9u9hHA~JNEMEX9vh.AuhAHFXFuWiWFAW~JNEMEXXvW.WfAhXAXh9XHWAAH~JNEMEF9vu9.HXf9Xh9WuW9uiff~JNEMEFXvuf.uXWFFFufXFiHFuH~JNEMEh9vuA.WAf99XuXXAFAif~JNEMEhXvuW.AHfHX9HAAXWuiWW~JNEMEW9vAh.WhfAHAXAiAuiHF~JNEMEWXvuu9.9hu99HuHWAXfi~JNEMEi9vffX.XFXAWAuXWXWiXX~JNEMEiXvAFi.hhi9f9iuWi9WW~JNEMEiivH9H.iF9uXXiXfiifi~8GNvu~&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3Af%3A%3A%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Rxkk1jm%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1708990082171427631&vgd_l1rhst=c.pm-serv.co&vgd_rpth=%2Fnpfm.js&vgd_hb_audit_1=8CUKR3SFR&vgd_hb_audit_2=303252495&vgd_pgid=p0677540322t202402262328&vgd_pgids=1&vgd_uspa=0&vgd_mspa=0&vgd_mspad=a&hvsid=00001708990082618016112663393325&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by: Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 26 Feb 2024 23:28:02 GMT
content-length: 35
content-type: image/gif

GET
H3 200 susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F52 50 KB
19 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2eb04e300901a3a3cd45287b3dfb91127a5771bd68dfdb86f3b619aecf0ed44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19580
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 07:38:18 GMT

GET
H3 200 susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js Show response
pagead2.googlesyndication.com/bg/ Frame DE08 50 KB
19 KB 32ms
30ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2eb04e300901a3a3cd45287b3dfb91127a5771bd68dfdb86f3b619aecf0ed44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19580
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 07:38:18 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 665F 7 KB
710 B 43ms
42ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;400;800&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1fbf349f4187c45b9db3cf18493a66cc8062c23180ad9202811b1e7deef3b0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 22:47:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 23:28:02 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/10100941472053833796/ Frame 665F 2 KB
811 B 30ms
30ms Stylesheet
text/css 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10100941472053833796/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc818f3076e76386ebe4f177ca53eb56c9202ca60b7c6f43c4f90bcc93acf2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 08:28:26 GMT
date: Thu, 22 Feb 2024 08:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 781
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 15:59:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 970x250-bg.jpg
s0.2mdn.net/sadbundle/10100941472053833796/ Frame 665F 20 KB
21 KB 29ms
28ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10100941472053833796/970x250-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19563baccccb97afdaad9daa721777b8d1ae1c34ef1c77a247702fbf707d72c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 05:27:55 GMT
date: Thu, 22 Feb 2024 05:27:55 GMT
x-content-type-options: nosniff
age: 410407
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20980
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 15:59:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 970x250-logo-full.png
s0.2mdn.net/sadbundle/10100941472053833796/ Frame 665F 2 KB
2 KB 42ms
41ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10100941472053833796/970x250-logo-full.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21bbffbea8d08f72b2622684c1abfef6356beae0ad429571101701736e792a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 08:28:26 GMT
date: Thu, 22 Feb 2024 08:28:26 GMT
x-content-type-options: nosniff
age: 399576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2149
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 15:59:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 970x250-logo-pc.png
s0.2mdn.net/sadbundle/10100941472053833796/ Frame 665F 5 KB
5 KB 28ms
26ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10100941472053833796/970x250-logo-pc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0784c077daa911e2e7e54174409577e34af77e39f7ea502baf6345036525b8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 18:29:07 GMT
date: Thu, 22 Feb 2024 18:29:07 GMT
x-content-type-options: nosniff
age: 363535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5371
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 15:59:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 665F 70 KB
25 KB 99ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8259816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25247
last-modified: Fri, 17 Mar 2023 15:51:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64148c93-629f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXVkQRj7hRXe22PvdB02oeEkykaT7SQiUhw5uHrPVpj8gqcs598ZQqtTLuZdH7xEObPdFwLShCk8Ae%2FLWP%2F0kSQHCr8ruAqzniqzn99Ys3xZXD6%2FNpCACxUUmli2St%2FA6xmFbRc%2BSxmCOvRi0T9fguOr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85bbf6515cb84bbb-BUF
expires: Sat, 15 Feb 2025 23:28:02 GMT

GET
H3 200 banner.js Show response
s0.2mdn.net/sadbundle/10100941472053833796/ Frame 665F 2 KB
644 B 25ms
24ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10100941472053833796/banner.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8b1e5f0f44d378174dd3dbfdc0273e98be2d7f31ff6464c33176d09a8cdf2d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10100941472053833796/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Fri, 21 Feb 2025 08:28:26 GMT
date: Thu, 22 Feb 2024 08:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 614
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 15:59:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2E33 31 KB
11 KB 139ms
65ms Document
text/html 23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUKR3SFR&prvid=2034%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C550%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C3016%2C2025%2C117%2C3014%2C459%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C2040%2C261%2C141%2C262%2C461%2C222%2C102%2C201%2C3007%2C246%2C301%2C4%2C203%2C2037%2C10000%2C80%2C108%2C9&itype=EBDA&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&gpp_sid=-1

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b9bc1ee8c4073eff1f434707eca494f62e1785886881526f58aa7c512a8e8118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 10759
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 23:28:02 GMT
expires: Wed, 28 Feb 2024 23:28:02 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 log
hblg.media.net/ Frame 0B5F 35 B
191 B 70ms
30ms Image
image/gif 23.58.90.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?pixel_len_bucket=541&logid=kfke&evtid=plutol1&__q=AYgEIwKELAQCAAABAIAAAgAAAABAAAEABgAAQIABAAgAMNAIUjE4NzQyMzkwOTA3MjcyOF8xNjYyNjk0MDg5XzMwMzI1MjQ5NTE0NjExQDRhZWE0NTE3NDUzMzkwNjU4ZDkxNTY1OGYyMDNjNmIwmgdSuB6F61HYPzBodHRwczovL3d3dy5vZmZlcm1hdGUudXMEVVMYb2ZmZXJtYXRlLnVzEjhDVUtSM1NGUggMNzI4eDkwEDAuMjkwMzIwDmVhc3Rfc2MuOENVUlY1MjU3LTU1MDc0MzA3NS05LTgIRUJEQQgGYWRtAAAAAAAAAERArKT5-7xjAjIAAAAAAADwvzZydGItZWJkYS02Y2Y2OGI5OTktd2pwNW0uU0M-MDIwMDA4MDgwNzYyODMwMDcyODAwOTAwMDA0MjkwMAIQMGJhNTk1NzYCZAIIZWJkYQ&utime=1343&sf=0&cpr=0.2234187809091459

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-58-90-38.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 26 Feb 2024 23:28:02 GMT

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/19/ 622 B
935 B 121ms
115ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/19/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4dd6f056f8b25904142307e2fc6eb8b6b9ba8e7eeb8d3fea15add77aef98e39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 15:37:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdNeEeBcOb1ckseRSvsHUGAZ84QmV7932bO8ypQPHoC20IRJs%2FcNanosWsDHEw%2BJjpQ3FXyjq%2FLcstxDqiepiIGYb%2FwrFC%2B8nNDb0p%2Be7pkemx41aYg8rI9jsYyhKUrZwBIE%2BRqZpLVeiCPE383%2B568%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc7d4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/69/ 858 B
1 KB 363ms
358ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/69/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff97bcaf602dfe77d822148616137565b2006068bf13cfdba06381b36acb7b09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Jul 2022 03:28:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQqws6SSAIJIoPOorJDIsUSRp7aSWT3ZR4Zn7hiMKiH6qkmmyops156wK29pZpPESC12Rh7s%2F9z2ZxS4YL%2FE5zx0Q3XeiswS68WTmMqe3RoUPh%2BpU4bg%2FV1rVNJZIf4N%2BbVJ6uO%2Fet3x4nmWgPf7PF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc7e4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/103/ 602 B
935 B 362ms
357ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/103/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b4ad8d9670043a8bddfd23a873267f8a0b69d20c6d4462b99cd93bd2ec4fe5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 19:49:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dqaaer02DnAvfpcK7BjBhUWhX%2BilKmW2RzpdCwdIuiz2yXNgmUHNQZ%2BjTFqRja1%2FboGtgYJSUR%2FP%2Br%2B1BHYRcMROYjQu%2BxpZZqof0c40FTajwELBk0rDBHki%2FXjU6uCpY1OSEPT9jZZU5JPxX8TUJlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc7f4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/213/ 840 B
1 KB 40ms
35ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/213/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da80416501065eabe7ea25359a8b8811926d8a212f3ea94b8cd4c55efb7df3c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 22:05:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2074406
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjodwARVnyO9EwhJx20cJW7SrqPSTVBflHQ%2FXyxsitck6aiixN7m9J6ufhrpefPIKfaJJTuyWb7Gh7brNjU702SYkOTrjK5pRVHRuIB4G2oyymC1gVipGOOxYpCp2ZTDnw0xHDCo9kuwASqpRNCz4SA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc814bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/42/ 1 KB
2 KB 373ms
368ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/42/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69fa52163f2919f8779601fb55952724fd3bcc7d023a8aa46a745411549a1f07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 17:44:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZEXNc1d4fs69GS89KBLgGd2h7%2BNVaDw%2FP%2FPQOjWV5ockps4sdDix7Io4CZsoU92H4ZnK8sht35EMSy0o9T1HYo6HE5Ps90hLdQVrS3HU%2F584r7jY7gm1aF%2B7h9Uh%2Fg7iYVprjwIStT6qHuyU2UpCqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc824bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/18/ 996 B
1 KB 364ms
357ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/18/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d68c45e0b73fded64846aaab4cc63091cfe71e4887d856521b4007880da1a619

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 20:02:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXE4otzdMUZh4unYbVM%2FHDRhwTqeCWxKZmR%2BK6agymtdGFjNwO5zIrVnnSJ30gc7ydcyz1jnvKWSgtrz%2FFh8sMnUQ6hMYOoBGlKz7fKg2UAWTYXYmjRDVEs1WFIVn6MQb8hxHGTTRgOkxoIa3Tyfajc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc834bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/81/ 998 B
1 KB 361ms
354ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/81/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56d01b4cf70e0ed0b165975a9593af188e15a6a852639d17505e1caa8f947a5a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPHSy%2BXEV4j7MsgKXU6m06XPxj8KeIFqRDVRkceBJKMkn02yqWFf1JaYCNYegSnU5rwA5jQcwWh9linhFTUdvtshal2%2BasSeFja1miLEEKfurJDXsZWblY1D3RApMAtOW7lnnbJn189DubQa4qoWzSE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc844bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/108/ 1 KB
1 KB 119ms
112ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/108/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f6174ede3693c2d9532979043825dc703abfa9b5f3364c49abdecc96af24ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 22:08:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orbNb2jRRSDSSXOLTnxQwVQfiYfWs4XCjxz3%2BVqDcj3mkNBliez%2Bk%2BhFHM572UlpzHU9VQCZCmOvPSUIB8grtUQW%2BE4JtltOm60MX7ZOIomwPoKFsfPqgDZr4jz8SA7tKLUkmCWxsmXvfroCvM24z2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc854bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/31/ 1 KB
1 KB 359ms
353ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/31/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f73061d8b267eeede951652354891814d6abac0c6aa48462f0d1eb275a3e710

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Jul 2022 03:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8udS9OKDZtPrlHXz%2Fi71QFXsNPy96m20Twj7ljVbMD3jVMtcwbx2XyqctbuOUEjuh28uV%2FYAO69IKRdDqsWc0mv2m%2FqWvN8H6UoWqRE%2BK20fe9dhhjCs0apRgb4rFNS%2F50H6cX%2BXYeOVmbhYfUhMQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc864bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/3/ 736 B
1 KB 120ms
114ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/3/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3765812085e78cf5c8ef508d37dbb388e759a41b38a750074c9f89c3ce009d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 14:11:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Bfq7L%2FpX9EjLivUjqBmEOsVRiTk%2FuYiWQ%2B8TkRiseqU6aAnz8%2BgaTugETfm3%2FPXpycsRRzQUyJjP5HFQXHP2sYI02TRjWi9gwUBEgmutSLIU0zR82B4mFAnEzfh80VIQ6VsGdRGCFQcFq%2Be%2BH3zmZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650cc874bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/236/ 1 KB
2 KB 153ms
148ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/236/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 537afa8bd712691e693b0aac7d9efa6574e8d7b1f3947579ee02e7127e873e6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Jul 2022 02:01:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWmyZIwKsN1m08xTJA%2FhysuHhSQX1w4lzNtVYkz4q8VRRe9%2B5EinBp0NvPbrRE2fIYerHscXyVB7CK%2Fdk%2BMe%2BfFjE%2BvUbq%2F49kq1k99UcFbtMQCbtO8n7k4Sas%2BnC3ObUGMLYRaKmDKN4wRGsp00fMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650fc994bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/73/ 1 KB
2 KB 152ms
147ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/73/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97806b1ab991026f8028e149e626c2429e7675a7abb51291a97bf0798ca73d39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 19:01:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPkTx9RXume8XVJ%2FBUjQfuMmjrD%2BhzzsrJsxgewYhe8Le6UmsNA77TH%2F3SQk1sAnZE00wDpl5%2FdOap09fWOXEd9bkS9M9iKMiaTVErn%2BOyNvMSzD4KVTttJT9Q4EXvTqqjxIsYfFRGxiQ2%2B5mB10XHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650fc9a4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/110/ 368 B
678 B 385ms
380ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/110/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236385f55ca213087f5ffd207ba411f6b8be3d100ad827b5fa5d627870459a28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Fri, 02 Jun 2023 01:58:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6x1j2XUmeA0G6exVphC2zdjO75h0QUtJJzwDe7JFOkYsApKSa7Gj4KIZA6xSSsivKeMfsGVX50u%2BONUugxfPPUA3%2BYUV7Vquurr57vqOZk71BLS63yfDi75F%2F4DH649xU7nXuigd3M%2BbfhXJ5Qommc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650fc9b4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/93/ 878 B
1 KB 386ms
381ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/93/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7947f7ef98f28e9f013b67c652054290168a9f1cea35d6adaf1d9cf94b189fda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 17:38:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BtJMp6%2B%2FUWUBDPhNyhgYQG9U5Pd%2BXiu57p%2BX%2FUWVnqIcHC90LVWycz4R0b6hR6NvjpTAG4Uu6NAAaIRI43jqLbrJQwhBBK8riyLXj694nYrr%2BWsyB2KgIiIVI8mzIPj5pPyU1NTCHEUFBJ3NIdvmzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650fc9c4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/212/ 462 B
796 B 387ms
382ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/212/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e732bc8162534e2b55058624bb0d918c31c4f2281a06fdd11c9316c245c201

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 18:00:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44bkFX%2B53U7qd8mGqJ8STDD4zk8w3oUZ8lXZoY96e5IYXZP33OaN6KJ3h%2FnjEZcWyedx8f1rHDkOtKn4Nt1Ubrh6%2BGVosUe7Uce9GDcTinI%2F5EiHywnIxwYNJkygjepSaLMIaKC7rjGSOyuiJdDO1ZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650fc9d4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/211/ 820 B
1 KB 390ms
385ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/211/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 241a46fd048af19c00cd5f4dcaea50a1f55f3670eb08391958d4dac79de8431f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 20:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq1sewYRg5RKg5%2F%2FgjDXHbK%2Bt4xu22N2ZW1Ude5SBq1%2FrA%2Bh%2FV4tQ%2Bj1pHOAH0a7rKQa9gGEaaDBfZalRkjz%2FYs0MclEVwgBqJewwfR9Rjnx9NdoAONI9TtEtN2UmKjb5XUwx4qoNjiwJ%2F48NXYrjW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650fc9e4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/210/ 656 B
978 B 390ms
386ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/210/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91034096a2642e55a433bb4abeaf3190199d4995a8eb28774afd625b9064dd8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 22:13:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqMquJKntWGTXw0pNJSOdFpT6dtnp5a1hdFsq8S%2BBVXmLLv8K2RAvm35Q8rvIQYEWkMkGq4SIBUFGMYSPv9fhh2hM6HDriBfce1dpFxr7f0aodRcvApVGJazYAqJwQqoG96C0SspPOHtKvcQKj4OAMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650fc9f4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/24/ 1 KB
1 KB 153ms
148ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/24/logo_ss.webp?d41d8cd98f00b204e9800998ecf8427e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37fa0aaeeede8433faf6444c9229e12b498f3ff8b7e62f774dc095d4349c0e42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:02 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Jul 2022 17:02:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiExZ1sutsxb%2Bp4%2BETRVrhNigVd8zZ1Y6RUzZY2Sr6sP0hjpidpaHBdwVF7i3Vl4frk34lSOSctsT6X%2FAtf7VwW4bAOr%2F%2B%2FqC7zQMPU6lJGBGnTcAHZTUL6eYLl0i2DQTTC5HeJhxBm9ojhXXlrfXZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 85bbf650fca04bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: 31556926

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame B9CD 30 KB
11 KB 30ms
26ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9gJ2oQzN-KkA9tueHtW9rCreWi5qzQ7np1LDUNwe441i1R-dIPzYdEp-MK5AnJZehfquvQ7S7m3ryEXmunvfXe69Z2ruA_b7Os5Dcu8DOX8oLAXxm7lyfSkxEH7Cxzq-HPtWN3PKTkjJ9B3f3QG5tubohuqDE689khc3dK-dVETH_OYcVaU7-rDoyH6k-DvTGattdNeYka_THj8x0WvjBwmDRDw&cry=1&dbm_d=AKAmf-Cyn2yXoEhGrrbC4_8rWaxZQiuCt0mD76r6ntdWXFUGCNI9cUZxKUU-BQgLHO8xV__V0XGKPFWxE4oK2JBCxvpDqDifhZTIHsxqP0C1qqDDueclGf6uOS2zETyrGCinv53XUs5N-Lqvhlmkqwngf67dS400J_3g8fs40cHjOQLW0U46TJB3qVa4LleLX5AVUMkCsoXSBKs3y6rTMMwhPhqlIwughTM5bLYX7s3OmVaTjUOiLUBVzifKVlcmM_DkZ8SGv_ohOt7k1tEjp5ZOkhB9f__I7lyaS6N_cngKocmNE7jYZEUR97MQ70mgh3hktSazDuMvdRwxIoHnasFkubd7QiY6IeZEP-DXP84xDN4oqeEQ0DJ6FxPG4zyRZvcJla-cLWRM0b4CtxnIcTDStwGKM6Gj7hL3YGrbsPG0aIr31ppNfgHG7DrwJgm_43B9F9FHueSJAumUMtVHVhmwr1oO1yrQoNQjoDdjnl4I4g2qc2sam7mZa3oijcQ_eoMn_ZPqn54rn1HEsObT_Hq63iNY38xRa3FR3z9qiiiCCYZVslpAYwzaq8lKuG-oeb_ryInkQqBa8s6DBy4qJ8fk3PkHOSKbN8iP5s38-WI6dyheXPA_8Y7m1RQ8LVe_LCRDT_-iDdIRivFHWkfP1oc_b51Z-v03HLJGIwFkgdkTMKGGQiBRcvUmlxQGbjWWklxk50l4gWVenRE_mxo3MlFKkPQQBa3imN5xZuQtDirDv_fw0ihrGjxOP_s7yiScI7UMnvCI2RvW_ebV3IiCCIaFry3ZJ4Kb8hTWzU9-6Fjj__jKWErdfPFxhRKt4fJeglYoLlS6a9MMviueapPysJ5AHklNrb7YtjDRc2Rz5PCST4YIot0wO12HLzbVBcPAI7iGxjYxROAFyxaMjC9FBbph_SVTM68U65UhL0ExJ-eq3JXRRSYEKFKRdzMrIAZ91hClcDD1fiLXmRj4_qQuhdG4XzQFJkWFo7ag6pMXTrTiMxigIQSId1qKQEJyjrBhzLv2bpJlJAbnXaZnMmdrEWBgTr38pTilEnVeTV8nYuqlGFQU_OBfffdLJjw4D8XzhfXiZQbw5Yet93jhW1Czy6zqON2O-8ah1nYPML9OFyOMJAnxVAtnY1aojiUsepkLppz-LbNqswB_8fSSnAp0ze4TvCX8IIxw7LIydgKN7xK3gV4EYsBNLj2hp3tHF7DWYiuDwlwZ0y7o3DW1ZNB80lGRDGstdyJeiFrWTpgo9DXuJe8Wh4BDUovIQXoXApva_v5t6sEOmm058OwjYfSyHfHrghJl6wR93IDnxzn05M_M3mMCk69r_3uUP3eyVSH-TvCQoDC4p91O40vw0UYIR-DTjMfYRHG4Ew8wR0vpUOoQfnlEe7i8szwGISzqoD5r3klH2wPG4NTVYRrtZKAPeRWewqnjksy8k9maXS4Vn9kwUDoWGup4oa9aOEBQ5Pnpk67lKG-qv0sNbQQ4mb7Oh7MyXmA7SgcxI36Ho7h1UuO3scM2mibkQd5og4NvneeLPYNgfqBvLUXq1LtaMySApmp9voSQ2BS7RDjPxX5b6EWk8m395eVPfzQJ-esxsRjGFIPc7UtrWLRgChCXtoVGvSjejSkJoQb5JlpZfcaUItUBNkvBTON-2WgVbhScmO06sSgoYUlOixDkST51M9dTqmRtyFTxsnGB9kwo5ru6HK7l4NatsHC54OTYJq0idRCF5PXRzlJ4PHnptVSrCnuojoYsFPmgGoFyLfcQnAmDv5FvGErOzDaexmx1ilRBamQpPtYjB_s2jEcvPJbW2oN3xg7CxEr6EjPzo1K8YgY2oV1ErGJYywt0D0yK23atf1QIML0oww4KmxrgOMar2vfI_WAtw09Sig1cysurS3sF67VSg5bYSGVO1Rk1msfAIbgKfd6wpUKZelzF9PyENhQ9Xk7VPqPAAVjcfoEKf2SOhR4b0eVqJHmSbRUSMxQJYT_z6ImdRVIEdwEFGi487V6d4hntuSWBH-b8kTrZJOA4yvM2iSgUCR9ebCVmTI5LLbkTC1XL9-y_5iZJc_urG295STwz9Csa6YcJ3Ogs91zR0KNsiquYIF56X0ZlJ3lhG9pV44ayG9yX1hHN18TWhQhWn5R4uWjlAwk6oS9_K-vV-RwyCb7qOtbRBH1PSH6hoI1f-uczS0JdeMPmJWxulxn4UP3CuhZZQ7875Qej5_CfJHFMEVvkHW2WFenZ6mYkrOVBgTbyW8qEYMZ0DW1CbdfrhXU7shkAhI_gooWp1_EOgzkVLyiWTIZw_403age2Emaegi1CHwCVdTQBJpaVQyGDPfqJ67t6f4FX9fJU6Xhy2I0AIpOt--MRh4uXiSqXeRo_wVOzZA_lWEotmJPxaJA8zh_W49BD1XE57FzkkmETZkMIevqbqJrR2fHkODmS_f08-pb5X7WPO-qPXdYTmMnNJM5qmsQtCc0Dq83XtqBneNUI587n4X4EKlb0YnTsxpA4xKuhDYE-5lEfaz31OPf85WVgt3NcObg2S2mr90E2IIYHx-iIzuRcOoLXooXO1mBPxrBhnPh2WKkOr8-E7YeI3dnWajsBXHFRqp5VHSMiQfuWnhLsU-GDPa23dcOugq7sno6_EWOD9hdVKuzAvYbYrCdly5GQUmoFegga75GYCVq_TCnJrpWOg7nc4H7qROAQaS3yeeiaAxnxE3BU9zF2AnNM35jjDkvnzFf_73QdJ_S5R4nWSlKtq_ee1QP2eFgCXE5Rw0sNvhteKobMUTODqN0araRCC6CWgO5mDnS8jbavOtp3Tnm3XhJXIDvFJBdZODAs17dSIYCHFQc6Bqc7uZSdCHuZsIA3F8g1CPW3G86GN-BF1oJDWo8MSSrGT1lZ36MQorYPTeTXHXOuTSq3KmKMLAm9ZWEuJPusIuJBwBoMNMvkH-UGEimLrJRNvEK5HCwm5LygR_eDnqN49w0VJhK-npghwDvtLogp19dw_JVJKmty0VnSBQfL8HR1PZrXXsGtfMeye74GbPTX1_uiWqxrf_cZ5gaCP_7o0_kWBJBJUJye_84pF8jS9NTWSw0TWEoZQH_Y51IpssLoru6EchBeT7cZeoQ4jR0DJ_mbDGKQa2g7RQpq79bax1PgNNOYm-M2JtF0XgNN6zgvwVVwkcIxzIT9DIv5NLnYeEC0LgroWy6dxiPXpdG5t9mDEmoqDilLAcigTmjxkomSpIdMtW0Du-Nyx3L6PP4--M9tHHiKckMkBTtkMQoTh4JQTwA6DhoM50D2LSCuDP3cAmo03tNMs2_wgt3UqKmalKZeyBbLhHmXrpWbu0kft5v9tu0DeW_rmMXfWsakz7jJV9RJ8dEUdX5tRrpuF7fjsF8mLhbtDCnj3e2yrhxeJI8A66ZnCCGNeO6VRJSh5mk0m0Le53kCAi2pPulMcn14TfGTKprcywKKrBMVukg6HmcgqokNssVKqVh78SFAJ6DzpDQ-n_-4K3pqBa2C0KAUwrbiiT37LEQSpR6nfHy2Rc8L_AShfsXtHRMp0w031bY6s_Lml_NNYk2LtiJ9bMpfwd1frcN5LAcJy0pFMkv2ah0xZPcS5Sjpt8K-mGKu9Cd9iJKSQUPLXgDy3EtiOHoHG2yhy-eau6LWFGj0v2Ozy9Z5S2TzkHyDUpxaEzHL1p5TNYB3epk2iK4zaNaJanWWXnms_kDaV_4RxkDPDiQxF8w290-kZ19ZOkbl9BcmRUUElgDH13O4YXqX3VMfXcBrImwO-9XsYvVpcbIbU-V6lXVHTfa2QjNCrar6t2YLQb2s--7vk1IS5H0Gypt50Q&cid=CAQSTgB7FLtq5GUcW7fYeoVFN_yAdlWhxm5SZrX2SoB_KW4KBJ7bnBeY5altkiwC5LX0J9MJ4CA88yMiexXfSNt3lyhBiKIXf4kUz_d-QRsqyhgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.offermate.us%2F&ds=l&xdt=1&iif=1&cor=12346517626059457000&adk=3690638928&idt=80&cac=0&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f43ea6cbbf261394f83dc2f3425942bf6ddf498490f6cecfbf38739c1ff8b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11549
x-xss-protection: 0
server: cafe
etag: 13750958460409166979
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:01:02 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B9CD 41 KB
14 KB 28ms
25ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 13:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Feb 2025 13:35:06 GMT

GET
H3 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODk5MDA4MjU1NTc0OQogIHNlcnZlcl9pcDogMTQyODM4MzYxCiAgcHJvY2Vzc19pZDogNDE5NDkxNzcyMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame B9CD 0
22 B 94ms
91ms Image
image/png 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwODk5MDA4MjU1NTc0OQogIHNlcnZlcl9pcDogMTQyODM4MzYxCiAgcHJvY2Vzc19pZDogNDE5NDkxNzcyMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogNzk0MDY1NjMyMDU5ODE4NTU3OQpkZWJ1Z19rZXk6IDEwNDkxMDg0NTkwNDQwNjE2NDU2CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0yNiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODIzOTU3NjEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQwMDQ5MzEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTkyNzI3OTkzNTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MzY5NTIxNzYKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRvYmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZmxhc2h0YWxraW5nLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0CmRtYV9wcm9kdWN0X2lkOiAxMjI3MTU4MzcK

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x92a8c618bb874cb10000000000000000","13":"0x2f1f89e6981cba5d0000000000000000","14":"0x1febd8964d76a9490000000000000000","15":"0x5789ea70e5b5f1f70000000000000000"},"debug_key":"10491084590440616456","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"7940656320598185579"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0B5F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75fbe3eeea7c0842d1974efb651d5e07c30bb1049f72ca178c2cc6c7b68ee431

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9CD 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35b7a6a64afbf839a296f83d0c6fdd90366f3cb68bf187b14a14a400ea5e3f5d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 376B 50 KB
19 KB 28ms
28ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2eb04e300901a3a3cd45287b3dfb91127a5771bd68dfdb86f3b619aecf0ed44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19580
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 07:38:18 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/225407;7893667;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN970x250/ Frame B9CD 2 KB
1 KB 125ms
38ms Script
text/javascript 184.28.61.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/225407;7893667;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN970x250/?ftOBA=1&ft_domain=www.offermate.us&ft_ifb=1&ft_agentEnv=0&ft_referrer=https://www.offermate.us/&gdpr=0&us_privacy=${US_PRIVACY}&site_url=https://www.offermate.us/&pub_id=1&sup_platform=1&cachebuster=374268.05663060804

Requested by

Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.28.61.13 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-61-13.deploy.static.akamaitechnologies.com

Software

prod-xre-app20.ash11 /

Resource Hash

8c0847d98ea6317ddbd6e93ef42c85bb6778bd29451cba057cb5ba9a80501bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 23:28:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app20.ash11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 942
Expires: Mon, 26 Feb 2024 23:28:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0B5F 0
0 111ms
111ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch7pegR7dZfqHApjTo9kP27S8uAnxi56QXPKJ5eG5BcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTc2NjU5NTI1OTExNDIwMjfIAQngAgCoAwHIAwKqBPQBT9DCnwjrXXv4jTqNIxGZu7VSpFpboJ3zcANVFQxdztuT3nCqbuoFWnOKAKa_WhXUFUzxWm4bnMt5E7qNh0nYYdPgAjoTwHX5jCHdzam7fczFWv24DsMemRKupx83VoYthHxaM3iIW0eW61Xxrjuyl97Q1RkX0HFjCiqR0RlCaBcl_cEUU22fim0qhYV2bqp3Xhz-ww9jnZ3WSYioBEvaRSnlamaoBrwFm1qMmhSs7C1lwg5e7umpKRZ1tJjI5Y_HfdTIQSrEFN3X_Cx3C49dA58K9TrLBwiDMllEcbe_kQFGlFtQleWJFSvALt2d74Z_jesbRuAEAYAG6ozw6_2XsuaqAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICACEi9_cE6WPSdz5WUyoQDgAoD-gsCCAGADAHiDRMIjvbPlZTKhAMVmOkoBR1bGg-X0BUBgBcBshccChoSFHB1Yi03NjY1OTUyNTkxMTQyMDI3GKToGQ&sigh=KFzQwjCp6Uw&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtq5GUcW7fYeoVFN_yAdlWhxm5SZrX2SoB_KW4KBJ7bnBeY5altkiwC5LX0J9MJ4CA88yMiexXfSNt3lyhBiKIXf4kUz_d-QRsqyhgB&tpd=AGWhJmtXjVOT3j-vOur3AU7iGi9e42zWUAaC7axgCwwEybHsEUTa8yTVcmBC3qZo4viMqohbcc4BbRev03dp1hDDRwIIHcRPLcyzF078uuJH6sxm1AQbsibJG26Q1t5l73NhAcjNJGhLo_7Akbaq0dTkqmOD2_tiZ21IXJmrytJh19eRHwelSQmJ1hxokILq8WR2I6m_NZZfnO2NrHwbXOld3xZ7UMvTCzvVVLbMgleBaw4befqdCHKQGqKwWD5YilrwBjAOqx30HUqOfLQiXBh4KePORXvjV7LCWDbCAKboQzcl7VATC5yBPSWF3V7e1igAuItFk3oa9jgV9wYeC536RdM0zH0YohBfAb3jc6A_mH5FkI3xhcbuxT2TGLDOW-0IuIvAA0sU0lsu0agXdLhs-7t8jZ0fKsBmzWr9RfS6NcbqjtF9YBlI2clSAXqwC_GvLPjLVyIxvTaou--0XAuctxtVMNNY5ME5hK7zTSA8oDmKPOeHTRhZHMHB3LBqxRz8caT2YbOeEESkrm3JAniS5d3aijkDWZLu04xaq4pXwpdzmdyGkQSBp6WBx1azIr-miFgoeDZaucW4-xvWToQDK38pDSczgw0xy37u2AHtLA6o502UcbM1shPqsjPCEggdM7Na2F2rPECeHWT-netj83u0LHU8cWa2TeKgsO25I93TdgN9b_zWYZdDNXg17ewNCv6mDlkFCjd3al--Jbi4aGuOXaxw79yqPBIK7WQkJVtN-sXOmUaEx6KfYUf0tMKKTfTedY0ZYG2OfjzJAvO6LKH4_JXiYuVk1bISscpRto3DX39FOwk_GthTHqTyXWqnSP0SIu1Rdck_8APSRnmqB1Tz7kdgRYwEue_nBcLRg2bnpA5PShILo8wzL93S540uJ6RDvClaOeBjFSSobbgXNx_IXiDEAxfJt8gPiEJ_qHL7UX9g1cqOBBfcIKG5BF688YobRZvKzjBcV_lNQutneenhJBQjcMVU7dNC8kaeZqZP6qHMXWmTZOJCndPRCQdv_UvW-o5CQJPHoPY62S2biqNfinRs0SpW34wa6cIX3Jare0JwviaoPjzmEX53AycKQZmkexUW2XeX9D40z_K9JXWQEUh6MFiKnr1OVtv4lF3YPE_zS5X05N3R4h2HRjyPINzJdHkLZhoyGdXzSzMWkXCJLrnBzZUZXCsgBiChUcAasEdSZoZvFEp12-Hj6GTHUeyFHE1fLaqm5GTJYp4qu2vXVb913qPE3ZbBPXZW5FAv1I3YABf7oY5NYix-ulBb0HFTjSa3QA9viBPraYL_WBYyRsehtu7ugHN34N6WkVEyygV_T8EQRKfU6_8tRK_xpgRCoXSRUJmy3bdfHQ1pDogHoNutqC-iYf_yVsx1VIcMxMkVInKMDruV3ac_NBOjIWbDGUWvX0IqYsHn4swew7RKwAnroNFE1KNkZNw-OO0KhCo68H1CxWqhtIWlNP3pRk2IN5yXVdBb8k-CqCXsX0OKbVn4frThL0UjCZ8MLWr5A88CEGBYqrAL1tOQo53r072sIzdCoQt3L97Zl_i974Sbh3qt5Lmrht8l_KHmThNwGWV7YDCimEiBpdwJBkzuF_xlR3HN4R9F7FBmLF9NSZiaxbJq0A_DP7Xed5PfCS7-SJdH2CvobtOeQQbUFi_uCk0u2kd_6TQoCYM_z-MQqYNUS-SQJkpv2GqdU1tBTtdLNW-OL30JR1s_ZdLlNpnlnK61OEH4FwHCfaflstEnsLhzHFL-kvbua3l1AS1HmGoanrLWAuFkp6NLbm7Var1-uA2kMyVwJAgRDrbqz5JF0TlScZFwiqInNtH0SR3ey1Mm8OimdcKheBVreiDgxpsg-opVyD-zpvNDp0XHHKy637MOZfTcIq1gVGRJY7uvnouCGA9zdr_R4VL7djYJvHMFsGs1Q1qA5rER8S6xLsRvfiAytTzHkuS01LyhnAELrgZY9Zeum_zrUfynbcVzcuqZPl_4SqLnWGtTCwCQ2K0SEdLkD0tChOJlaB-X8eYPdTUknTo4mxKWZ4yy12ls6bg2_-6uaRPcg8bXeQG9WSEifevgeOiN2w6tWvUHGltU58BFDyYwQDLtOMa0Vo5mBhUGFF1nOgdu6NkkuArNQ3Slu2KGXzOI0zxlfxC83tC3-P1Uc_Y2DXPApJMDdTirFvQtwEQw3R4ir5dKLmcf5JG5JYRygvyihAKjWJO9ONH2RhzDwbLovWwPnMGZWZt7_660nNkuTU4-J5-0o1NafcnRKmZEDGEB_Nv1ngOmz6bUVJEuVPfLZ00z1dt_7uYbWvy57L8x4pxb5zaIaUn3IwgnAYxKWBnEQXXV3bn0ksYvMhIT0T-tnvNPMZGt8DncHS7lkIkW5YcdJXtF7c35Lz1ihdgMPUItIDvnSPI0VIYD-kYWi1h-8yd60ad8fIRr-Pzuow1cMMUiGw1p8_duedGXFirjDUDLbjmt5FImxbpRAb3mZ5wHvnyHPU5Gzh844LomHDe9JvJwM_77yPhXFoN1eRNQ8pXjKJvdayE_cC2Fz4SCDhog2Hu8bC4fxUlhi27wgKODKc8nI4LhtoFmHEQmg0j2WrsOMe_y1MZbBS0tAWM6ZRkfQ_sBYY0uvgUaEoI4I5KITi4Avec5LioOCF6Iea9iZOSLmPQLIXjDqPwoaV3fCBekAYF2OrSA-YSl3uhpo8uvDCBpjwLch1tz3DfVCtGgaDAlJ4_-JC-0Bw1HRKgYYf_i0qtuoRfy5FN6-pW6c8Jq8umGZt103Bml9tJf_rFSotVYCD7DzgaVDZ8C7bEAsiiNLq7_6h12dO4kug-nSjKOEEcs2ndNSo6VlTmg2O-XGVKA3cGMVy6noiZAcIdtgBpejwEvzb2n33dFGP64FjnsDP1W4XvJm3ZSlObWR-G0oUGCXlNSMXsnUl-m6LqaMpbxSXmtt0SvPMqerxwIaoxAO3aTRtSInUDS19vxsAls32_1nJimREjq22DInM8XGEKQaPX0Y6RyeaReD2o7CCVVCMGrocohjT6p2yvFn97V3-mO9AwEJBlcTjwf7zE3H9_5QNT3fe9uE8k_Od8OSEi-AHnkgM6ht8KyHa0x4ytxXXcTakAIP_E6PR--DlhmTaMX58rMsCLndl9ea33QXGm-mVAh_MJZhbKWS0atApTvhaJr32olWSbFOM7-69cq1nQKgX6Ki704TPiiwoMzzSnHJIEiVQfH567iuJGBwMIg7wZUqXXuBkC_-civL8rAFWt1z3RS9bJMTVtYmhTPD-rcHuCcfmL4wLJKJc_Viwor1IutiNvr2R6_EAdqGKDichzOXrL7JWiLLP5w2w6WHCvTkY13rAtQZJvlR6CuEH_H0mzZEApw7aQWs1WLrS5z2gCy1XdYB-Oww1Efe8plpn_AFFNu5UGWQdzAAEcjzNSxRbDdhDWSmYiQzouoPwNl9sPZS-mSMEcdLaNSRt0gW_gb1xaOI6aOkvOT9KhhjFkYV5ZjEpuOkqFYd-CSZE0syLlXrgiJ8Cjr9R-di3y5QmGYWbALQ3XHo4LvWD734b5khMAslvGr2ebDgRTKgEZQnFG8G2N0BMfMIBhy5V4-xTzYLc5St5UzKNQxQnnOkWBydkrPTCyFtHKdBIw6FMt9xn1qZA6ObuhHvW4jDQbXH5upABR4BBeU3jvLiy0Dt9yi7BQ_lMTWjnOq5bRszm_ht3-1UuOnrYFmmP2qO8a2-kieD1EtSEYiUu6XCgF8Ay3OhnTCc-fVQCeR4Zq65m50A5akHgmrWPrGhG9t__LPZX1eEnI7Tsn4o7Esm_BWMt5WxPIoqM2CapyoVqWvt5cCSgK76Nn9x_79IVf78ZtOFMAy4VWwMhzxHcJf357eeQbE0gQhJG3wv06-LNQp9_Yo2vS4Y6XkvmjX-rWsMzMfWeyqOaHCbZl_eQ68uWuhXgfGUvDJqNiXFksdGnRt-N4ulWkLJG5HcTUNc5Es1pd5o0TDjwKETtfMBtsX6wDOJ5vxNO_A9YQ4iQoIpq71--84OCgWjfzwJ2mLzrErFWMWq-XpOOVf6MccJ8zbIGVM6HgqNesvtY5E48iGHCHnzFt9Ww2YxijPPRaKWTD0A7_a7KuOLT4phyzNYaf9c5v60ETwEV67_m_tQYXd_EI7qZpRt9O3lEGlrc2NfEwx9ziNRdlNGwxvSVU4S2gtOnUU_kUHx3K_wpBcFkIDE2yCzfU1DDCjfrgM5iBeEde7fA6w-v7ZmeoFODiygSITYiYV1QpEBWopxCxrQYgPuFeOMWSpL88N2H2izJRA7J-ULtm30X_phO1j4brAn2fJKquHMrCFZM6HQPCPLyBuo56Q0-yU6IGgcaXwTyIPlYsqhbsRtu6onq7abnpF6FsWbPyPC0taPPOtKUX7sPoEvCqSTIdtNDwXrOZXSPLMBpjZLt0WHTdEUuBfO6Wqg6zo6ViXNH-sZZa9ot8CqKzKJvIEfMHMAlY41CRH97K_iT_bWbOr69YnYYaZG8HTLEsmVcsuDkRu3j1xXAiiKfI132z1ge4HzX4jmkS8SyUIhaTJOOx6YKTMZjZJ5eKbxNI1TDs67cp1p3WNjmjGSNJsZzpOhyAl0QPZKVLKsyZ9Czd47PojYfT2w8SUmQ-NqiJdVY8RGAgA5aC0UexwtnGi9xC5rH6mc2SzzU8T5-2g1GBbMXeQJBlkgMNwq9eZ5gp45BrG5yLUiGs4ZrG9X8wYytMZDvHHR3UEG4NwcAjXVHu-BrVRYi8UY5e53QU0dYB9WhmSLBg4KR0Ui9AYNfYTSsqtN1-Mr_Eq6czb4Noy3ZkBiXeJ8VnHZwwkq1P4Q6na5jRmVejFLR6Xrv7uktGa-74sR6e8kU1m7DQ81BuIfpylVKg7ATmDQxjXE0HiTvu3m1SNTBmJCu_FeGpTlZZ5pyp6eh731QUtuS4hPSxnXZHTMtiZ5YvfkB1L-Enqb1RTttxgC5ep890QPPVZwtEw6pjUJCXsBJ6itzhX9NBkiAdyXWkN65NqJX8kOF4QuuR7YI9xrhz5bkAwRvi8dNwJGEWOaUwML6Re1Wzjq3Cei5bf6NXFNDr9xVkRUNE3WgZbWRULYHcI8wEAxZv-jrxy5234GkiTIiIcmcuWhM_vE0bLbzQBRxX2JcjVtLpxMVj1KyD2oxhF0d7JvNE-LjwhfKSmL3fAXig_NM983JMUjBmhfUAzjBX0Idnifz-Y9sHFtBMhaBnPS_tEhNviUdUDZ4OCF7O02fgWBYtIqD0alRePpKY7SLhl-rx81Ih3fICKqqm7S_Bc13yQkv120URuHAmRUmrku6bL_Ss57PTNvzZ_ykOffKxeFq1sHFPZxxg75ZqrDtFS1_-BTvyYPes9gdo_LLnENRYqF1VYlt-pNouh38rphZAUw_TR1ydOGy_8FildjQNO-3PEV0-bMNYBsvQeKPdLnxd4ypQiSqHSSNNZfh17o-7_1C7fGHsSyXy0Wj6b0QFXTJmXxNAg9WdLHgucAuIw0uJmYGLzaS2Y2MVoJgLp1-wWW5HnTZyxSVtSiGu7-YrbyRAB1JPwjsudWhqiYjgGVSvPPfb0fevI3a974Qjzv646CkgkZw139NCNrO4Jua2HQrNSeoUKF55QvihZO7MFlK1tMzazibiP9Znq_kBUUf0iOBzHb6UM3FcFOt7xdsNvSGxvZ7kbD43i2B3eLRZOVJjL38lh9qNWY86wl5-uoYVBBcRglaMl_yfc1oUoMIhQ6l3MulO9_jMjJLLXzZAmD7JX_UclwuGBqaXngLIaltP_yzO5_SU5G9un56iwfi5-hJnArH8kvsUE1iqrGxjLn3gyY_ryxywri3GhWMWXpxzuHz9n_KcYC-iIc4gHeh3Qd-8X0r5U52JiJZEMuPO7DlU03t0D4oHXWNor2xILLaG_Nw0cpr-bmBtKEePKQWNKCOoR2ZOrm8Qe8oU3ef3zOHJq64dxq0dAdUFWwHNAI47cvBHNknPiaMHXbmkROyynLj0ZVo75PCY1LPZIW2DKA0itB0eE3ZGBE66OS1h5uOk-p4IVRhgwNbA2yQaoviUHhBC0ZDbPXc9Gp2thPOpVHO1fmor-JTVww639fl93DyTnfi4DxSA-EqTdEuXbxZmakI2B4IY1XwIIqeR6TJCQYSk2scdpy_pHkTe3sR-Ksz4lgjhkr11RFF60ZEfrg4suNgnsMTLcmNAed1Yqap_kvdhp_d4NIkbInXngjxBk_33lKbcfKeQ7BYxx2Ww0E8WtTpiD0-TTpqUrzjiKVRl7vzjyIFOmN80aPYt3XtD9pU6YWxwwsBDXMBqGo88RjSrwb5pE0ZnaR4UPjxjLkMvVY8tMEqY65GrBSt6H5W6lBfLw8tHVMJezCkd-SQcP9PjwbQ3UE2FXxALAw1gX9SyErr4aVWmbWMa7Y4gAIVrjLOE5FYugZt6CGR5nmcJ0nLQEd6OcV35mlDbJ7HF2Z8r7JJuJNOQi9YEfRxD3VjrnQpxsJhEJ8KnaleivG1l4ycK4LfJmhPdo6Un1MqAlxJTl0id6ov0Tutivb1f0Jqx6xlh8c0W89sSOGS8slca_LLzE2E4Xg_WAU78gVyhtEiWxHAOsxPcwAPV231NYdQYlM1Y8eI3GpzlhQ25OBjU_xne418P-quNey81n3cifAocGWEcCWQ-91zSRJW7dhVG5YgKB5dREtV0_AYP0YpJNbRpFEiXBPkeJnZCMjbZ0H0o-bXg9i0DrTfQS3q-RI6mmXwq2g9fcZnUrtw2KWHCJx6oTE_sQwh1UqyCGoQ65pd3yP2jufPpRkfHV0fR1IXhZg96jPF9JCK5foFPHzVD0qUBRCWoLQb1chiqysUHzUIWvx5dUyOInXQAHwG9vRrnMesw757RcpXj6B0nel15iUDOwys5SCwRxmkKAD28_mVoQ5Wj5WXAO9DbYyQulUltiUNfc0sbNOJ1QbFiJ-0GuJeB4cSlvt92k0Z6n_L2oDpSAwo22KaO5QnJX8aikRszrMWSJtII0oBppb-cEwM5doR6sjfWtahAlDX28hA86BYAQFYDljqUe_7Jcx4OyLKBEtEofz1rWj5PFfu6VfgmC3KEtqXabarSFmBh-EKYITVndAPb9XxegaZwNLMkhuB-2aPn63x8rbShV4Cm7cJv6_M3R1FUJR1g-mGP8dolUwewERMhB32ZKqvNDR0aXG6Hqc8ycy_SLxUtQ5XA5cPDkGqw1Mk-BBwI11dT21C9f5gHB93RYgJa893MbdDA6STRB9ZwDSfh2XX4CYyY8zGufRe3LreFS9mZYoMJSjH-JPfIVi07tBVpedvj9ZKp0O68wY4cIOy-yzyBjnjl8ZvsjE7YjYXY4DR4KgjgxErvPc576RuRLyOddPIUYjvSOkklZvlWryr737v9AK-z-ZGfNPKFq0STgZYMAoqCOJH8vQTgjJlDlcEj9WOjErxBdEns3zDydHe1iuLsWLNQavrtdM6Z_7h05-RmCmBVtFaYVoyhrG850PNOX19ZQN3IVhecvP56l-jcpmVeJY83txm58K7DiC0Y244ODw0xgJ9zYcLnBgLVt6-4OTK8WnHDU8kXTYJuqWZ8ar2CrgTxLRx57vuwfZOcpeDUoyFfBQRarIG31Y_DLVUaJOH22EVetV_HcEbeHLjvmAqoPTPll7CCiczEkiwdRYXfuEQrluA1jMamsvSl1OzSGcOyA-WS1wgedfTb_ZQYdkYblMpppRKovSFQiZT9F915rAEaRf5c2eoQKRURvVM8XdJvxtNu2YdzpP4e0L8qugEhjAfI7IP__ZS8PYHEd23Oo0Cgu2CjDDBuICp4xFzokzq4h1L9-2ivTsITHuayAerb2kTlJYfK5f7McNz1Y9fn0T42FkQtsWlfaXDLRTa2dgJGMojvMR5dxX2gXoYk8AjeNP0MIwE3s2vnhdH0AD6_gjwsELOXR4IRbMQrViGTOiSR-qZGF1zMFIRKgF5JlKUr2LOEgpYPUWIaf6QfmpO69UO2wtRKXHss8p9NANnbUQAEtWk2ljtlZMWJOoHaPU4VSGoHenIV2rGuqAOHvSvorfzitvOAXRYD0hPcFV0x3j1hPccqeF5tKMGjD67FjhixrUb8CJ9VwUORKhu0ZcG4iAh91Fv5Zr9C41RsGj-8KxLWgz0_sL1d5QNj7CVFtrlRdlMVbvPFH5E8eKeD7pp7rU9cQQBRlxrEm2Ofq2k2jqBL_WOsQfwAj7NaoxH4r6_5fqQmNbumdWqdDZSN8wucCvR-UH4pmMIEDrASXqHEf0TC9QLQ4a0UwmIXzvN0EMfq6Fy_iWuH4oFijgoXj9XYwNFDNBlHUPUgOr0N-D_mPu02kSCOGKIm9iWfmyXLrh7_HTyF4XMGnnwrOcaKM0e1i4vBpGSdpuVwxSYBKVuiXJZKekvwT8M5UAln4xLqRiYW84gz6-PjQ2DxUmUuz2X2HoiFsc-mNONCI9wH4Qz0VUTmAXd0lespWGrAti-Q8NpisKnEQwEZnlj_8y6-a_ciUy2mnh9NRRovAkw1sLRPrTyhjVmBb7LbIF5_qf0C_XL5xxN4H0N0ztTK5ZtZBTZM_ZgWg8zf2DqtfZ51hWaJ9XSUwY5qSpcnxR2YUnsXkf5v1Qqg4HyifXDiP9cvL_hDursMXoTGIwc6j9L5GZBQ19_E3M7nhlSinuOAldNJzb6HaP8R-ZkPbZvn9iRbgQ4dYJi48xXBObYrYq9co9BwsTrKsruQmHAnzyv1X_1R6arJixIXfJfKMmxjoL_3wqbZjc4Nv6RuBWXl0ulnjZZ4CUqDib_g0yg1SplYeVA3EjgrwcjJOn_0q0iRaQar-jxF794tvL5YDOt-ZieqidR_a2hmWwkXtjSvbQS-HVqJDIo2p-DyI_Mv9ZY_coqXPxM6OwhvRVyF24Yj7mTi2TlWTqXQH1xXyoazAX50SFTvcFstKv2xcNh-1T4CF5Cr-ELnlKivUvNk6q2xca_G6Gxsp3voXDJ_Y3AYOMPx9KcdmjFLWpJf8J6Ftn_-cVeWlehQsIxItkNldPS6cN2GvLO413CYfBcCTIugHqA1KpE0MK68Yz6Ekln9JguOzV6h5cnsj1OPEuR7dDZnkCjgSkntwNYAs_hsw3OEBo2fGTP8_gCPTE7O0zTg9VsTFogCManzM4TSqvb_L1gQhUPg7Twp9SMPCrqZh1yLUkLgAEHNps-W0QJDO-pv_eCIAPOHpOt1MVjAiAVLhH3nKQVK4QTKhqmDIYDQlvugWEYq46AtBSSZX92KyEG9sMunDCeq0Y4nUVZ8KIS7ia9NzZu_mh006h0MRhFRjSuXYCOuYaPCZ8TBtXd_cURC_OH6b8XlGFKaOIW6TkH22V8gMFNB_RXr10x74Pbrj_kdYBLYD2Zqk4vK8hfcad2L88tGd5cRGApzOZ3XZ7VepNXBeUostXtbnw-z31PGQ89h5FovrKgK--gMqAJPibvWq6XnsVupA2LWsaXlOtXBqYAKppT4Yxx7HO969pNOustGRcyMNdx01VLVb81CqszE5aEnnc2ovfwpZKpNLBBK-9GK9mmXmw9XJ6dOFDnKg4Yi9r504iGA73lJpNxk6xpjJwRCjgfwzwERcgoISSm4uuCYI9EnTo_T4ljI7jW-oyAJsJkLeVjdYGVhaXeWQJX5YJBnOB-8ML2HkxFje_q1oTvXXkyScH1GQlRpEwcIzv_R70-grKM-A7npPcfvfgO8HwRCRqPzsl5yFCguCMK9cE0n0SSIWGQ1jOiKDMSWAN_i2jf6h0d3kgG9OUQPbW0MPvXiODcDU2pOYsnNsOEkax6cog9HpGRfhWmPItSzCvLZ4NIG-kR2otcehTXc8rBT_XzIO_H3iptGhxjVyahNs5mTwvOpOXE_WdE2YfJsTGm_ccF1dfofr9j3o5F1bIZV8UYN2g5Pg_Zg9ej8ulpbJVrBFrBRiNcw1airOYiWgXjBEnGJ4uv9G1ls3_ACbDWcoiKIbnLwUda2TvCB1_sOi5CuYYJqsRQRhfiWYyp3l0s4ne5-3Ndhkr6TGh6TFqBT_qQU1tUBbNeOCtKatD1xvj9pIOP1Tq9oiMP7J1833gfhXN9P59W-KweZ8jX6ogSI_sYYLZ_MZjZZ2MsBqJkGzI8mA95KXWDxukXfYqqytnHMNLD7j6GFv-XDdkUNtXIBr7iQWYjh50mYrFDf8VM6lNM4WLvFqxHus0FdDokCEhhO9srzk6vmsewUaDM5pNSQoB3sZbc8ohkclMCOoLNDTQ2NdM6JVfhp6zXaoa1DcUX25HPsBj-GzWEWyZs1kV0LBrXC5Ke9Ndo_O9s3fRslFzmOnQI-GIWr2ohs_BgbZiXQRliPTsw-mc5S_SUdFlFHqrheDfhhs_XkRsrc5GkHHFPKzl3zkG5OHbBKwd7cSMeaNQmcZ-7bmq1ew_IN6z1qnPq8ZhwwzKnkDbjtjuoX1oasywBFiQIPIar_jKltlTDGYXLxoR2nb3s4LDxy9_MXa47XZK1rAMoV9L5uZPfw1T2gC1B5jZ-StB4g1QHaWzSlOLXeN3JS3LAQ1Gy3COf0iqUExk5oNKd_18bDRoeNsnGTwmkuFXcjCcRYZz-HZCyaHrdn6eTNJjAAiRuPhKpV4xQZiKRbqk7U0Sl4XqHhxB2VktCeKyfxA_YxbAyWfDv8Vegh2IdDS1iOJte3r-L3dOyGBXbKdO3lRByHpQYckSOvQaSDxECBy398LLEub39NNmokgX9yvqBzXUcEiyaUT4H9GY9zEO48C512NbabmGmtOrDxT_As4r3JgoavP0SsxLiJjYysNkxQfWyim1E98Ux-pqBoX_4GKKSPrLXPOm4m8GiznxYarHXx6i94_Ikp2aJj2xXaNXQHIDhD39jGGHQdQBc9PiddnST3N3KV5vF5XeNv8jHDOiYW48cb219qE_nY8QEux-1_AX3kVKImEBtNVl_C1puvyAcT761if0TpbFaMyY-PZEbDx9SZUJ0rbXe-qsNwQE2OA1xD74qBWGWjM8NWDf0I91cW8nNY0R1cc1l1nBA_d-9IDYq4uUZMNnc4S1Cs9FmXDiBBxK1WP6ZG1v3jx6HCR1a_uYxjfpiyfWD-xMCL11Nemp8JmB7STU-rjXXT1WX5CBtZKCYKv7KwVq1vuBaUD-YoQZoEI6KuIjajpzrm7k6o6mMKAwbghLb_qydhIwxuiG2I1-n0NrI4MLZ2FtHbTEAN_Qx2csvHeyWGFyOhVNIgTPITKtXIe-GiPEM5tL-q3V6U_-9RTTfcffBoj7u91GAvJQIEHiAIQzxG0ePaEpd-m66-ig4PZaVryuO4CWDylyzsFahApBJ0ZRFAJ1pJiAsz7RpB15N4VklgjZWJX2wsoNG0lPjlJ6NqbWS_h0aGTLL0o_KAq98v2tUUdXwl-R28W9cY7m6GS5TMEwzx13i3JlYG9gDX4OhXQX-2rCS18SSuha_FjmiHblLqCWixsL8q6u0wO_IBy2NvRPedcb1xohWbFRIz1LjSjwuB2-eSWKPreAco8BPQwyfGz6vVPc5L3ZNjpzw-DIwNAaXU37Owr8pRGvCWtfrPRP1GB-c_n2gsGFVGFxWFuc-ggH76qrnnMcLECnNhQ33LvWptNm9E9suXAo17f_QxLTmFMI-Cf8T7l0ph931RpDOlJ_za7DBUPBHNRf_mz6T5lGlJPDtEk87mYuot-a1m_3Dm8eIBVr-8tQDPxi2YzzcKw-cHKKniyeGWsmwpy9BFAGLJvhtwVBV83aXeDEpPqLgu1SIm7Fcx0MrMJykpWJZiiG7HGJbZk5DKgtx2orq-BCVgfIWbuIXY4ez2Ym_hPEVsBiiODRU5jKPSCWaivuiWr4dg_AOTzEbatIgjc4gzJvCgP-XYWrqZ0chs-A-aP_euPTLo6YXUoBeCf-7P_zo8MvqYcpJYwIskijr-VL7dXKywyVyxZH6zRdwMFarOSnb6rhwzTaqzIhT1q4LcK13tGJvk10vIJwIPXfDxjKrkIeWki_PtH9QaDaWHX-PWG-H1VaV3CuWXeT9LC5bGQeaH82dka6DH2Vp6GKZdlXUIkjmRWC6793CIvZw3WQ5ETibjj0j09C5qf9nDHCLx1j9Zyd2q_1bvMNO9oAb57SwigIgWRgyoVhXpzH1YBOuMk02e5rlBo46KfA3CBuGY4_1BoRiliG2wDC8DM8MECrQB7GFgduxCmvWtpWZz8AyYqanLWepYpCw0CIP8yOJtveUJjPeGjQo_RDwxbb7TPoizaGYM6Xf5uSoqivZHijQbpICzhweEYYvDI0JNoPsahJxmXfWvixruDmS7J612Ijv5_IR76nf24obIhL_AkvYRO8lKT3l59zLZYUJyNM64CzG1EXVKJewyuH-ye-O-UBttuvDVu5C9Mlp4sQfiCL2CDF12PQ6AlHR5ep-jA3I1BjxPF5Ch5XWueWGkFgv7zacSPUrF8A_WJNg&cbvp=2&vis=1
Requested by: Host: 0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
URL: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 665F 46 KB
46 KB 27ms
25ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;400;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:43:54 GMT
x-content-type-options: nosniff
age: 402248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:43:54 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9FC1 38 KB
13 KB 25ms
24ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 121975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Feb 2024 13:35:07 GMT
expires: Mon, 24 Feb 2025 13:35:07 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame 2337
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D6%26vsid%3D3519916826633991000V10%26type%3Drkt%26refUrl%3D%26vid%3D899008293235199168266339910...
https://contextual.media.net/cksync.html?cs=6&vsid=3519916826633991000V10&type=rkt&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=1813050730174731733

227 B
674 B

90ms
90ms

Document
text/html

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=6&vsid=3519916826633991000V10&type=rkt&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=1813050730174731733

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUKR3SFR&prvid=2034%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C550%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C3016%2C2025%2C117%2C3014%2C459%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C2040%2C261%2C141%2C262%2C461%2C222%2C102%2C201%2C3007%2C246%2C301%2C4%2C203%2C2037%2C10000%2C80%2C108%2C9&itype=EBDA&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&gpp_sid=-1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-length: 227
content-type: text/html;charset=UTF-8
date: Mon, 26 Feb 2024 23:28:03 GMT
expires: Mon, 26 Feb 2024 23:28:03 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Mon, 26 Feb 2024 23:28:03 GMT
Location: https://contextual.media.net/cksync.html?cs=6&vsid=3519916826633991000V10&type=rkt&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=1813050730174731733
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

cksync.php
contextual.media.net/ Frame 2E33
Redirect Chain

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=son&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=[UID]
https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=son&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=304a7e3f-1b8e-450b-b017-79c9809b224c

53 B
488 B

66ms
65ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=son&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=304a7e3f-1b8e-450b-b017-79c9809b224c

Requested by

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-168
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=son&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=304a7e3f-1b8e-450b-b017-79c9809b224c
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 2E33
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzUxOTkxNjgyNjYzMzk5MTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIKOzjF_sxHwiBb1oALKKhQ&google_cver=1

53 B
445 B

74ms
49ms

Image
image/gif

23.58.90.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIKOzjF_sxHwiBb1oALKKhQ&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUKR3SFR&prvid=2034%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C550%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C3016%2C2025%2C117%2C3014%2C459%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C2040%2C261%2C141%2C262%2C461%2C222%2C102%2C201%2C3007%2C246%2C301%2C4%2C203%2C2037%2C10000%2C80%2C108%2C9&itype=EBDA&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&gpp_sid=-1
Protocol: H2
Server: 23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-58-90-38.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIKOzjF_sxHwiBb1oALKKhQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

cksync.php
contextual.media.net/ Frame 2E33
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3519916826633991000V10%26type%3Ddxu%26refUrl%3D%26vid%3D89900829323519916826633...
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3519916826633991000V10%26type%3Ddxu%26refUrl%3D%26vid%3D89900829323519916...
https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=dxu&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=hodtDhbO1REKob5

53 B
77 B

58ms
58ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=dxu&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=hodtDhbO1REKob5

Requested by

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 23:28:03 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-09d7398b3d0505191@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=dxu&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=hodtDhbO1REKob5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 2E33
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=-1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ov...
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=43a84aad-ca6b-4698-8b86-b61a8e134b26&gdpr=0&gdpr_consent=&us_privacy=&gpp=

53 B
639 B

102ms
101ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=43a84aad-ca6b-4698-8b86-b61a8e134b26&gdpr=0&gdpr_consent=&us_privacy=&gpp=

Requested by

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=43a84aad-ca6b-4698-8b86-b61a8e134b26&gdpr=0&gdpr_consent=&us_privacy=&gpp=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1469469
content-length: 0
expires: Mon, 26 Feb 2024 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 2E33
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?uid=4ed0cff4eef188d3fb2e7e9025d7855b&name=MEDIANET&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3519916826633991000V10%26type%3D...
https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=ayl&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=8e75e148b8602a8ba114af1396e81534

53 B
486 B

76ms
75ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=ayl&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=8e75e148b8602a8ba114af1396e81534

Requested by

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:02 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://contextual.media.net/cksync.php?cs=6&vsid=3519916826633991000V10&type=ayl&refUrl=&vid=89900829323519916826633991000V10&axid_e=&ovsid=8e75e148b8602a8ba114af1396e81534
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 0
expires: 0

GET
H3

200

cksync.php
contextual.media.net/ Frame 2E33
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=7215d344-640d-44cb-beb6-9324ccfb46e2&google_hm=NzIxNWQzNDQtNjQwZC00NGNiLWJlYjYtOTMyNGNjZmI0NmU...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOMQXQsnEA7y8E95ckqzaJo&google_cver=1&ssp=medianet&bsw_param=7215d344-640d-44cb-beb6-9324ccfb46e2&gdpr_consent=
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=7215d344-640d-44cb-beb6-9324ccfb46e2&gdpr=&gdpr_consent=&gdpr_pd=

53 B
77 B

57ms
56ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=7215d344-640d-44cb-beb6-9324ccfb46e2&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=7215d344-640d-44cb-beb6-9324ccfb46e2&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 26 Feb 2024 23:28:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

cksync.php
contextual.media.net/ Frame 2E33
Redirect Chain

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__&puid=%24%7BVSID%7D&s=2
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=XarFFe4ja-aMg8VUTQKT

53 B
77 B

38ms
38ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=XarFFe4ja-aMg8VUTQKT

Requested by

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 23:28:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Location: https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=XarFFe4ja-aMg8VUTQKT
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 111
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

cksync.php
contextual.media.net/ Frame 2E33
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3519916826633991000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3519916826633991000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=961a93e1-0521-4789-bbf5-dffa04bbd1b0&cs=1

53 B
77 B

52ms
52ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=961a93e1-0521-4789-bbf5-dffa04bbd1b0&cs=1

Requested by

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

location: //contextual.media.net/cksync.php?type=mf&ovsid=961a93e1-0521-4789-bbf5-dffa04bbd1b0&cs=1
date: Mon, 26 Feb 2024 23:28:03 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cksync
cs.media.net/ Frame 2E33
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=cffbde74-2b37-4237-bdf0-164645297b4e

53 B
450 B

85ms
82ms

Image
image/gif

23.58.90.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=cffbde74-2b37-4237-bdf0-164645297b4e
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUKR3SFR&prvid=2034%2C2033%2C3022%2C2030%2C3020%2C251%2C273%2C175%2C2009%2C550%2C178%2C255%2C2028%2C3018%2C2027%2C3017%2C214%2C3016%2C2025%2C117%2C3014%2C459%2C97%2C99%2C77%2C38%2C3012%2C3011%2C182%2C3010%2C2040%2C261%2C141%2C262%2C461%2C222%2C102%2C201%2C3007%2C246%2C301%2C4%2C203%2C2037%2C10000%2C80%2C108%2C9&itype=EBDA&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&gpp_sid=-1
Protocol: H2
Server: 23.58.90.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-58-90-38.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=cffbde74-2b37-4237-bdf0-164645297b4e
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Kestrel
content-length: 199

GET
H3

200

cksync.php
contextual.media.net/ Frame 2E33
Redirect Chain

https://creativecdn.com/cm-notify?pi=medianet
https://creativecdn.com/cm-notify?pi=medianet&tc=1
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=TxopWIPD_7sPLjm4L0c6LZ6SZz2904SdgmIPoH9aARg&pi=medianet&tc=1

53 B
77 B

64ms
63ms

Image
image/gif

23.56.162.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=TxopWIPD_7sPLjm4L0c6LZ6SZz2904SdgmIPoH9aARg&pi=medianet&tc=1

Requested by

Protocol

Server

23.56.162.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-162-28.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 53
x-mnet-hl2: E
expires: Mon, 26 Feb 2024 23:28:03 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=TxopWIPD_7sPLjm4L0c6LZ6SZz2904SdgmIPoH9aARg&pi=medianet&tc=1
pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT, Mon, 26 Feb 2024 23:28:03 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BD10 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BD10 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Roboto-Regular.woff
c.pm-serv.co/__media__/fonts/Roboto-Regular/ Frame BD10 24 KB
24 KB 42ms
41ms Font
font/woff 23.200.88.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pm-serv.co/__media__/fonts/Roboto-Regular/Roboto-Regular.woff
Requested by: Host: c.pm-serv.co
URL: https://c.pm-serv.co/sr/2722522032/SAFEFRAME.html?ule=3960&&kkdd=u*%7C3%7CAn*9H&j*=a4_iII__izzzac4iKIJ&5Po~=_&2Mou=_&XPj=aa4z&CMX1=fqza&X*P=iGd6hczc4&XoXP=Io!0!dZHCwjUY7NWM~hcN)%3D%3D&X~*P=cc_4qK_4c&M*A1=4zigI_&XX=dp&MX=Wy&X7l2=D)6!8Wy&o*P=ie8aKxdKe&Co*P=0pk(Szi&7CCoM=a&~~~=CA6s7fXvsfOQo)GjfK4*5n7Pet*2Z!R)SJ.yXzq4DI.%3D&lM1=c&v.=a&-5P=q&uPCa=iGdt6KpQ6&uPCz=K_KzczqIc&ZPuCu=LZgOv1l%3DaqKKLZ7o%3D_LZ*P%3D_rKi_LZgOulX1MCY~%3DasKEaiszEz_sKLZgOuMl%3D4aJLZgO1go%3D_rcLZgO5*lM-%3D_LZgO*uZ%3DN)wzzLZgO*lC2P%3D_LZgO~7%3Dq4kxToRiDwLZgO~oX%3D_______LZgOM*A1%3D4zigI_LZgOC2ug%3Dzq_LZgOC2vOM-UU*g%3D%2FLX*C3%3DwdQQ)f8LXnOUv%3D_LPX%3D5Xos-Ms1uMCasPLP22OPa%3D_LP22OPa_%3DaLP22OPaz%3DaLP22OPaq%3DzLP22OPac%3DaLP22OPaJ%3DKLP22OPa4%3DzLP22OPai%3DK_LP22OPaI%3Daa__LP22OPz%3D0LP22OPza%3DsaLP22OPzz%3D_ra_LP22OPzq%3DcLP22OPzc%3DfOP1ULP22OPzi%3DzLP22OPzI%3Dar__LP22OPK%3D_rcLP22OPK_%3D_LP22OPKz%3D_LP22OPKK%3D_LP22OPKJ%3DW)LP22OPK4%3D0LP22OPq%3D__LP22OPq_%3D_LP22OPqz%3D_LP22OPqK%3D_LP22OPqq%3Do~YPLP22OPqc%3D_LP22OPqJ%3D6LP22OPca%3D_LP22OPcz%3Dar__LP22OPcJ%3D_LP22OP4%3D_LP22OPi%3DaLP22Ov%3D_raiqLP22O2a%3D_rKizLP22O2a_%3Dar___LP22O2aa%3Dar___LP22O2az%3D_rIaqLP22O2aK%3Dar___LP22O2aq%3Dar___LP22O2ac%3D_rIiiLP22O2aJ%3D_ra4ILP22O2z%3D_rz_aLP22O2za%3Dar___LP22O2zK%3Dar___LP22O2zq%3Dar___LP22O2zc%3Dar___LP22O2z4%3Da_LP22O2zI%3Dar___LP22O2K%3Dar___LP22O2K_%3Dar___LP22O2Kz%3D_rzK_LP22O2Kq%3Dar___LP22O2Kc%3Dc_Kr___LP22O2KJ%3Dc_Kr___LP22O2K4%3Dar___LP22O2Ki%3Dar___LP22O2KI%3DciIir4JcLP22O2q_%3DJqqKr___LP22O2qa%3DaarIiqLP22O2qz%3DaKr___LP22O2qK%3D_r__KLP22O2c%3Dar_zJLP22O2ca%3Dc_Kr___LP22O2cz%3D_rq__LP22O2cK%3D_rzK4LP22O2cq%3DKr___LP22O2cc%3D_raJqLP22O2cJ%3Dzr___LP22O2c4%3Dar___LP22O2cI%3Dar___LP22O2J%3Dar___LP22O24%3D_riIaLP22O24K%3Dc_Kr___LP22O24q%3Dc_Kr___LP22O24c%3Dar___LP22O24J%3Dar___LP22O2I%3Dar___LP22O~%3D_rz_iL1O~o2%3D_rKizL1~o2%3D_rKizL7X%3D_%20%2B%20_L*7u%3D_L*C3o1%3Dxwk)L25*%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PL~OXX%3DdpL~O*o%3DzJ_zsUUXiszssL~OMX%3DWyL~ZY%3DcOKL~1UOXlC%3D_LM1vv1~OCu5O*P%3DP*js5oCsuPszs_LMCP%3DP*js5oCsuPszs_L-u7%3DC*Ua0Aq(tbsnAaXLjZ~%3D_LXZPo%3D_rzI_LZMZ%3DKLC5M%3DKKJgzi_%7C4zigI_%7CI4_gzc_LlMA%3DKL2gZnC%3D_LZMo%3DsaLC2g%3DzqaL*C3o1O*P%3DzLM1vv1~OCu5O*P%3DP*js5oCsuPszs_LM-oov3OCu5O*P%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PLP1C1XC1POCu5O*P%3DP*js5oCsuPszs_Lj*1.uZ*v*C3%3D_rqLoYM%3DKLuPZvn%3DKiKzqziiqzLu2o%3DaLXu~~*1~NP%3D_LY5Z*P%3D_rKi____LZUv~%3D_rzK_LM-*P%3DLPCX%3D1uMCOMXL*MOY~CZ%3DaLP22O1~o2%3DUuvM1LP22%3D7u~2Yl3LZPoXuoP%3D_LPuv5%3DP1Uu-vCLMYZo%3DL7C2v%3DaLPX-C%3DzcLPY5Z%3D_saL1XoO-M1P%3DZ1vY.Om_cL1XoOj1~%3D2-vC*m-ulC*v1OjaL1XoOo_c%3D_r4q4qK__JJ4KcI444L1XoOoa_%3Darczz4aciqca_qJ_KL1XoOoac%3DzraqK4Ja_KIIc__aJ4L1XoOoz_%3DzrJ4K__4_KI_IcKiaKL1XoOozc%3DKrqzaaKq44aJqziJIL1XoOoK_%3Dqrzq4JJa_JJqqiqqKL1XoOoKc%3Dcr_KiaaIKaJJ_i44L1XoOoq_%3Dcr4_cz4z_aaic4zcIL1XoOoqc%3DJrqI44JIK_J_a_4qKL1XoOoc_%3D4rKa4KqJcJaiIiJKiL1XoOocc%3DirizK4cKc4_cqiKKqL1XoOoJ_%3Da_rqcz_c4_iai_aIzzL1XoOoJc%3DazraciJJJazcJIqJaqL1XoOo4_%3DaKriKz__caccKJKIzL1XoOo4c%3DairKqzqc_qKKciaIiiL1XoOoi_%3DK4ri4zKqKcKIKaIqJL1XoOoic%3Daa_r_4a__qaqiKczIL1XoOoI_%3DzzcrcJcKiKaciciIccL1XoOoIc%3DKJIr44I_z_IaiI_iiL1XoOoII%3Dq_qrIJ_accIczIIzIL*ZX%3DaL&lCj=_&*.=4zi&*lNU~=a&ZP~NP=qJa&.vMCo=a&2XU=JizK4&3PMo~=a&Zu1=wg1muu11mwLwg1muu1qmwLq11&nuCo~1=a&nuMCM=ZCP%3D4i%7C%7CCMC3o1%3Dsa_q_i%7C%7CCZC3o1%3Dj4_z%7C%7CCoX%3Dq%7C%7CCX%3Dq&nuCZ*P=sza&nuC*P=i_i_4JziK&nuoX=Kz&nuvM=CZ*P%3Dsza%7C%7CCC3o1%3Da__aI%7C%7CoC%3Da%7C%7Cv2*P%3Dj4_z%7C%7CXC~%3D_r_aJ%7C%7C~oX%3D_raz4%7C%7CCCP%3Di&nuCu=uCYl&nuvY5=!N%3DKJ_q%7C%7CpNk%3Di%7C%7C0fNk%3Dac%7C%7C!e0k%3DJq_%7C%7C00G%3Dq%7C%7C0e0k%3D4ciqz44KaKqazq__J4J%7C%7CpN%3DKcIi%7C%7CGN%3DKJ_q%7C%7CDNk%3D_%7C%7CddNk%3DzNunp(wRC*iC4xIFTw&XuPY2u*l=CA6s7fXvsfO2aNxWZY(7S0aa_4icDnMMmXk)DMNMcDT%3D&3ovo=a&*M*P=c&uPj=e~12*-2%20p1u~X71M&uXC=ewNqwlK1KqmlW1Wg5U)qqAAW~UWuA-U)-1~&o5*P=o_J44cq_KzzCz_zq_zzJzKzi&MMvP=%7B%22MM*o%22%3A%22zJ_z%3AUUXi%3Az%3A%3A%22%2C%22MMXX%22%3A%22dp%22%2C%22MMMX%22%3A%22Wy%22%2C%22MMXC3%22%3A%22w-UUuvY%22%7D&7C2vM~X=a&sflct=9147666&CXUOX2o=a&ure=1
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.200.88.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-30.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Request headers

Referer: https://c.pm-serv.co/sr/2722522032/SAFEFRAME.html?ule=3960&&kkdd=u*%7C3%7CAn*9H&j*=a4_iII__izzzac4iKIJ&5Po~=_&2Mou=_&XPj=aa4z&CMX1=fqza&X*P=iGd6hczc4&XoXP=Io!0!dZHCwjUY7NWM~hcN)%3D%3D&X~*P=cc_4qK_4c&M*A1=4zigI_&XX=dp&MX=Wy&X7l2=D)6!8Wy&o*P=ie8aKxdKe&Co*P=0pk(Szi&7CCoM=a&~~~=CA6s7fXvsfOQo)GjfK4*5n7Pet*2Z!R)SJ.yXzq4DI.%3D&lM1=c&v.=a&-5P=q&uPCa=iGdt6KpQ6&uPCz=K_KzczqIc&ZPuCu=LZgOv1l%3DaqKKLZ7o%3D_LZ*P%3D_rKi_LZgOulX1MCY~%3DasKEaiszEz_sKLZgOuMl%3D4aJLZgO1go%3D_rcLZgO5*lM-%3D_LZgO*uZ%3DN)wzzLZgO*lC2P%3D_LZgO~7%3Dq4kxToRiDwLZgO~oX%3D_______LZgOM*A1%3D4zigI_LZgOC2ug%3Dzq_LZgOC2vOM-UU*g%3D%2FLX*C3%3DwdQQ)f8LXnOUv%3D_LPX%3D5Xos-Ms1uMCasPLP22OPa%3D_LP22OPa_%3DaLP22OPaz%3DaLP22OPaq%3DzLP22OPac%3DaLP22OPaJ%3DKLP22OPa4%3DzLP22OPai%3DK_LP22OPaI%3Daa__LP22OPz%3D0LP22OPza%3DsaLP22OPzz%3D_ra_LP22OPzq%3DcLP22OPzc%3DfOP1ULP22OPzi%3DzLP22OPzI%3Dar__LP22OPK%3D_rcLP22OPK_%3D_LP22OPKz%3D_LP22OPKK%3D_LP22OPKJ%3DW)LP22OPK4%3D0LP22OPq%3D__LP22OPq_%3D_LP22OPqz%3D_LP22OPqK%3D_LP22OPqq%3Do~YPLP22OPqc%3D_LP22OPqJ%3D6LP22OPca%3D_LP22OPcz%3Dar__LP22OPcJ%3D_LP22OP4%3D_LP22OPi%3DaLP22Ov%3D_raiqLP22O2a%3D_rKizLP22O2a_%3Dar___LP22O2aa%3Dar___LP22O2az%3D_rIaqLP22O2aK%3Dar___LP22O2aq%3Dar___LP22O2ac%3D_rIiiLP22O2aJ%3D_ra4ILP22O2z%3D_rz_aLP22O2za%3Dar___LP22O2zK%3Dar___LP22O2zq%3Dar___LP22O2zc%3Dar___LP22O2z4%3Da_LP22O2zI%3Dar___LP22O2K%3Dar___LP22O2K_%3Dar___LP22O2Kz%3D_rzK_LP22O2Kq%3Dar___LP22O2Kc%3Dc_Kr___LP22O2KJ%3Dc_Kr___LP22O2K4%3Dar___LP22O2Ki%3Dar___LP22O2KI%3DciIir4JcLP22O2q_%3DJqqKr___LP22O2qa%3DaarIiqLP22O2qz%3DaKr___LP22O2qK%3D_r__KLP22O2c%3Dar_zJLP22O2ca%3Dc_Kr___LP22O2cz%3D_rq__LP22O2cK%3D_rzK4LP22O2cq%3DKr___LP22O2cc%3D_raJqLP22O2cJ%3Dzr___LP22O2c4%3Dar___LP22O2cI%3Dar___LP22O2J%3Dar___LP22O24%3D_riIaLP22O24K%3Dc_Kr___LP22O24q%3Dc_Kr___LP22O24c%3Dar___LP22O24J%3Dar___LP22O2I%3Dar___LP22O~%3D_rz_iL1O~o2%3D_rKizL1~o2%3D_rKizL7X%3D_%20%2B%20_L*7u%3D_L*C3o1%3Dxwk)L25*%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PL~OXX%3DdpL~O*o%3DzJ_zsUUXiszssL~OMX%3DWyL~ZY%3DcOKL~1UOXlC%3D_LM1vv1~OCu5O*P%3DP*js5oCsuPszs_LMCP%3DP*js5oCsuPszs_L-u7%3DC*Ua0Aq(tbsnAaXLjZ~%3D_LXZPo%3D_rzI_LZMZ%3DKLC5M%3DKKJgzi_%7C4zigI_%7CI4_gzc_LlMA%3DKL2gZnC%3D_LZMo%3DsaLC2g%3DzqaL*C3o1O*P%3DzLM1vv1~OCu5O*P%3DP*js5oCsuPszs_LM-oov3OCu5O*P%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PLP1C1XC1POCu5O*P%3DP*js5oCsuPszs_Lj*1.uZ*v*C3%3D_rqLoYM%3DKLuPZvn%3DKiKzqziiqzLu2o%3DaLXu~~*1~NP%3D_LY5Z*P%3D_rKi____LZUv~%3D_rzK_LM-*P%3DLPCX%3D1uMCOMXL*MOY~CZ%3DaLP22O1~o2%3DUuvM1LP22%3D7u~2Yl3LZPoXuoP%3D_LPuv5%3DP1Uu-vCLMYZo%3DL7C2v%3DaLPX-C%3DzcLPY5Z%3D_saL1XoO-M1P%3DZ1vY.Om_cL1XoOj1~%3D2-vC*m-ulC*v1OjaL1XoOo_c%3D_r4q4qK__JJ4KcI444L1XoOoa_%3Darczz4aciqca_qJ_KL1XoOoac%3DzraqK4Ja_KIIc__aJ4L1XoOoz_%3DzrJ4K__4_KI_IcKiaKL1XoOozc%3DKrqzaaKq44aJqziJIL1XoOoK_%3Dqrzq4JJa_JJqqiqqKL1XoOoKc%3Dcr_KiaaIKaJJ_i44L1XoOoq_%3Dcr4_cz4z_aaic4zcIL1XoOoqc%3DJrqI44JIK_J_a_4qKL1XoOoc_%3D4rKa4KqJcJaiIiJKiL1XoOocc%3DirizK4cKc4_cqiKKqL1XoOoJ_%3Da_rqcz_c4_iai_aIzzL1XoOoJc%3DazraciJJJazcJIqJaqL1XoOo4_%3DaKriKz__caccKJKIzL1XoOo4c%3DairKqzqc_qKKciaIiiL1XoOoi_%3DK4ri4zKqKcKIKaIqJL1XoOoic%3Daa_r_4a__qaqiKczIL1XoOoI_%3DzzcrcJcKiKaciciIccL1XoOoIc%3DKJIr44I_z_IaiI_iiL1XoOoII%3Dq_qrIJ_accIczIIzIL*ZX%3DaL&lCj=_&*.=4zi&*lNU~=a&ZP~NP=qJa&.vMCo=a&2XU=JizK4&3PMo~=a&Zu1=wg1muu11mwLwg1muu1qmwLq11&nuCo~1=a&nuMCM=ZCP%3D4i%7C%7CCMC3o1%3Dsa_q_i%7C%7CCZC3o1%3Dj4_z%7C%7CCoX%3Dq%7C%7CCX%3Dq&nuCZ*P=sza&nuC*P=i_i_4JziK&nuoX=Kz&nuvM=CZ*P%3Dsza%7C%7CCC3o1%3Da__aI%7C%7CoC%3Da%7C%7Cv2*P%3Dj4_z%7C%7CXC~%3D_r_aJ%7C%7C~oX%3D_raz4%7C%7CCCP%3Di&nuCu=uCYl&nuvY5=!N%3DKJ_q%7C%7CpNk%3Di%7C%7C0fNk%3Dac%7C%7C!e0k%3DJq_%7C%7C00G%3Dq%7C%7C0e0k%3D4ciqz44KaKqazq__J4J%7C%7CpN%3DKcIi%7C%7CGN%3DKJ_q%7C%7CDNk%3D_%7C%7CddNk%3DzNunp(wRC*iC4xIFTw&XuPY2u*l=CA6s7fXvsfO2aNxWZY(7S0aa_4icDnMMmXk)DMNMcDT%3D&3ovo=a&*M*P=c&uPj=e~12*-2%20p1u~X71M&uXC=ewNqwlK1KqmlW1Wg5U)qqAAW~UWuA-U)-1~&o5*P=o_J44cq_KzzCz_zq_zzJzKzi&MMvP=%7B%22MM*o%22%3A%22zJ_z%3AUUXi%3Az%3A%3A%22%2C%22MMXX%22%3A%22dp%22%2C%22MMMX%22%3A%22Wy%22%2C%22MMXC3%22%3A%22w-UUuvY%22%7D&7C2vM~X=a&sflct=9147666&CXUOX2o=a&ure=1
Origin: https://c.pm-serv.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 23:28:02 GMT
date: Mon, 26 Feb 2024 23:28:02 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 25020
quic-version: 0x00000001

GET
H3 200 Roboto-Bold.woff
c.pm-serv.co/__media__/fonts/Roboto-Bold/ Frame BD10 24 KB
24 KB 49ms
49ms Font
font/woff 23.200.88.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pm-serv.co/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by: Host: c.pm-serv.co
URL: https://c.pm-serv.co/sr/2722522032/SAFEFRAME.html?ule=3960&&kkdd=u*%7C3%7CAn*9H&j*=a4_iII__izzzac4iKIJ&5Po~=_&2Mou=_&XPj=aa4z&CMX1=fqza&X*P=iGd6hczc4&XoXP=Io!0!dZHCwjUY7NWM~hcN)%3D%3D&X~*P=cc_4qK_4c&M*A1=4zigI_&XX=dp&MX=Wy&X7l2=D)6!8Wy&o*P=ie8aKxdKe&Co*P=0pk(Szi&7CCoM=a&~~~=CA6s7fXvsfOQo)GjfK4*5n7Pet*2Z!R)SJ.yXzq4DI.%3D&lM1=c&v.=a&-5P=q&uPCa=iGdt6KpQ6&uPCz=K_KzczqIc&ZPuCu=LZgOv1l%3DaqKKLZ7o%3D_LZ*P%3D_rKi_LZgOulX1MCY~%3DasKEaiszEz_sKLZgOuMl%3D4aJLZgO1go%3D_rcLZgO5*lM-%3D_LZgO*uZ%3DN)wzzLZgO*lC2P%3D_LZgO~7%3Dq4kxToRiDwLZgO~oX%3D_______LZgOM*A1%3D4zigI_LZgOC2ug%3Dzq_LZgOC2vOM-UU*g%3D%2FLX*C3%3DwdQQ)f8LXnOUv%3D_LPX%3D5Xos-Ms1uMCasPLP22OPa%3D_LP22OPa_%3DaLP22OPaz%3DaLP22OPaq%3DzLP22OPac%3DaLP22OPaJ%3DKLP22OPa4%3DzLP22OPai%3DK_LP22OPaI%3Daa__LP22OPz%3D0LP22OPza%3DsaLP22OPzz%3D_ra_LP22OPzq%3DcLP22OPzc%3DfOP1ULP22OPzi%3DzLP22OPzI%3Dar__LP22OPK%3D_rcLP22OPK_%3D_LP22OPKz%3D_LP22OPKK%3D_LP22OPKJ%3DW)LP22OPK4%3D0LP22OPq%3D__LP22OPq_%3D_LP22OPqz%3D_LP22OPqK%3D_LP22OPqq%3Do~YPLP22OPqc%3D_LP22OPqJ%3D6LP22OPca%3D_LP22OPcz%3Dar__LP22OPcJ%3D_LP22OP4%3D_LP22OPi%3DaLP22Ov%3D_raiqLP22O2a%3D_rKizLP22O2a_%3Dar___LP22O2aa%3Dar___LP22O2az%3D_rIaqLP22O2aK%3Dar___LP22O2aq%3Dar___LP22O2ac%3D_rIiiLP22O2aJ%3D_ra4ILP22O2z%3D_rz_aLP22O2za%3Dar___LP22O2zK%3Dar___LP22O2zq%3Dar___LP22O2zc%3Dar___LP22O2z4%3Da_LP22O2zI%3Dar___LP22O2K%3Dar___LP22O2K_%3Dar___LP22O2Kz%3D_rzK_LP22O2Kq%3Dar___LP22O2Kc%3Dc_Kr___LP22O2KJ%3Dc_Kr___LP22O2K4%3Dar___LP22O2Ki%3Dar___LP22O2KI%3DciIir4JcLP22O2q_%3DJqqKr___LP22O2qa%3DaarIiqLP22O2qz%3DaKr___LP22O2qK%3D_r__KLP22O2c%3Dar_zJLP22O2ca%3Dc_Kr___LP22O2cz%3D_rq__LP22O2cK%3D_rzK4LP22O2cq%3DKr___LP22O2cc%3D_raJqLP22O2cJ%3Dzr___LP22O2c4%3Dar___LP22O2cI%3Dar___LP22O2J%3Dar___LP22O24%3D_riIaLP22O24K%3Dc_Kr___LP22O24q%3Dc_Kr___LP22O24c%3Dar___LP22O24J%3Dar___LP22O2I%3Dar___LP22O~%3D_rz_iL1O~o2%3D_rKizL1~o2%3D_rKizL7X%3D_%20%2B%20_L*7u%3D_L*C3o1%3Dxwk)L25*%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PL~OXX%3DdpL~O*o%3DzJ_zsUUXiszssL~OMX%3DWyL~ZY%3DcOKL~1UOXlC%3D_LM1vv1~OCu5O*P%3DP*js5oCsuPszs_LMCP%3DP*js5oCsuPszs_L-u7%3DC*Ua0Aq(tbsnAaXLjZ~%3D_LXZPo%3D_rzI_LZMZ%3DKLC5M%3DKKJgzi_%7C4zigI_%7CI4_gzc_LlMA%3DKL2gZnC%3D_LZMo%3DsaLC2g%3DzqaL*C3o1O*P%3DzLM1vv1~OCu5O*P%3DP*js5oCsuPszs_LM-oov3OCu5O*P%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PLP1C1XC1POCu5O*P%3DP*js5oCsuPszs_Lj*1.uZ*v*C3%3D_rqLoYM%3DKLuPZvn%3DKiKzqziiqzLu2o%3DaLXu~~*1~NP%3D_LY5Z*P%3D_rKi____LZUv~%3D_rzK_LM-*P%3DLPCX%3D1uMCOMXL*MOY~CZ%3DaLP22O1~o2%3DUuvM1LP22%3D7u~2Yl3LZPoXuoP%3D_LPuv5%3DP1Uu-vCLMYZo%3DL7C2v%3DaLPX-C%3DzcLPY5Z%3D_saL1XoO-M1P%3DZ1vY.Om_cL1XoOj1~%3D2-vC*m-ulC*v1OjaL1XoOo_c%3D_r4q4qK__JJ4KcI444L1XoOoa_%3Darczz4aciqca_qJ_KL1XoOoac%3DzraqK4Ja_KIIc__aJ4L1XoOoz_%3DzrJ4K__4_KI_IcKiaKL1XoOozc%3DKrqzaaKq44aJqziJIL1XoOoK_%3Dqrzq4JJa_JJqqiqqKL1XoOoKc%3Dcr_KiaaIKaJJ_i44L1XoOoq_%3Dcr4_cz4z_aaic4zcIL1XoOoqc%3DJrqI44JIK_J_a_4qKL1XoOoc_%3D4rKa4KqJcJaiIiJKiL1XoOocc%3DirizK4cKc4_cqiKKqL1XoOoJ_%3Da_rqcz_c4_iai_aIzzL1XoOoJc%3DazraciJJJazcJIqJaqL1XoOo4_%3DaKriKz__caccKJKIzL1XoOo4c%3DairKqzqc_qKKciaIiiL1XoOoi_%3DK4ri4zKqKcKIKaIqJL1XoOoic%3Daa_r_4a__qaqiKczIL1XoOoI_%3DzzcrcJcKiKaciciIccL1XoOoIc%3DKJIr44I_z_IaiI_iiL1XoOoII%3Dq_qrIJ_accIczIIzIL*ZX%3DaL&lCj=_&*.=4zi&*lNU~=a&ZP~NP=qJa&.vMCo=a&2XU=JizK4&3PMo~=a&Zu1=wg1muu11mwLwg1muu1qmwLq11&nuCo~1=a&nuMCM=ZCP%3D4i%7C%7CCMC3o1%3Dsa_q_i%7C%7CCZC3o1%3Dj4_z%7C%7CCoX%3Dq%7C%7CCX%3Dq&nuCZ*P=sza&nuC*P=i_i_4JziK&nuoX=Kz&nuvM=CZ*P%3Dsza%7C%7CCC3o1%3Da__aI%7C%7CoC%3Da%7C%7Cv2*P%3Dj4_z%7C%7CXC~%3D_r_aJ%7C%7C~oX%3D_raz4%7C%7CCCP%3Di&nuCu=uCYl&nuvY5=!N%3DKJ_q%7C%7CpNk%3Di%7C%7C0fNk%3Dac%7C%7C!e0k%3DJq_%7C%7C00G%3Dq%7C%7C0e0k%3D4ciqz44KaKqazq__J4J%7C%7CpN%3DKcIi%7C%7CGN%3DKJ_q%7C%7CDNk%3D_%7C%7CddNk%3DzNunp(wRC*iC4xIFTw&XuPY2u*l=CA6s7fXvsfO2aNxWZY(7S0aa_4icDnMMmXk)DMNMcDT%3D&3ovo=a&*M*P=c&uPj=e~12*-2%20p1u~X71M&uXC=ewNqwlK1KqmlW1Wg5U)qqAAW~UWuA-U)-1~&o5*P=o_J44cq_KzzCz_zq_zzJzKzi&MMvP=%7B%22MM*o%22%3A%22zJ_z%3AUUXi%3Az%3A%3A%22%2C%22MMXX%22%3A%22dp%22%2C%22MMMX%22%3A%22Wy%22%2C%22MMXC3%22%3A%22w-UUuvY%22%7D&7C2vM~X=a&sflct=9147666&CXUOX2o=a&ure=1
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.200.88.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-30.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer: https://c.pm-serv.co/sr/2722522032/SAFEFRAME.html?ule=3960&&kkdd=u*%7C3%7CAn*9H&j*=a4_iII__izzzac4iKIJ&5Po~=_&2Mou=_&XPj=aa4z&CMX1=fqza&X*P=iGd6hczc4&XoXP=Io!0!dZHCwjUY7NWM~hcN)%3D%3D&X~*P=cc_4qK_4c&M*A1=4zigI_&XX=dp&MX=Wy&X7l2=D)6!8Wy&o*P=ie8aKxdKe&Co*P=0pk(Szi&7CCoM=a&~~~=CA6s7fXvsfOQo)GjfK4*5n7Pet*2Z!R)SJ.yXzq4DI.%3D&lM1=c&v.=a&-5P=q&uPCa=iGdt6KpQ6&uPCz=K_KzczqIc&ZPuCu=LZgOv1l%3DaqKKLZ7o%3D_LZ*P%3D_rKi_LZgOulX1MCY~%3DasKEaiszEz_sKLZgOuMl%3D4aJLZgO1go%3D_rcLZgO5*lM-%3D_LZgO*uZ%3DN)wzzLZgO*lC2P%3D_LZgO~7%3Dq4kxToRiDwLZgO~oX%3D_______LZgOM*A1%3D4zigI_LZgOC2ug%3Dzq_LZgOC2vOM-UU*g%3D%2FLX*C3%3DwdQQ)f8LXnOUv%3D_LPX%3D5Xos-Ms1uMCasPLP22OPa%3D_LP22OPa_%3DaLP22OPaz%3DaLP22OPaq%3DzLP22OPac%3DaLP22OPaJ%3DKLP22OPa4%3DzLP22OPai%3DK_LP22OPaI%3Daa__LP22OPz%3D0LP22OPza%3DsaLP22OPzz%3D_ra_LP22OPzq%3DcLP22OPzc%3DfOP1ULP22OPzi%3DzLP22OPzI%3Dar__LP22OPK%3D_rcLP22OPK_%3D_LP22OPKz%3D_LP22OPKK%3D_LP22OPKJ%3DW)LP22OPK4%3D0LP22OPq%3D__LP22OPq_%3D_LP22OPqz%3D_LP22OPqK%3D_LP22OPqq%3Do~YPLP22OPqc%3D_LP22OPqJ%3D6LP22OPca%3D_LP22OPcz%3Dar__LP22OPcJ%3D_LP22OP4%3D_LP22OPi%3DaLP22Ov%3D_raiqLP22O2a%3D_rKizLP22O2a_%3Dar___LP22O2aa%3Dar___LP22O2az%3D_rIaqLP22O2aK%3Dar___LP22O2aq%3Dar___LP22O2ac%3D_rIiiLP22O2aJ%3D_ra4ILP22O2z%3D_rz_aLP22O2za%3Dar___LP22O2zK%3Dar___LP22O2zq%3Dar___LP22O2zc%3Dar___LP22O2z4%3Da_LP22O2zI%3Dar___LP22O2K%3Dar___LP22O2K_%3Dar___LP22O2Kz%3D_rzK_LP22O2Kq%3Dar___LP22O2Kc%3Dc_Kr___LP22O2KJ%3Dc_Kr___LP22O2K4%3Dar___LP22O2Ki%3Dar___LP22O2KI%3DciIir4JcLP22O2q_%3DJqqKr___LP22O2qa%3DaarIiqLP22O2qz%3DaKr___LP22O2qK%3D_r__KLP22O2c%3Dar_zJLP22O2ca%3Dc_Kr___LP22O2cz%3D_rq__LP22O2cK%3D_rzK4LP22O2cq%3DKr___LP22O2cc%3D_raJqLP22O2cJ%3Dzr___LP22O2c4%3Dar___LP22O2cI%3Dar___LP22O2J%3Dar___LP22O24%3D_riIaLP22O24K%3Dc_Kr___LP22O24q%3Dc_Kr___LP22O24c%3Dar___LP22O24J%3Dar___LP22O2I%3Dar___LP22O~%3D_rz_iL1O~o2%3D_rKizL1~o2%3D_rKizL7X%3D_%20%2B%20_L*7u%3D_L*C3o1%3Dxwk)L25*%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PL~OXX%3DdpL~O*o%3DzJ_zsUUXiszssL~OMX%3DWyL~ZY%3DcOKL~1UOXlC%3D_LM1vv1~OCu5O*P%3DP*js5oCsuPszs_LMCP%3DP*js5oCsuPszs_L-u7%3DC*Ua0Aq(tbsnAaXLjZ~%3D_LXZPo%3D_rzI_LZMZ%3DKLC5M%3DKKJgzi_%7C4zigI_%7CI4_gzc_LlMA%3DKL2gZnC%3D_LZMo%3DsaLC2g%3DzqaL*C3o1O*P%3DzLM1vv1~OCu5O*P%3DP*js5oCsuPszs_LM-oov3OCu5O*P%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PLP1C1XC1POCu5O*P%3DP*js5oCsuPszs_Lj*1.uZ*v*C3%3D_rqLoYM%3DKLuPZvn%3DKiKzqziiqzLu2o%3DaLXu~~*1~NP%3D_LY5Z*P%3D_rKi____LZUv~%3D_rzK_LM-*P%3DLPCX%3D1uMCOMXL*MOY~CZ%3DaLP22O1~o2%3DUuvM1LP22%3D7u~2Yl3LZPoXuoP%3D_LPuv5%3DP1Uu-vCLMYZo%3DL7C2v%3DaLPX-C%3DzcLPY5Z%3D_saL1XoO-M1P%3DZ1vY.Om_cL1XoOj1~%3D2-vC*m-ulC*v1OjaL1XoOo_c%3D_r4q4qK__JJ4KcI444L1XoOoa_%3Darczz4aciqca_qJ_KL1XoOoac%3DzraqK4Ja_KIIc__aJ4L1XoOoz_%3DzrJ4K__4_KI_IcKiaKL1XoOozc%3DKrqzaaKq44aJqziJIL1XoOoK_%3Dqrzq4JJa_JJqqiqqKL1XoOoKc%3Dcr_KiaaIKaJJ_i44L1XoOoq_%3Dcr4_cz4z_aaic4zcIL1XoOoqc%3DJrqI44JIK_J_a_4qKL1XoOoc_%3D4rKa4KqJcJaiIiJKiL1XoOocc%3DirizK4cKc4_cqiKKqL1XoOoJ_%3Da_rqcz_c4_iai_aIzzL1XoOoJc%3DazraciJJJazcJIqJaqL1XoOo4_%3DaKriKz__caccKJKIzL1XoOo4c%3DairKqzqc_qKKciaIiiL1XoOoi_%3DK4ri4zKqKcKIKaIqJL1XoOoic%3Daa_r_4a__qaqiKczIL1XoOoI_%3DzzcrcJcKiKaciciIccL1XoOoIc%3DKJIr44I_z_IaiI_iiL1XoOoII%3Dq_qrIJ_accIczIIzIL*ZX%3DaL&lCj=_&*.=4zi&*lNU~=a&ZP~NP=qJa&.vMCo=a&2XU=JizK4&3PMo~=a&Zu1=wg1muu11mwLwg1muu1qmwLq11&nuCo~1=a&nuMCM=ZCP%3D4i%7C%7CCMC3o1%3Dsa_q_i%7C%7CCZC3o1%3Dj4_z%7C%7CCoX%3Dq%7C%7CCX%3Dq&nuCZ*P=sza&nuC*P=i_i_4JziK&nuoX=Kz&nuvM=CZ*P%3Dsza%7C%7CCC3o1%3Da__aI%7C%7CoC%3Da%7C%7Cv2*P%3Dj4_z%7C%7CXC~%3D_r_aJ%7C%7C~oX%3D_raz4%7C%7CCCP%3Di&nuCu=uCYl&nuvY5=!N%3DKJ_q%7C%7CpNk%3Di%7C%7C0fNk%3Dac%7C%7C!e0k%3DJq_%7C%7C00G%3Dq%7C%7C0e0k%3D4ciqz44KaKqazq__J4J%7C%7CpN%3DKcIi%7C%7CGN%3DKJ_q%7C%7CDNk%3D_%7C%7CddNk%3DzNunp(wRC*iC4xIFTw&XuPY2u*l=CA6s7fXvsfO2aNxWZY(7S0aa_4icDnMMmXk)DMNMcDT%3D&3ovo=a&*M*P=c&uPj=e~12*-2%20p1u~X71M&uXC=ewNqwlK1KqmlW1Wg5U)qqAAW~UWuA-U)-1~&o5*P=o_J44cq_KzzCz_zq_zzJzKzi&MMvP=%7B%22MM*o%22%3A%22zJ_z%3AUUXi%3Az%3A%3A%22%2C%22MMXX%22%3A%22dp%22%2C%22MMMX%22%3A%22Wy%22%2C%22MMXC3%22%3A%22w-UUuvY%22%7D&7C2vM~X=a&sflct=9147666&CXUOX2o=a&ure=1
Origin: https://c.pm-serv.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 23:28:02 GMT
date: Mon, 26 Feb 2024 23:28:02 GMT
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 24816
quic-version: 0x00000001

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 9F3E 0
0 89ms
88ms Fetch
image/gif 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst6zOBGfSFoxjepQGIRVvgorjKF084-1VlCjQgVDzHdioW1MZvXNqDh84FcOFMSdIn0tbfxDSg5uXB2m0qJkscj3grOTmNdFnpWTVVZOnpQkHXWpQMXapk5tVZx3GQPx54kIs7zq5VvFPbGnlK0zln_SizhUH0U-EBobR9i7l_DiHfbmnP-ugkZQTY82LwMaRpBs-PaTiyVtM7nJUFXZzUHWPw2iRBnaOLHOfGMiDr8djmlgojsDa732ZpQYvi_JkEyX5FvTWLSblLQyRdBfKlsPh3VsHf7VF4jIbABis8O-BfS-ns5fZBeoscHYhS8k5i8SHmAg21-fszVVUcylyyMBdzlDqNYcyKn7pKHXQuq4cJETUDPksCysozsbTOtqjQjzX3BCvu0W1GQDGeXbrpBzoajR5Mz6wgnCyC3-NJSSOX7ceatO5l0HANU3o3VGtpc-f_JeRiIQXfnl7U0UBG6JplC7XBSGjdOwapilUlJDLKv4XDG27XhCbBeSSXo90kS0Akv80vCLWmS-KkQTODd3Z9FuLab1TLzgp1Xl2TpS-zIFHQCeBbE-dMC81jjTfBKbx3Eb1vLI6kv8s60pEjCevIy2IWQCvyP_0nngEL-UWJkvfs6ZZj0bMQG32LpVRDWYIckOq6Wp_7P85wRMkNyhxl5WcN63G29aB7GNuaF8jBvpePOkYBAU8alGsKcsdav7CC8ImjKCXlYhdKbR2ptphqYu5x7N0XsEM4HYlW9aKkiq9tAKM-lZqjzpKMkaa92AwioLTz1FeYxwuree8FSXMCTZVO9x3xU8-gAhYM4fSZjGraaSTf561a92zVO81DlZ6xrNUQldBuq53ROQek9J3cJaV3FpqCnRDlr2C_r01ICiCtY9Uld2GvoQ_MCRdCw_LIFc8URPpPe-HkIiGMeKNG6h5ZW5VW40dijYjFImTMfGS3nLOTVhOoOQjUEuQgOjGbY2-hrwSjvoEpsvOeoF8w205Auvkp6n2g-Hfm-g-N5OdSM-5TYpqKz7_k5Kac4V6VnH2whlDZ1skO0yj2WmN2O6t6naVsyl0L-Ofwsg3-cRJCFiSnjIpHdhM7iHGcxmoTUbteYx0O0HTFagsUFJIPQZ30fw8K0ut6JOs3pulhPYBYoMXy71p55HeTcih2lIMT1iQMmZypx4hmPv_UdN5qCYU2k7kVzQtNzsq7QT3NEllYe9G7RAEOnBGO7K_a99YjKHiJH7NoKCR3xevvkEyo-pi0V7yrKpIBFH0WNVX4IxYIVlM_riM4_ytbpjzHXkynW_lI0fEJdJVrkjhHyD1SEe-INDf4vybBiVyXeBE4yBatNMQLfM8U9XlSVHMtVv0O-4K7lqR03LHNCQ4ZIGDjfiF8Ve94peye34tDiOPsF&sai=AMfl-YQSboqZFig-AdgXUVmiy4YRWLQ0viPkGiWFn6OSyLgqJyUcjNilvDRFwKU77PaP5pv2lBr_n-sFrrMixTxAUtBUW0xZ_SPADCTXDesx20fI_urEqIyNs7-ebuPa-VWLoPdHjZSInYKGc2M1tCbKnjn03gehkXPqbPrYxHj6oF3xkcYYUUW2KsWuzcCMjA-EIFicEmFsm54qWvw8crxH34PboiY5lfxd7hL99B3-LTwaLEyjIWDkzH8vTbnC3skRHjg7A0lPlWwIghq0P-LEZDenBRplQuse7QltZEzg0A-6WIFBbT-u5YIlJ1Cn8glgPiTwppY6SHqv2IxjwWEi2-JuuD57m0C0e-ZG3cypoIH-HuFcWHsClf3kC-oGYwtHdU2otMFACCoFff4MqkwM5fdaq3SAwCRYIMDNTEHKuTqWvzoDIkVfVBZMG49Dz8BeZKLV7KcngG8CnRHrrdrMgvYTMIv2FbXc0paX6c_Ll_nHNUgf_FsKLpwuei4bhU8fsnQDNQ&sig=Cg0ArKJSzImay6BfsGXwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ub3J0b24uY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=719&vt=11&dtpt=431&dett=3&cstd=285&cisv=r20240221.30128&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.166 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 26 Feb 2024 23:28:03 GMT

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame B9CD 86 KB
27 KB 119ms
33ms Script
application/javascript 23.196.3.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/225407;7893667;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPIndustryCustomIntentUSDSKBAN970x250/?ftOBA=1&ft_domain=www.offermate.us&ft_ifb=1&ft_agentEnv=0&ft_referrer=https://www.offermate.us/&gdpr=0&us_privacy=${US_PRIVACY}&site_url=https://www.offermate.us/&pub_id=1&sup_platform=1&cachebuster=374268.05663060804
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.201 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-201.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 23:28:03 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: A5S0S08KVNTSA590
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26381
x-amz-id-2: ycO8Lx7KSK3OHpvRe5dQm3IKI3hpBHK8inLgiZxurjtESbgy3o9gNEqOv2nw3xhWPn/QhZw12yQ=
Last-Modified: Mon, 12 Feb 2024 15:44:51 GMT
Server: AmazonS3
ETag: W/"ced6ce1b7b99b74cc94c9fe3e5e2b4d1"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 559186860 326731746
Accept-Ranges: bytes
Expires: Tue, 27 Feb 2024 23:28:03 GMT

GET
H2 200 bql.php Show response
l.pm-serv.co/ Frame BD10 15 B
166 B 30ms
28ms Script
text/javascript 23.200.88.30
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://l.pm-serv.co/bql.php?vgd_len=7461&&vgd_canary=0&vgd_l2type=scs_newfl&fp=z6-r9GNovc0w5Cu3UpJREtK3cTDRxJ1TwUraAi38ah6vgOi5sGbigXEQL7VNLzbLuLa0YM2CzAe75Jb7RR2FudbXTDr_7mvVVcuQQScFTbMCt-fflh0eDk1qFXWVmy8iGGjOEGms9KM%3D&cme=qiExNHCyn8wp2Eno-sDPHxw_6esu9AmNaoI5GTuK6ubjyQmBjm8ktKVIBz5xv-J7Y7nYVFnr53sfgUgudH_myuxjbUwQ5c3VBXKehtHx-YqELGtrpUJyW4XE2uIHk5GeMDOO8SjMD91H6jhsxw-4gtzYMJeyzabtkZ8azvOkFpa4IEuVTZeji9W12pkQIHX1WePKnN024bi9beHbeM6HUCXhuMyR7boyy-BkvAFEzIXqlc41ZrhqufYWJce4C3tmhq23CJqg1qZ90-JehmBUdHzubwUM971pseXIIt7I70JmQ3Cys3F81pXcOoZq__suQhs4J0BK8FQVOwB84IYFOhtZLZSEscla%7C%7Cu8A6SM53vAdGHyR0UfgT8lHvAS-ei2NH%7CwLL068ILS2agV1BPWPQTTrG_jwJ7sCnE%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD42Yzmmp3Yt_05FbuvduE7XYLK_rbl_XavECSAtTSMYAQ%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7Cb9VyLaIP54REQvkk1cymdW3mn9qsMVtl2iVJ6YAZmD8RqLUajtviYlmIJuabqASWhz6Mb4k6XYRA8kEfbvjtEQLGeQ6bTdwpyVk9SPO8uOFGF5DWJkrP-GErQkWf6CO5Kj4xmMG40Ii8XDc2FgCTIJ54hRNmXy2FK3ZRS9kyzIJOnze45Lfdnobcv8dv3NetLmpT7PEgVFxqOXG4Ev9Q0MZJ2TF6lr0UHzoWcwyCKDYSBdSMM7bX4PMlj6j9LCs-vbKVHKLmAGLdhQE9cJRWxd7rmjM_a7j_pCDJVcfhZ2N0pzCIw0D1YG70qH4yKHx3%7C&subBdr=99&bdrid=461&ksu=224&fdkt=201&vgde_kbbh=ffoyxQJuO&kwd[]=Senior+Discount+Days+at+ALDI&kwt[]=201&kbc[]=5cc1052909baeac96c5c8d4618e58aab.d2s&kwp[]=1&kid[]=353111370&kbc2[]=3%3D0.35%7C4%3D5.00%7C17%3D87.22%7C18%3D-1%7C5%3D669%7C6%3D4%7C16%3D8%7C19%3D114.57%7Ckus%3D0.1097%7C24%3D680%7C25%3D9%7C22%3D1.2855%7C23%3D1.3093%7C7%3D0.0077%7C8%3D022614%7C13%3D0.0440%7C14%3D022619%7Cokt%3D201%7Cbdkt%3D201%7C1%3D1.19%7C2%3D1.72%7C7_n%3D0.0126&ktd[]=1126179096494592&kwd[]=Grocery+Deals+This+Week&kwt[]=475&kbc[]=5cc1052909baeac96c5c8d4618e58aab.d2s&kwp[]=2&kid[]=354721396&kbc2[]=eset%3D1%7C3%3D0.28%7Ce_st%3D-1%7C4%3D4.38%7C17%3D30.36%7C18%3D-1%7C5%3D3924%7C6%3D16%7C16%3D46%7C19%3D33.19%7Ckus%3D0.1828%7C24%3D3747%7C25%3D45%7C22%3D1.1953%7C23%3D1.1945%7C7%3D0.0060%7C8%3D022614%7C13%3D0.0424%7C14%3D022619%7Cokt%3D475%7Cbdkt%3D439%7Cps%3D1.647%7C1%3D0.93%7C2%3D1.88%7C7_n%3D0.0058&ktd[]=1126179096892160&kwd[]=Kroger+Senior+Discount&kwt[]=65&kbc[]=&kwp[]=3&kid[]=110054487&kbc2[]=3%3D0.61%7C4%3D4.55%7C17%3D56.55%7C18%3D-1%7C5%3D557%7C6%3D2%7C16%3D3%7C19%3D109.49%7Ckus%3D0.1705%7C24%3D556%7C25%3D3%7C22%3D0.5590%7C23%3D0.5520%7C7%3D0.0034%7C8%3D022614%7C13%3D0.0717%7C14%3D022619%7Cokt%3D65%7Cbdkt%3D65%7C1%3D2.35%7C2%3D4.84%7C7_n%3D0.0025&ktd[]=274911461888&kwd[]=Amazon%27s+Overstock+Outlet+Discounts&kwt[]=475&kbc[]=5cc1052909baeac96c5c8d4618e58aab.d2s&kwp[]=4&kid[]=351036969&kbc2[]=eset%3D1%7C3%3D0.30%7Ce_st%3D550%7C4%3D4.17%7C17%3D35.25%7C18%3D-1%7C5%3D2442%7C6%3D10%7C16%3D14%7C19%3D41.22%7Ckus%3D0.2285%7C24%3D2288%7C25%3D13%7C22%3D0.5726%7C23%3D0.5615%7C7%3D0.0025%7C8%3D022614%7C13%3D0.0936%7C14%3D022619%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D1.647%7C1%3D1.25%7C2%3D3.17%7C7_n%3D0.0016&ktd[]=5629778724262656&v=1&geo=43.12%7C-77.56&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170774885&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Rxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3Af%3A%3A%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CURV5257&vi=1708990082221578396&vsid=3519916826633980&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_act_status=1&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=6&vgd_tsce=L421-S421&vgd_l3_sc=NY&vgd_chost=c.pm-serv.co&vgd_sslb=1111&vgd_hb_audit_1=8CUKR3SFR&vgd_hb_audit_2=303252495&vgd_katid=808076283&vgd_katbid=-21&vgd_kasts=btd%3D78%7C%7Ctstype%3D-10408%7C%7Ctbtype%3Dv702%7C%7Ctpc%3D4%7C%7Ctc%3D4&vgd_kals=tbid%3D-21%7C%7Cttype%3D10019%7C%7Cpt%3D1%7C%7Clmid%3Dv702%7C%7Cctr%3D0.016%7C%7Crpc%3D0.127%7C%7Cttd%3D8&vgd_kalog=MI%3D3604%7C%7CSID%3D8%7C%7CTLID%3D15%7C%7CMPTD%3D640%7C%7CTTC%3D4%7C%7CTPTD%3D7584277313412400676%7C%7CSI%3D3598%7C%7CCI%3D3604%7C%7CHID%3D0%7C%7CUUID%3D2IakSXBjti8t7E9JQB&vgd_pdtid=1&vgd_nrrv=21539&vgd_nrrmf=303001c94a&vgd_nrrsf=scrr&vgd_cty=rochester&vgd_ifrmode=14&sttm=1708990082618&upk=1708990083.8922&hvsid=00001708990082618016112663393325&verid=3111299&sbdrId=99&tsrc=autotemplate&kafm_ull_cache=00&vgd_mspa=0&vgd_l1rakh=1708990082171427631&vgd_ecrid=0200080807628300728009000042900&vgd_mspad=a&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%22QEx%22%3A%22XuWX~9%22%7D&vgd_wlstp=1&vgd_mcf=68237&vgd_vstrid=3519916826633980&vgde_bdata=~G-MjJzvuHAA~GwEv9~G8Ov9.AW9~G-M1zNJQ7mLvuoA*uWof*f9oA~G-M1QzvhuF~G-MJ-Ev9.X~G-My8zQxv9~G-M81GvVKRff~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv9999999~G-MQ8lJvhfW-i9~G-M7Y1-vfH9~G-M7YjMQxkk8-vS~N875vRPssKTa~NUMkjv9~ONvyNEoxQoJ1Q7uoO~OYYMOuv9~OYYMOu9vu~OYYMOufvu~OYYMOuHvf~OYYMOuXvu~OYYMOuFvA~OYYMOuhvf~OYYMOuWvA9~OYYMOuivuu99~OYYMOfv_~OYYMOfuvou~OYYMOffv9.u9~OYYMOfHvX~OYYMOfXvTMOJk~OYYMOfWvf~OYYMOfivu.99~OYYMOAv9.X~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfvu.99~OYYMOXFv9~OYYMOhv9~OYYMOWvu~OYYMjv9.uWH~OYYMYuv9.AWf~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.iuH~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iWW~OYYMYuFv9.uhi~OYYMYfv9.f9u~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu9~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.fA9~OYYMYAHvu.999~OYYMYAXvX9A.999~OYYMYAFvX9A.999~OYYMYAhvu.999~OYYMYAWvu.999~OYYMYAivXWiW.hFX~OYYMYH9vFHHA.999~OYYMYHuvuu.iWH~OYYMYHfvuA.999~OYYMYHAv9.99A~OYYMYXvu.9fF~OYYMYXuvX9A.999~OYYMYXfv9.H99~OYYMYXAv9.fAh~OYYMYXHvA.999~OYYMYXXv9.uFH~OYYMYXFvf.999~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhv9.Wiu~OYYMYhAvX9A.999~OYYMYhHvX9A.999~OYYMYhXvu.999~OYYMYhFvu.999~OYYMYivu.999~OYYMLv9.f9W~JMLEYv9.AWf~JLEYv9.AWf~wNv9n%2Bn9~8w1v9~875EJv4RrK~Yy8vSfhiXhu9WSjJ7MxQMwmYJSxQM1jjMY8O~LMNNvPb~LM8EvfF9fokkNWofoo~LMQNvI3~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvO8eoyE7o1Oofo9~Q7OvO8eoyE7o1Oofo9~x1wv78ku_lHtCZoUluN~eGLv9~NGOEv9.fi9~GQGvA~7yQvAAF-fW9%7ChfW-i9%7Cih9-fX9~zQlvA~Y-GU7v9~GQEvou~7Y-vfHu~875EJM8Ovf~QJjjJLM71yM8OvO8eoyE7o1Oofo9~QxEEj5M71yM8OvSfhiXhu9WSjJ7MxQMwmYJSxQM1jjMY8O~OJ7JN7JOM71yM8OvO8eoyE7o1Oofo9~e8JB1G8j875v9.H~EmQvA~1OGjUvAWAfHfWWHf~1YEvu~N1LL8JLVOv9~myG8Ov9.AW9999~GkjLv9.fA9~Qx8Ov~O7NvJ1Q7MQN~8QMmL7Gvu~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~QmGEv~w7Yjvu~ONx7vfX~OmyGv9ou~JNEMxQJOvGJjmBM%209X~JNEMeJLvYxj78%20x1z78jJMeu~JNEME9Xv9.hHhHA99FFhAXihhh~JNEMEu9vu.XffhuXWHXu9HF9A~JNEMEuXvf.uHAhFu9AiiX99uFh~JNEMEf9vf.FhA99h9Ai9iXAWuA~JNEMEfXvA.HfuuAHhhuFHfWFi~JNEMEA9vH.fHhFFu9FFHHWHHA~JNEMEAXvX.9AWuuiAuFF9Whh~JNEMEH9vX.h9Xfhf9uuWXhfXi~JNEMEHXvF.HihhFiA9F9u9hHA~JNEMEX9vh.AuhAHFXFuWiWFAW~JNEMEXXvW.WfAhXAXh9XHWAAH~JNEMEF9vu9.HXf9Xh9WuW9uiff~JNEMEFXvuf.uXWFFFufXFiHFuH~JNEMEh9vuA.WAf99XuXXAFAif~JNEMEhXvuW.AHfHX9HAAXWuiWW~JNEMEW9vAh.WhfAHAXAiAuiHF~JNEMEWXvuu9.9hu99HuHWAXfi~JNEMEi9vffX.XFXAWAuXWXWiXX~JNEMEiXvAFi.hhi9f9iuWi9WW~JNEMEiivH9H.iF9uXXiXfiifi~8GNvu~&vgd_cfud=230904&vgd_scsver=384&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=514&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_be=1&vgd_l1cdv=1172&vgd_l1rpth=%2Fnpfm.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=c.pm-serv.co&hvsid=00001708990082618016112663393325&rc=0&rand=1708990082948&acid=4aea4517453390658d915658f203c6b0&matm=1708990082949&vgd_ltimesrc=1&vgd_ltime=717&vgd_rtime=644&vgd_etm=11&vgd_l1hcsd=Ss1v0%7C1309&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=1326&vgd_pgid=p0677540322t202402262328&vgd_csip=rtb-ebda-6cf68b999-wjp5m.SC&vgd_sbSup=1&vgd_nrrs=21539&vgd_cntrdt=SF%7C0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com&vgde_cdeplbl=1E8Mzm7M1e18j1GjJ&vgd_eadm=1&vgd_end=1
Requested by: Host: c.pm-serv.co
URL: https://c.pm-serv.co/sr/2722522032/SAFEFRAME.html?ule=3960&&kkdd=u*%7C3%7CAn*9H&j*=a4_iII__izzzac4iKIJ&5Po~=_&2Mou=_&XPj=aa4z&CMX1=fqza&X*P=iGd6hczc4&XoXP=Io!0!dZHCwjUY7NWM~hcN)%3D%3D&X~*P=cc_4qK_4c&M*A1=4zigI_&XX=dp&MX=Wy&X7l2=D)6!8Wy&o*P=ie8aKxdKe&Co*P=0pk(Szi&7CCoM=a&~~~=CA6s7fXvsfOQo)GjfK4*5n7Pet*2Z!R)SJ.yXzq4DI.%3D&lM1=c&v.=a&-5P=q&uPCa=iGdt6KpQ6&uPCz=K_KzczqIc&ZPuCu=LZgOv1l%3DaqKKLZ7o%3D_LZ*P%3D_rKi_LZgOulX1MCY~%3DasKEaiszEz_sKLZgOuMl%3D4aJLZgO1go%3D_rcLZgO5*lM-%3D_LZgO*uZ%3DN)wzzLZgO*lC2P%3D_LZgO~7%3Dq4kxToRiDwLZgO~oX%3D_______LZgOM*A1%3D4zigI_LZgOC2ug%3Dzq_LZgOC2vOM-UU*g%3D%2FLX*C3%3DwdQQ)f8LXnOUv%3D_LPX%3D5Xos-Ms1uMCasPLP22OPa%3D_LP22OPa_%3DaLP22OPaz%3DaLP22OPaq%3DzLP22OPac%3DaLP22OPaJ%3DKLP22OPa4%3DzLP22OPai%3DK_LP22OPaI%3Daa__LP22OPz%3D0LP22OPza%3DsaLP22OPzz%3D_ra_LP22OPzq%3DcLP22OPzc%3DfOP1ULP22OPzi%3DzLP22OPzI%3Dar__LP22OPK%3D_rcLP22OPK_%3D_LP22OPKz%3D_LP22OPKK%3D_LP22OPKJ%3DW)LP22OPK4%3D0LP22OPq%3D__LP22OPq_%3D_LP22OPqz%3D_LP22OPqK%3D_LP22OPqq%3Do~YPLP22OPqc%3D_LP22OPqJ%3D6LP22OPca%3D_LP22OPcz%3Dar__LP22OPcJ%3D_LP22OP4%3D_LP22OPi%3DaLP22Ov%3D_raiqLP22O2a%3D_rKizLP22O2a_%3Dar___LP22O2aa%3Dar___LP22O2az%3D_rIaqLP22O2aK%3Dar___LP22O2aq%3Dar___LP22O2ac%3D_rIiiLP22O2aJ%3D_ra4ILP22O2z%3D_rz_aLP22O2za%3Dar___LP22O2zK%3Dar___LP22O2zq%3Dar___LP22O2zc%3Dar___LP22O2z4%3Da_LP22O2zI%3Dar___LP22O2K%3Dar___LP22O2K_%3Dar___LP22O2Kz%3D_rzK_LP22O2Kq%3Dar___LP22O2Kc%3Dc_Kr___LP22O2KJ%3Dc_Kr___LP22O2K4%3Dar___LP22O2Ki%3Dar___LP22O2KI%3DciIir4JcLP22O2q_%3DJqqKr___LP22O2qa%3DaarIiqLP22O2qz%3DaKr___LP22O2qK%3D_r__KLP22O2c%3Dar_zJLP22O2ca%3Dc_Kr___LP22O2cz%3D_rq__LP22O2cK%3D_rzK4LP22O2cq%3DKr___LP22O2cc%3D_raJqLP22O2cJ%3Dzr___LP22O2c4%3Dar___LP22O2cI%3Dar___LP22O2J%3Dar___LP22O24%3D_riIaLP22O24K%3Dc_Kr___LP22O24q%3Dc_Kr___LP22O24c%3Dar___LP22O24J%3Dar___LP22O2I%3Dar___LP22O~%3D_rz_iL1O~o2%3D_rKizL1~o2%3D_rKizL7X%3D_%20%2B%20_L*7u%3D_L*C3o1%3Dxwk)L25*%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PL~OXX%3DdpL~O*o%3DzJ_zsUUXiszssL~OMX%3DWyL~ZY%3DcOKL~1UOXlC%3D_LM1vv1~OCu5O*P%3DP*js5oCsuPszs_LMCP%3DP*js5oCsuPszs_L-u7%3DC*Ua0Aq(tbsnAaXLjZ~%3D_LXZPo%3D_rzI_LZMZ%3DKLC5M%3DKKJgzi_%7C4zigI_%7CI4_gzc_LlMA%3DKL2gZnC%3D_LZMo%3DsaLC2g%3DzqaL*C3o1O*P%3DzLM1vv1~OCu5O*P%3DP*js5oCsuPszs_LM-oov3OCu5O*P%3D%2Fz4Ic4a_i%2Fv1CO-MO7Y21%2F-MOuvvO2*PLP1C1XC1POCu5O*P%3DP*js5oCsuPszs_Lj*1.uZ*v*C3%3D_rqLoYM%3DKLuPZvn%3DKiKzqziiqzLu2o%3DaLXu~~*1~NP%3D_LY5Z*P%3D_rKi____LZUv~%3D_rzK_LM-*P%3DLPCX%3D1uMCOMXL*MOY~CZ%3DaLP22O1~o2%3DUuvM1LP22%3D7u~2Yl3LZPoXuoP%3D_LPuv5%3DP1Uu-vCLMYZo%3DL7C2v%3DaLPX-C%3DzcLPY5Z%3D_saL1XoO-M1P%3DZ1vY.Om_cL1XoOj1~%3D2-vC*m-ulC*v1OjaL1XoOo_c%3D_r4q4qK__JJ4KcI444L1XoOoa_%3Darczz4aciqca_qJ_KL1XoOoac%3DzraqK4Ja_KIIc__aJ4L1XoOoz_%3DzrJ4K__4_KI_IcKiaKL1XoOozc%3DKrqzaaKq44aJqziJIL1XoOoK_%3Dqrzq4JJa_JJqqiqqKL1XoOoKc%3Dcr_KiaaIKaJJ_i44L1XoOoq_%3Dcr4_cz4z_aaic4zcIL1XoOoqc%3DJrqI44JIK_J_a_4qKL1XoOoc_%3D4rKa4KqJcJaiIiJKiL1XoOocc%3DirizK4cKc4_cqiKKqL1XoOoJ_%3Da_rqcz_c4_iai_aIzzL1XoOoJc%3DazraciJJJazcJIqJaqL1XoOo4_%3DaKriKz__caccKJKIzL1XoOo4c%3DairKqzqc_qKKciaIiiL1XoOoi_%3DK4ri4zKqKcKIKaIqJL1XoOoic%3Daa_r_4a__qaqiKczIL1XoOoI_%3DzzcrcJcKiKaciciIccL1XoOoIc%3DKJIr44I_z_IaiI_iiL1XoOoII%3Dq_qrIJ_accIczIIzIL*ZX%3DaL&lCj=_&*.=4zi&*lNU~=a&ZP~NP=qJa&.vMCo=a&2XU=JizK4&3PMo~=a&Zu1=wg1muu11mwLwg1muu1qmwLq11&nuCo~1=a&nuMCM=ZCP%3D4i%7C%7CCMC3o1%3Dsa_q_i%7C%7CCZC3o1%3Dj4_z%7C%7CCoX%3Dq%7C%7CCX%3Dq&nuCZ*P=sza&nuC*P=i_i_4JziK&nuoX=Kz&nuvM=CZ*P%3Dsza%7C%7CCC3o1%3Da__aI%7C%7CoC%3Da%7C%7Cv2*P%3Dj4_z%7C%7CXC~%3D_r_aJ%7C%7C~oX%3D_raz4%7C%7CCCP%3Di&nuCu=uCYl&nuvY5=!N%3DKJ_q%7C%7CpNk%3Di%7C%7C0fNk%3Dac%7C%7C!e0k%3DJq_%7C%7C00G%3Dq%7C%7C0e0k%3D4ciqz44KaKqazq__J4J%7C%7CpN%3DKcIi%7C%7CGN%3DKJ_q%7C%7CDNk%3D_%7C%7CddNk%3DzNunp(wRC*iC4xIFTw&XuPY2u*l=CA6s7fXvsfO2aNxWZY(7S0aa_4icDnMMmXk)DMNMcDT%3D&3ovo=a&*M*P=c&uPj=e~12*-2%20p1u~X71M&uXC=ewNqwlK1KqmlW1Wg5U)qqAAW~UWuA-U)-1~&o5*P=o_J44cq_KzzCz_zq_zzJzKzi&MMvP=%7B%22MM*o%22%3A%22zJ_z%3AUUXi%3Az%3A%3A%22%2C%22MMXX%22%3A%22dp%22%2C%22MMMX%22%3A%22Wy%22%2C%22MMXC3%22%3A%22w-UUuvY%22%7D&7C2vM~X=a&sflct=9147666&CXUOX2o=a&ure=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-30.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c.pm-serv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 15
expires: Mon, 26 Feb 2024 23:28:03 GMT

GET
H3 200 susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FC1 50 KB
19 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/susE4wCQGjo81FKHs9-5ESeldxvWjf24bzthmuzw7UQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2eb04e300901a3a3cd45287b3dfb91127a5771bd68dfdb86f3b619aecf0ed44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19580
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 07:38:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE08 0
20 B 88ms
88ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BODgogR7dZfmHApjTo9kP27S8uAkAAAAAOAHgBAI&bg=!oqGloe7NAAbA870Z4PM7ADQBe5WfOIfV1YJPpNZjU3HPMzylfxZ4uvn6OmQFGUycVtTvp9n9vAuhvNxv6dlo1Zg9035TAgAAAQBSAAAAA2gBB5kDZbttVcgwS7-n2thsKvdHpPr-Ni1kDBN6qB-ooAzlaV7kdLmkVeUOBnXTAUrzdqHPrMvGRB63GnlUnM0UyzLGjkuHaWiCc-CDduWQp9LYtyK6-jXiYTFHAlRZio6ct9Eqf9bdlCjhO3zKRMh-NTOCkpjt1xx8LXqC6ESozUe-mplYgSw6lwTgfcV6xjEIeFWdbrrv_lJ_EGCJ7KeWhPHOFPK_8q7I5ccqprlrq8_tq5Gsh1uAUK2O3Q5Gga3wk8o683qmm0_2pMEzU_j7W_CBbqUd-opE_g7BO6MPZwv2j_koxqq_o8zH_9KN4dCmRSmu4ZiUct131qQLKejV2-xj5vLR9XOqHB58Ays4TafTU0PmL6uFXhMssJ2cZkFxdJynPv_iarKprJlGS_CivUclRGM6myR0sCDGAZO1kNGvWZfBuIwGGhuz8goo1lf6Lu1EPBQX4GdbD-nwrlOfyftR16Kvj591vgfcvaTk0n7XiTHPQNzRbfzUWQBSAfIFi38dTgT9u6i9OfllXwGX5d7dbT0Fmco2Z46EGQ7h5um3U6QuRDlXUTaIGGWwnEiZRzmjISlp1JwXR9pe08WXPCgygwVhb738u6XEBgdC9FxuFQyHHbECkCZ4p9kFcQIH6_KCLqNq0h8YH-9WaBpnEXESgXtEO-zcBAZcdu3b9EAsqc_Drbl3affIGW4pnq1N07exTZNnmtS8GKfB14MHe-BR4QZ7us3fh5HoFDdRKCc9MDjiZGSYKcnTlt8TTOIioUT2sTTJWL8UGGNc5lCnawmEJDiF_mbvnLAYv_th4ZPGNXkUChK_mofx-qwUnyYmLAmMJs_9Mhn6LZM22EpCzC5bgFXb6CXPZn7eqCD_dQaQnHXOVTygxihSxjoNHr266bKCAC1nMOCZl-8Z9feIi2SyOuXek3lCUQKOS66U7EoIXZnBWArtD3tsZpEhhxFcb6HbfbYsTpL5hMmFWDnLPSkrVhbrwM9ow0my_1_I4ECq1qAzPYCGbiXNq__uAS_zXRd4gRWb8hqTmmcPpOFHt0EuMOuP7Mrm3NaX3lTEzLf56V91PaZzN6Zn8wWrXeD8xsk-Z3ONwp76PxJF5iGG5OylhahjUJUeoVWZ7G2h_4P8xdRLGQckPUOQrUUL1gwt-NKV-rWHfXN8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4141405.json Show response
agen-assets.ftstatic.com/display/7893667/ Frame B9CD 4 KB
2 KB 112ms
26ms XHR
application/json 13.35.93.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7893667/4141405.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-20.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0a2df12b28aca17d060023903ab7c5809af49a8a5845d3046ad900a04142157

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.1), 1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 17
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1768
last-modified: Wed, 14 Feb 2024 16:45:47 GMT
server: AmazonS3
etag: W/"1bd5318b23d7711ca92a72ac30399873"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 236394841 238521146
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: ataKphLHU0cy-u41fRqXpz2Ka6mnCjlbacQfrGZWw4QVk9UD9edn1Q==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 376B 0
20 B 87ms
86ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bqa2tgR7dZf-HApjTo9kP27S8uAkAAAAAOAHgBAI&bg=!-Pul-7TNAAbA870Z4PM7ADQBe5WfOHtYUnsqAFPMygKuUCaJS4NRUDv6Hro-6rHoJzCf1uctPIQB8hbIRGTPuM4NkGWlAgAAAMpSAAAABmgBBwoAGzI3cmTyeI6Me0hoOCpq9B-rTEXjoKJUObGbFJkDTScsbJNKRsCsKfK57_bkR04tGv9mSj2je227nBYb1ed2eKC1KPTaq7Sh-CCE1Wtykvz8IfMDcD3u3PhgFUaMxOWaKxGzV7YnSRvCcTi8LWP0cUyVPQe63zRrAhNhoLbILFhXhem4YYcjEt2eMn_6BmYr4e7PjtA9dZu-7ySHgt9Ydt7P3I7nCIiLjCUdPLRMEEaSXo24cALdeM7M_UBbBK9RK5QAUK3UC9KkrTevvnokkBuV_CMoTMLWBS6ay_uKFZIL_annoSHA9Y09nOticdD5EapEP0bCMhSL0k5ilJQd3iqhzgwOc11MxEZE_d3pjN4P4Jwqlyxcfx3yDFLIAUXjzdt1xcOgOA0Ksf-tn7mS9GDHX8oMKDFQGDZvdfD83j6mjqAldB1W4r8T-vc4GYEInp3Bj59ew1ukFHkF9ZOYU5DxUch4zQ-t8Xtl5CVCLAK8CoE0DXPA7ugVIHaNB87NbmhIgxnLnlrmnpRQnU5CyuThjPSPiIzFL51bVrOrqFQuVDWohtvI3xpvn2Wnolz8ll6j3ZXep4BS4LlkRNiFF3ArrB5bnw9VZc5xoyFcZFRFbx-MGymEHBzcg8x6DAQK4FrDrUfLjGWXAmQ0Q6PSe6tygpzoWBee0Ud8_rsUhHckP2d89o-9yj_G2hTvpbVgACbZV02xzKKNdIFrnQwQ5uw1DilJ0Uc1Si5kHsPVZvbEkvRnGsnwdkAyIx756d_NB3lfQOW9epODxrY4t_nNQu_SnvZ1d9isG6xOV01SDcJtqmYTVVYUbwqJWEcHULTHYnezq5vvxNxUTiqVV8VpIhDGidpxSQLVx17lf6_3svSSEIpMZhVPmqBxQaBY71BIUKqt0W_hZcyWltjEHnpqUWzGKh2LsnI9xrUOGycabmb5SfbhUaP9DX3BqOGJH1M4Z8-s29yKl8GRFUpu9cx2hlDNl8g_C7xxieTPVCFtjZJpaOj4b0tN8462SyHKXed7W-O2y_jk2-GJKTyt5DIPV7a3Vtvripbfiq36GVtHmPQnbV8oVINHV4JpkKaO_ecEAwQAcxqrDk5jxNmbvl0t2PMriLDVI1YRd0WAPM5ZUysPShJjNYLO7nhcWWYmIZq_k6Qd_6TVBuz0C6vV

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FC1 0
20 B 88ms
87ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0FKPgh7dZeX1IdmUjvQP27ql0A8AAAAAOAHgBAI&bg=!RkWlRQrNAAbA870Z4PM7ADQBe5WfOLukw0rYNiH1d0WpmA6eQxLwvLiojm-ZafRtyh0H4LuLdnMgbzmxzg1gaLZHX88pAgAAAIJSAAAAA2gBB5kDXGKNfB9-BQ58Y4c0ZRCv5eUMvIjWNTb57aCq3sH5TyGjARQSesqGrVwPQjXusMADfqdjyL8UaxOHtpXIDBR7q0hdgf0kobd6WjpWr8YsuyVPXjzTddboXBT1ioi1wwA6uk6QUXMnf116MJT0ow1gGhu-GMGIW46CLnaN6M0uWEjJLuAEfop8hSFMiTwbZZSrv70d4Ax_c8SeOKpWz2H7GSRwfwWJrTJFXve9S6a1EzH9EcmWAoRezb-c5Ovj3xgad20L_QyAuEvnms-G0v4ZqFcfj1aeNpHMwJ8gVhWwNgYv9nB3XYKd_JshtGe03TGwa01rzKB74VzgPqro9IJnK7OZhNzPs9aIBWtPF_tZPLpgV2YyT60WyOLHkNZOK_aEcuqFwDMJjOrooe9csVlLWLARSNZBqFuTnwDJGyveNEa5g4hHu2Pw2qoEaFNwFPjoRSjbG9sodcfDxfdVV_1OVsNyVeyo1cJj9mnbdQXHHc1sQBOc9IcdJQN_AXM6CcZnGiDMYfm6IER0jRMS4y8Cx4bgVP4_ad6MilQtQ9f6isQlvoQGF0LrLvLdSa6ZloGrZzHh0P-x2GOKqNzwqsB_eNxS0gnQN09lUn1mmRBSXTbVAD_Bw2ZSgEi8kxU0UQ0iPe_1AHUPFoD7RJq3Ho-9g1hXYjCDFKydKHCRkg8KYwf5IfT9uKgEDfy0BVeo7PwJNltcuW-vp8iUunF4zLSBAh2cJvVKo523ImOqhshBtJj5oYl6Clodx7dfRAPUk-YBeMfSCrwfR_65ktGl2Uhr5fS4zz_C0mD73m8lbxjALeoGp7vjkhha_9Xnt5IDCj5ywkQ4jHfsnJROWpKpR_iWPsjeOTOloFVQzdcSfhoE78Uz7_8XbSB02GNk10q3P2UeuqyyDlaFrM9or-v3OPwIufkqkrTWNw0Kbvgy1cY0Qu44n7OW1U2QmQxo-_bXuuOBtxGOIGBdTaZSfAohjExLDVUd7fU4Im8bYNSVHwGiLplHMfukah8cYOceDNB8rNfsDHouYcUIwhFK4yfK69olWDF5n3bEw1YZ-bTMUSEBhgNx0rWITnI8RwXwrOflM0czpFR93luBhWRalQMrwnTxaDmhmkv36jlTkKjsxld_j7uOa-a9cspeuEFZoOFv

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d9core Show response
d9.flashtalking.com/ Frame B9CD 11 KB
11 KB 144ms
38ms Script
application/javascript 44.214.189.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.189.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-189-209.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 0e891a0a9b78800668266cb8cad8a43e0728d5681b92c6ed3cbc3ba677552712

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag: 5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: application/javascript;charset=utf-8
cache-control: private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials: true

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame B9CD 552 KB
161 KB 142ms
28ms Script
application/javascript 2600:9000:261f:e00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7cf15d9418a50b2380c5d25bd6670b15fb72defd881f3e0aeb130198a9d53176

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 13:21:13 GMT
Content-Encoding: br
Via: 1.1 fa2ecff4e65c01748abe1c8c2a9dfb72.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P3
Age: 36410
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 26 Feb 2024 13:21:13 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: xFZhRtqLN4BrB7ycU14elL3_BPGsbn8y5WTOfNR3AH6A892LnmRaoA==
Expires: Tue, 27 Feb 2024 13:21:13 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame B9CD 17 KB
6 KB 163ms
56ms Script
application/javascript 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 23:28:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 413862034 236107414
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Tue, 27 Feb 2024 23:28:03 GMT

GET
H/1.1 200
OK FY23Q1_DC_AcrobatDC_AcrobatDC_us_en_DGVersatile_ST_970x250.jpg
cdn.flashtalking.com/172799/4141405/ Frame B9CD 76 KB
77 KB 128ms
27ms Image
image/jpeg 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4141405/FY23Q1_DC_AcrobatDC_AcrobatDC_us_en_DGVersatile_ST_970x250.jpg?529498977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: a5b84ea9b42ee27564554d30e8d2db7e1e500d1a7eb0ab589c4253aaebb29a95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 23:28:03 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 77852
Last-Modified: Wed, 23 Nov 2022 23:09:33 GMT
Server: Flashtalking (AKA)
ETag: W/"e85b88b9ad24bacb272ff351b3239e78"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
X-Varnish: 131959357
Accept-Ranges: bytes
Expires: Mon, 26 Feb 2024 23:48:03 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame B9CD 1 KB
2 KB 129ms
29ms Image
image/png 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 23:28:03 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 108102152
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Wed, 27 Mar 2024 23:28:03 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F3E 42 B
174 B 88ms
87ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuf1M5x366bwre0NhnZNm2TVTKEq29Izuqy9zfWGs6uLhBHJ9HQcyj0eKfgFEnNHKrTwYX0kPkXvBjRBoRWT__LfE-c6POg0-vlK9o4GcGRrMJqNzco_YN35yJ_CjwwIcjzOIxjdpqweA8-GLJa0Z2zcoreINET9D4&sai=AMfl-YRu8DGuWS1fub7JPdal8rDM__4PBDgCaXI4KNfCWxOAiPtQjZ98xW71qdED2h37IQQw36GBrt_7x1a8ITSdjvBFwAzgNsm70tz1SI3XYZmaKf9u4mGgHr8fantef9mk6LjiIPF16txlU_q18B8m&sig=Cg0ArKJSzFitevkJydBKEAE&cid=CAQSTgB7FLtq5GUcW7fYeoVFN_yAdlWhxm5SZrX2SoB_KW4KBJ7bnBeY5altkiwC5LX0J9MJ4CA88yMiexXfSNt3lyhBiKIXf4kUz_d-QRsqyhgB&id=lidar2&mcvt=1000&p=167,255,417,1225&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1556417377&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=492288200&rst=1708990082149&rpt=310&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7893667;4141405;0;271;23F71D7D-AD1C-DAE3-E174-3181D3B86DCF/ Frame B9CD 0
67 B 140ms
36ms Image
text/plain 3.210.177.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7893667;4141405;0;271;23F71D7D-AD1C-DAE3-E174-3181D3B86DCF/?cachebuster=75665221
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.177.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-177-128.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame B9CD 1 B
377 B 128ms
53ms Image
text/plain 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7893667;4141405;0-304-0-0-858764906
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 23:28:03 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Mon, 26 Feb 2024 23:28:03 GMT

POST
H2 200 lgc Show response
d9.flashtalking.com/ Frame B9CD 103 B
574 B 79ms
78ms XHR
application/json 44.214.189.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.189.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-189-209.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: bbe4c48e6428e31847ee443fd9cc9445b0c807d144b2d6d2f31f1cbbaf1fb178

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 26 Feb 2024 23:28:03 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
content-length: 103

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7716 42 B
64 B 88ms
87ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcFQGBekMh8DaRkufknS0jEJwmyxl23H_HB9LWYotB2zpI3gMLqSM2Y2O7Q1fOZCZhO7TjSe_WdWhCyAuD1nDMUMI6cybQvj73TMJACCGzftuI4tb-xs3V_QJHf51vz7LYCegSAM3M1mjIU2sNSNvUAAalq7ovK9Q&sai=AMfl-YTd8ow6e9VMW_mXaxi0q7Ng-FXL9va5IOCo17kOQCAlASxVeWJNKpnuyLUitC7SxgYQJjhGEjBhApbtZgSQXfSEo1YwvfwK712TzDaRBeaNiE8xJqqUui2PjJT1ACD27l-Z2cuVRrLnKTQfH0YQ&sig=Cg0ArKJSzAwPkbFuerjxEAE&cid=CAQSTgB7FLtq5GUcW7fYeoVFN_yAdlWhxm5SZrX2SoB_KW4KBJ7bnBeY5altkiwC5LX0J9MJ4CA88yMiexXfSNt3lyhBiKIXf4kUz_d-QRsqyhgB&id=lidar2&mcvt=1000&p=167,1245,767,1545&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1173781178&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=492288200&rst=1708990082176&rpt=363&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame B9CD 121 B
717 B 191ms
53ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dfmRTQpzHzgDbfkPWiQrXSOZEJRDSgxF-FE7fPshldVTkKDoe03vKF0rB-E03BNMRiaFTlNQ==&pm_ct=cd860a55eb861506970cecec&pm_pl=1708990083593&pm_td=16&pid=1000925&en=1.1&callback=__pm_glbl_bqi316y5BRCrTTlYJ2wJJUdh._gc1&tt=g&v=ba96757
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 66e23b6ba1e71c6659e7996a465f25d16aff224f3534d4b550671e3f0b3a9ad1

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 23:28:03 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 121

GET
DATA 200
OK truncated
/ Frame 181D 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B9CD 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/7893667;4141405;0;401;23F71D7D-AD1C-DAE3-E174-3181D3B86DCF/ Frame B9CD 42 B
343 B 35ms
34ms Image
image/gif 184.28.61.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/7893667;4141405;0;401;23F71D7D-AD1C-DAE3-E174-3181D3B86DCF/?ft_data=d9:d332d82ca1854f0cb22cb839aa37b42b;d9s:d332d82ca1854f0cb22cb839aa37b42b&cachebuster=375286988

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.28.61.13 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-61-13.deploy.static.akamaitechnologies.com

Software

prod-xre-app49.ash11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Feb 2024 23:28:03 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app49.ash11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Mon, 26 Feb 2024 23:28:03 GMT

GET
BLOB 200
OK 37941c66-60da-45a9-849f-4d9db2cc103c
https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/ Frame B9CD 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/37941c66-60da-45a9-849f-4d9db2cc103c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 65ec53cd-f167-4578-b3ae-d555544646e8
https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/ Frame B9CD 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/65ec53cd-f167-4578-b3ae-d555544646e8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
BLOB 200
OK 914288dd-de5f-4696-994b-c60d6a8d8b20
https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/ Frame B9CD 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/914288dd-de5f-4696-994b-c60d6a8d8b20
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame B9CD 1 B
320 B 50ms
50ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dfmRTQpzHzgDbfkPWiQrXSOZEJRDSgxF-FE7fPshldVTkKDoe03vKF0rB-E03BNMRiaFTlNQ==&pm_ct=cd860a55eb861506970cecec&pm_pl=1708990083593&pm_td=427&pid=1000925&en=1.1&callback=__pm_glbl_bqi316y5BRCrTTlYJ2wJJUdh._gc2&tt=g&v=ba96757
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
Date: Mon, 26 Feb 2024 23:28:04 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame B9CD 1 B
320 B 45ms
45ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dfmRTQpzHzgDbfkPWiQrXSOZEJRDSgxF-FE7fPshldVTkKDoe03vKF0rB-E03BNMRiaFTlNQ==&pm_ct=cd860a55eb861506970cecec&pm_pl=1708990083593&pm_td=492&pid=1000925&en=1.1&callback=__pm_glbl_bqi316y5BRCrTTlYJ2wJJUdh._gc3&tt=g&v=ba96757
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
Date: Mon, 26 Feb 2024 23:28:04 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame B9CD 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame B9CD 1 B
320 B 44ms
44ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dfmRTQpzHzgDbfkPWiQrXSOZEJRDSgxF-FE7fPshldVTkKDoe03vKF0rB-E03BNMRiaFTlNQ==&pm_ct=cd860a55eb861506970cecec&pm_pl=1708990083593&pm_td=541&pid=1000925&en=1.1&callback=__pm_glbl_bqi316y5BRCrTTlYJ2wJJUdh._gc4&tt=g&v=ba96757
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
Date: Mon, 26 Feb 2024 23:28:04 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9CD 0
20 B 83ms
82ms Ping
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9177871225487&version=m202401290101&ct=77&x=1&cor=12346517626059457000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame B9CD 6 KB
6 KB 102ms
26ms Image
image/png 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Mon, 26 Feb 2024 23:28:04 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 977502517 975897158
Content-Type: image/png
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Mon, 26 Feb 2024 23:48:04 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 42ms
41ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BJSLJRYJJN&gtm=45je42l0v888987118za220&_p=1708990080546&gcs=G1-1&gcd=13l3v3l3l5&npa=0&dma=0&tcfd=14I44&cid=1848573309.1708990081&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1708990081&sct=1&seg=0&dl=https%3A%2F%2Fwww.offermate.us%2F&dt=Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!&_s=3&tfd=7515
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BJSLJRYJJN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 23:28:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.offermate.us/	1969-12-31 23:59:59	Name: PHPSESSID Value: kp5pqniejmqq6mge2j8obppc9n
www.offermate.us/	1970-01-21 03:28:46	Name: SrvCch Value: 0
www.offermate.us/	1969-12-31 23:59:59	Name: _csrf Value: f58b97f59e888b4080a8c4419c30f74021cb480a56bd47b5f90dbf68c32b4025a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22Gtdv_Dt1_eNkoGiTRbf6sGmmKjN8Ly3d%22%3B%7D
.offermate.us/	1970-01-20 20:52:46	Name: _gcl_au Value: 1.1.1903580459.1708990081
.offermate.us/	1970-01-21 04:19:10	Name: _ga Value: GA1.1.1848573309.1708990081
.bing.com/	1970-01-21 04:04:46	Name: MUID Value: 33319C3BD04F63183AD3880AD1286276
.bat.bing.com/	1970-01-20 18:53:14	Name: MR Value: 0
.bat.bing.com/	1970-01-21 04:04:46	Name: MSPTC Value: jMlQOu35-OUdzPJhkQYf5H0xrsMaUAK0O2Le5y6qoQ4
.offermate.us/	1970-01-20 18:44:36	Name: _uetsid Value: ae932ad0d4fe11eeb4fd17df7eecae31\|1g5gkjj\|2\|fjl\|0\|1517
.offermate.us/	1970-01-21 04:04:46	Name: _uetvid Value: ae935350d4fe11ee87da51a811825bb3\|1cir0bk\|1708990081402\|1\|1\|bat.bing.com/p/insights/c/o
.offermate.us/	1970-01-21 03:28:46	Name: FCNEC Value: %5B%5B%22AKsRol8l6nYMHvPPtk2YrqchwfYBSwo2-yVRYvj8-EU44pzxFoVTEN1gtL9bJGOlb1Op8r32QVgoCjA3YtGg_RMy8hwrskyy4CpxUrrzA-tdfVM3TKz1_NG1MAwbHmA6mCOrLa1xJIu6YZ_pAPGwphNya1evuXO_tg%3D%3D%22%5D%5D
.offermate.us/	1970-01-21 04:04:46	Name: __gads Value: ID=6f74a2fb5460731f:T=1708990080:RT=1708990080:S=ALNI_MaqN7Ofl56jQpTHcNbtvbj_3q4JBg
.offermate.us/	1970-01-21 04:04:46	Name: __gpi Value: UID=00000dcd5acf0673:T=1708990080:RT=1708990080:S=ALNI_MZkEsncXzgnDArjDreNggc1YLpcZA
.offermate.us/	1970-01-20 23:02:22	Name: __eoi Value: ID=6414d4331b0f4c7b:T=1708990080:RT=1708990080:S=AA-AfjbqsTOqOrGGk5IHIj-HYVY9
.offermate.us/	1970-01-21 04:19:10	Name: _ga_BJSLJRYJJN Value: GS1.1.1708990081.1.0.1708990082.59.0.0
.adnxs.com/	1970-01-21 04:19:10	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 04:19:10	Name: IDE Value: AHWqTUmHQhcPIFv0zFV1efqCi3LSqlMbX8HN4eLktjADW5Sjrgp_Vl7N1WbOiZPliMo
.doubleclick.net/	1970-01-20 23:02:22	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:28:46	Name: CMID Value: Zd0egtHM510AAHu8AH5A7AAA
.casalemedia.com/	1970-01-20 20:52:46	Name: CMPS Value: 1402
.casalemedia.com/	1970-01-20 20:52:46	Name: CMPRO Value: 1402
.adnxs.com/	1970-01-20 20:52:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hbzqh!0R!@wnfH8K6pQK`!5=E<L5?%K>cYZK5.C1H#i6Z/ad/IOl]MYp?pVosU_`-[%nugO%v4VB%nog>*>A/F
.adnxs.com/	1970-01-20 20:52:46	Name: XANDR_PANID Value: NGv9vaZ73UDU8r0FpGil5658jMN1zZhSLxxwMf5mitR55XapseTeDEw1mAxEqYTOAZkRrU0TnQwv0_5xr0TNuyf9LNk0B-9iejt8kHuVRoY.
.adnxs.com/	1970-01-20 20:52:46	Name: uuid2 Value: 2457308735570875536
.doubleclick.net/	1970-01-20 23:02:22	Name: APC Value: AfxxVi4CenlXjNTrrN7pktI9PEjZR7VDpDVpn0qe_UIPX4eGXttE8w
.doubleclick.net/	1970-01-20 19:26:22	Name: ar_debug Value: 1
.media.net/	1970-01-21 03:28:46	Name: visitor-id Value: 3519916826633991000V10
.pm-serv.co/	1970-01-21 03:28:46	Name: visitor-id Value: 3519916826633980000V10
.flashtalking.com/	1970-01-21 04:12:34	Name: flashtalkingad1 Value: "GUID=590072A37972A4"
.omnitagjs.com/	1970-01-20 19:26:22	Name: ayl_visitor Value: 8e75e148b8602a8ba114af1396e81534
.criteo.com/	1970-01-21 04:04:46	Name: uid Value: 43a84aad-ca6b-4698-8b86-b61a8e134b26
.go.sonobi.com/	1970-01-20 19:26:22	Name: __uis Value: 304a7e3f-1b8e-450b-b017-79c9809b224c
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85168\|Zd0eh
.adsrvr.org/	1970-01-21 03:30:12	Name: TDID Value: cffbde74-2b37-4237-bdf0-164645297b4e
.zemanta.com/	1970-01-21 03:28:46	Name: zuid Value: XarFFe4ja-aMg8VUTQKT
.media.net/	1970-01-20 19:03:19	Name: data-g Value: CAESEIKOzjF_sxHwiBb1oALKKhQ~~6
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrQwNDYwNTA3NjA0NzE3NjQ3NhbiM9Qt9zCKd_ItM06pMkgEALULWzglAAAA
.rfihub.com/	1970-01-21 04:04:46	Name: rud Value: H4sIAAAAAAAA_-MSNrQwNDYwNTA3NjA0NzE3NjQ3NhbiM9Qt9zCKd_ItM06pMkgEALULWzglAAAA
.adsrvr.org/	1970-01-21 03:30:12	Name: TDCPM Value: CAEYBSABKAIyCwjWz-jwqcvbPBAFOAE.
.bidswitch.net/	1970-01-21 03:28:46	Name: tuuid Value: 7215d344-640d-44cb-beb6-9324ccfb46e2
.bidswitch.net/	1970-01-21 03:28:46	Name: c Value: 1708990083
.bidswitch.net/	1970-01-21 03:28:46	Name: tuuid_lu Value: 1708990083
.mfadsrvr.com/	1970-01-21 04:19:10	Name: tuuid Value: 961a93e1-0521-4789-bbf5-dffa04bbd1b0
.mfadsrvr.com/	1970-01-21 04:19:10	Name: c Value: 1708990083
.mfadsrvr.com/	1970-01-21 04:19:10	Name: tuuid_lu Value: 1708990083
.media.net/	1970-01-21 03:27:19	Name: data-ayl Value: 8e75e148b8602a8ba114af1396e81534~~6
.media.net/	1970-01-20 19:23:29	Name: data-so Value: 304a7e3f-1b8e-450b-b017-79c9809b224c~~6
.media.net/	1970-01-21 03:28:46	Name: data-ze Value: XarFFe4ja-aMg8VUTQKT~~1
.media.net/	1970-01-20 19:26:22	Name: data-c Value: 43a84aad-ca6b-4698-8b86-b61a8e134b26~~1
.media.net/	1970-01-20 19:26:22	Name: data-c-ts Value: 1708990083
.w55c.net/	1970-01-21 04:10:31	Name: wfivefivec Value: hodtDhbO1REKob5
.mfadsrvr.com/	1970-01-21 04:19:10	Name: ssh Value: !medianet,1708990083
.media.net/	1970-01-21 03:27:19	Name: data-rk Value: 1813050730174731733~~6
.media.net/	1970-01-20 19:03:19	Name: data-ttd Value: cffbde74-2b37-4237-bdf0-164645297b4e~~1
.w55c.net/	1970-01-20 19:26:22	Name: matchmedianet Value: 5
.media.net/	1970-01-21 03:28:46	Name: data-mf Value: 961a93e1-0521-4789-bbf5-dffa04bbd1b0~~1
.creativecdn.com/	1970-01-21 03:28:46	Name: g Value: 0K5oLwmdTLOsOIQUYyXW_1708990083208
.creativecdn.com/	1970-01-21 03:28:46	Name: ts Value: 1708990083
.media.net/	1970-01-21 03:27:19	Name: data-xu Value: hodtDhbO1REKob5~~6
.media.net/	1970-01-21 03:27:19	Name: data-bs Value: 7215d344-640d-44cb-beb6-9324ccfb46e2~~1
.media.net/	1970-01-21 03:28:46	Name: data-rbh Value: TxopWIPD_7sPLjm4L0c6LZ6SZz2904SdgmIPoH9aARg~~1
.flashtalking.com/	1970-01-21 03:28:46	Name: _D9J Value: ae84df521c95424cb55a811757087c37

301 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.
security	error	URL: https://www.offermate.us/ Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js(Line 9) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js(Line 9) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.sPOifMc_paI.es5.O/am=wA/d=1/rs=AJlcJMxC6VU939RHeM2Bh23nKkjFPXLcIQ/m=kernel_loader,loader_js_executable(Line 333) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js(Line 9) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js(Line 9) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js(Line 9) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js(Line 9) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js(Line 9) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js(Line 9) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.offermate.us/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' blob:; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d0c7b75e140d7582d0accd253331b1a.safeframe.googlesyndication.com
accounts.google.com
ad-events.flashtalking.com
ad.doubleclick.net
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
analytics.google.com
b1sync.zemanta.com
bat.bing.com
c.pm-serv.co
cdn.flashtalking.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.media.net
d9.flashtalking.com
data.ad-score.com
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hblg.media.net
ib.adnxs.com
js.ad-score.com
l.pm-serv.co
match.adsrvr.org
na.leafletscdns.com
offermate.us
p.rfihub.com
pagead2.googlesyndication.com
pm.w55c.net
rtb.mfadsrvr.com
s0.2mdn.net
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
stat.flashtalking.com
stats.g.doubleclick.net
sync.go.sonobi.com
tpc.googlesyndication.com
visitor.omnitagjs.com
warp.media.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.offermate.us
x.bidswitch.net
13.35.93.20
130.211.115.4
142.250.65.226
142.251.40.166
184.28.61.13
185.184.8.90
195.244.31.10
199.38.167.131
2001:4860:4802:32::181
23.196.3.201
23.200.88.30
23.56.162.28
23.56.162.52
23.58.90.38
2600:9000:261f:e00:a:deb0:3380:93a1
2604:a880:2:d0::867:1
2606:4700:20::681a:364
2606:4700:4400::6812:249b
2606:4700::6811:180e
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c08::54
2607:f8b0:4004:c09::9b
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:817::2003
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::2004
2607:f8b0:4006:823::2001
2620:1ec:c11::200
3.210.177.128
35.207.24.140
35.211.178.172
44.214.189.209
50.31.142.95
52.223.40.198
54.174.143.135
68.67.160.137
74.119.119.150
007395778d89fad6f9e3ce72d29109accf5363494d53d3927a6c2046f8bcdc28
03bf1977f857000a7f2498c2e2bbf35449bcc0bfe7af5401d746115b2dd91d74
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
071e7dc9b3bc80d1c438d1b429d2a7c81162eb6b2200792fbcdb2ec55e506e10
0784c077daa911e2e7e54174409577e34af77e39f7ea502baf6345036525b8ea
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a3765812085e78cf5c8ef508d37dbb388e759a41b38a750074c9f89c3ce009d
0ae080fe6f525f1c24ac4a6029c3cdf9d5166539e0577ae7c79dacc3a45169b6
0b045979ba93452d33711cc59f8d3f50423fd32e59721233b6a2d363154d02fb
0b4ad8d9670043a8bddfd23a873267f8a0b69d20c6d4462b99cd93bd2ec4fe5c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0e891a0a9b78800668266cb8cad8a43e0728d5681b92c6ed3cbc3ba677552712
13507628fbddf9166fc956aa7b04493d42fd735960378fd8da3ac8768cbfab6a
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
165f3431cc9d44decf858da2227abcc9f2df705622c1448d9af2f1de97ae04b1
19563baccccb97afdaad9daa721777b8d1ae1c34ef1c77a247702fbf707d72c3
1b167be4303c7eb6ba565de551b2d1e749aecb7cd578132492b3487b72b996dd
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1c1e0c28137c42797a894fe2267653af646136000fc5c53cb82c0f85971a1b45
1f43ea6cbbf261394f83dc2f3425942bf6ddf498490f6cecfbf38739c1ff8b71
1f73061d8b267eeede951652354891814d6abac0c6aa48462f0d1eb275a3e710
1fbf349f4187c45b9db3cf18493a66cc8062c23180ad9202811b1e7deef3b0be
20ba73bd31c1174f4bb0ca95fa30d9953bc20f2f5124305b62b1598955324d12
21bbffbea8d08f72b2622684c1abfef6356beae0ad429571101701736e792a11
236385f55ca213087f5ffd207ba411f6b8be3d100ad827b5fa5d627870459a28
241a46fd048af19c00cd5f4dcaea50a1f55f3670eb08391958d4dac79de8431f
267b44d44ef568e0d7663211a7bf8737b286d82d0dd540b294ec1339ce4550cd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33c7d23170b1c7c9f479019be27cf822bdd9352d821315ec852654ec923cc7a5
35b7a6a64afbf839a296f83d0c6fdd90366f3cb68bf187b14a14a400ea5e3f5d
37fa0aaeeede8433faf6444c9229e12b498f3ff8b7e62f774dc095d4349c0e42
3df21c12cc30ffaee7051dc2a30708bd1b4dbcb1a7ecda761655130633b10319
3f2f7f9b277189f1f0091fd7b7ce4dbc9142f9fec488acdd9a125894337f8691
3f8ba16342f041e0a09453f1d4ce9bd8962a06ecb0d521dd5b71c8e26bd96482
40c0937c1d34358e28a9825afd8588386a40bead44fa1e7d147ecea98cf0d085
40d8f08299fd8535ffa29639b9d2da766a408198896a266c463fdeb144342e9d
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42db1c827cd7bf33e07d8d81857238abf05aebfab909b67bfc0fa288080be0a7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45396b8359112c614d4aab3fcb716deaabc47e477078f675d7bf69f5791c8f53
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bdee25441d23d999ce7010694fcaf06b184e8ed8b21393af67ce1b31d96637e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dd05162afe4eb3d765898d2e9b81cb2691daee479e6b1d30f1e8f212e65af49
50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1
51cedd78bb282a5680c39864d40c404bbb049b02d4fc854adfd4d4f97bb21607
537afa8bd712691e693b0aac7d9efa6574e8d7b1f3947579ee02e7127e873e6b
53845dcb324e0cfd0528d20d6bc39fb58af2750126c0df3feb240b80dc4c896c
558ebce1d2b900ba52e06fc622d589c48f124dd79168903816d1fc7c7fdb3849
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d01b4cf70e0ed0b165975a9593af188e15a6a852639d17505e1caa8f947a5a
5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6
5b99aa4dfb6365b95ec7f7091cf0e039143258fd6427bb196be848546b0b0fd1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c717f6913ff81f2d1c54dd570e26212eea92fe6a43ca52b53c28fa80484de21
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5e9903e27296ef268141ce06123081f59494518457c8124694a55bb1aeef5be7
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633837b5c6b28911c276a3ec74d14808b4919cda54613aeab619530062973c34
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66e23b6ba1e71c6659e7996a465f25d16aff224f3534d4b550671e3f0b3a9ad1
67452257f29300906697a38828f0b94afb9f90434788f1992d5858954502cd14
69fa52163f2919f8779601fb55952724fd3bcc7d023a8aa46a745411549a1f07
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c86261a7108f8b60655740621add6b6c672624b6cf492b1aa6d85a72972cffa
6e07cadd301a175ce4f3d9d3160af811715461acb2050e9a9b057937c76bef06
71382614005bd02120a7bc9a27d77dd2b10a629fd494e4d14182773993685756
7368f0ad139592962f015c33a985f9114e12b422d986707d7986c1fc882b0151
7493bc8f10ecb323c57fb310ad1c1ad920509bacfcaca6bb678b5a47e29fce3b
75fbe3eeea7c0842d1974efb651d5e07c30bb1049f72ca178c2cc6c7b68ee431
762308075b254ce3ff7c4c2561387aeaba35d05bbdede4f29b42b33cd38ab510
7880048fc3a87e5f1e5c724cd30b64c10b095061d165d7595dbd4fdb081a64f7
7947f7ef98f28e9f013b67c652054290168a9f1cea35d6adaf1d9cf94b189fda
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79dc35e12656f226ed10a67726eccd06a5b7513c8687413c3e62d9b898c34eb8
7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7cf15d9418a50b2380c5d25bd6670b15fb72defd881f3e0aeb130198a9d53176
7f15ab3acea377e9099cc65a036b5bc8d21fcb26780f010f70be3e507fef8ed9
826b1c23af12cfeb4bf433addfe82fa96d0f608c2fc336957a979afd674528a5
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8c0847d98ea6317ddbd6e93ef42c85bb6778bd29451cba057cb5ba9a80501bc2
91034096a2642e55a433bb4abeaf3190199d4995a8eb28774afd625b9064dd8e
952a8cc80146284f4c5938946ee0004f5abb583bbffdac34a90308afa524977d
97806b1ab991026f8028e149e626c2429e7675a7abb51291a97bf0798ca73d39
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0a2df12b28aca17d060023903ab7c5809af49a8a5845d3046ad900a04142157
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
a4dd6f056f8b25904142307e2fc6eb8b6b9ba8e7eeb8d3fea15add77aef98e39
a521850a396d7f0d090d0beed72427558eccc10542f4b817bf430450876ce5a2
a5b84ea9b42ee27564554d30e8d2db7e1e500d1a7eb0ab589c4253aaebb29a95
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b285705431162bb9cb45e4a022d4b720fe52af48bcc43fe464eb56e7fa713ab5
b2eb04e300901a3a3cd45287b3dfb91127a5771bd68dfdb86f3b619aecf0ed44
b41318df5dc8958b61e4460dcc848755a144f6d664e58c1b0b1779163d85573f
b4df0af34bb671470996af5c264f78c2f0a351850a608965fd313bca63b971ae
b9bc1ee8c4073eff1f434707eca494f62e1785886881526f58aa7c512a8e8118
ba677be4778620477ac3242a7a992a6fd026f00e4ca3e186974d195578843b12
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bbe4c48e6428e31847ee443fd9cc9445b0c807d144b2d6d2f31f1cbbaf1fb178
bbebeebff6cbc1b28a7777bb74e99f59bbf9fdee4459b013900731f3e75156ed
bc818f3076e76386ebe4f177ca53eb56c9202ca60b7c6f43c4f90bcc93acf2b9
c177fd4a2905b3c84b1287512f9cf2d2064ca951264f04e5c5a4da0fb012b393
c216fe18386ae65e76cf562148c974ecb4135a13ec73e6d0789a63573b00b697
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c8b1e5f0f44d378174dd3dbfdc0273e98be2d7f31ff6464c33176d09a8cdf2d1
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce8c05a7248a3803ffc6d3a871f42b125e2358c700a59e082501d81d5c94400b
d2358cafab2d5c2250af8aa9b7ee9d9834a783f81bc4303a66811da7114275a8
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d68c45e0b73fded64846aaab4cc63091cfe71e4887d856521b4007880da1a619
d963456878b636ec75d6cb61464ba7919c762f42bcb788ba426f86310aca2c2e
d9f6174ede3693c2d9532979043825dc703abfa9b5f3364c49abdecc96af24ac
da80416501065eabe7ea25359a8b8811926d8a212f3ea94b8cd4c55efb7df3c1
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfaa89a4fdeb4182fb62b6f8fdfd670be064c5d2a9152fefcd56bf0dfa4c653b
dff00c0fcfdccce517df71da9f82a4f3c8dd0f8a29f1c8f61f17a2ebde751b14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46cc50f2ffd82147edb852b25c0dada85eb2a46f3b9dc2f8da17a178dfea5c3
e4c9fdab7eea26d7200ede9a5233bb3f10735be58a4f718435e962efa3723757
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e65e14feb4cad3907737e95ed4f953712aa39a74698b4837c5071981439e2b71
e7908986050058038cb2e3d5cd1f2774b8929dd4d34d255c4d2d69596677d7bc
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed4acc46b829b0b6e0742fbab9f3f7102c6e69f6e0f11720aa320905b8c5507a
ee3d97d8e7618dc3fca098d51d9d6b6c604f23f49db9a5a7ef76ed91deff1ee5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f3e732bc8162534e2b55058624bb0d918c31c4f2281a06fdd11c9316c245c201
f40a964762f9dda40267c948eb46f52a0932a9629b57abb0801841af15e0bb35
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f86bb16ebd6a64e23d833fad58856180cb50246b0d35d615142fb88ef8bfcb44
ff97bcaf602dfe77d822148616137565b2006068bf13cfdba06381b36acb7b09

www.offermate.us Open in urlscan Pro 2604:a880:2:d0::867:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

222 Requests

88 %HTTPS

50 %IPv6

28 Domains

50 Subdomains

35 IPs

2 Countries

2517 kBTransfer

6626 kBSize

62 Cookies

5 Outgoing links

Page URL History

Redirected requests

222 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.offermate.us Open in urlscan Pro
2604:a880:2:d0::867:1 Public Scan

Screenshot
Live screenshot

Full Image

222
Requests

88 %
HTTPS

50 %
IPv6

28
Domains

50
Subdomains

35
IPs

2
Countries

2517 kB
Transfer

6626 kB
Size

62
Cookies

222 HTTP transactions
11 data transactions