urlscan.io logo urlscan.io
SecurityTrails logo

mycaoffer.com Open in urlscan Pro
3.144.133.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://mycaoffer.com/evan11946
Submission: On January 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 43 HTTP transactions. The main IP is 3.144.133.217, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is mycaoffer.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 7th 2023. Valid for: a year.
This is the only time mycaoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 3.144.133.217 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 34.96.102.137 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.192.125 16509 (AMAZON-02)
1 18.66.112.100 16509 (AMAZON-02)
3 52.73.161.34 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.54 16509 (AMAZON-02)
43 17
17    3.144.133.217 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-144-133-217.us-east-2.compute.amazonaws.com
mycaoffer.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700:20::681a:36e (United States)

ASN13335 (CLOUDFLARENET, US)
tracker.gaconnector.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
2    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.66.192.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-125.muc50.r.cloudfront.net
static.hotjar.com
1    18.66.112.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-100.fra56.r.cloudfront.net
js.ipredictive.com
3    52.73.161.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-161-34.compute-1.amazonaws.com
ad.ipredictive.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
Apex Domain
Subdomains		 Transfer
17 mycaoffer.com
mycaoffer.com
224 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4707
69 KB
4 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 29469
ad.ipredictive.com — Cisco Umbrella Rank: 8095
4 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1202
script.hotjar.com — Cisco Umbrella Rank: 1735
59 KB
2 gstatic.com
fonts.gstatic.com
66 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
159 KB
2 gaconnector.com
tracker.gaconnector.com — Cisco Umbrella Rank: 145904
4 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 4002
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
252 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2014
243 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1761
14 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1219
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
43 14
Domain Requested by
17 mycaoffer.com mycaoffer.com
6 dev.visualwebsiteoptimizer.com mycaoffer.com
dev.visualwebsiteoptimizer.com
3 ad.ipredictive.com mycaoffer.com
js.ipredictive.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com mycaoffer.com
www.googletagmanager.com
2 tracker.gaconnector.com mycaoffer.com
tracker.gaconnector.com
1 script.hotjar.com static.hotjar.com
1 www.google.de mycaoffer.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 js.ipredictive.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 maxcdn.bootstrapcdn.com mycaoffer.com
1 cdnjs.cloudflare.com mycaoffer.com
1 code.jquery.com mycaoffer.com
1 fonts.googleapis.com mycaoffer.com
43 16

This site contains links to these domains. Also see Links.

Domain
www.mail-opt-out.org
www.netdebt.com
Subject Issuer Validity Valid
mycaoffer.com
Amazon RSA 2048 M01		 2023-02-07 -
2024-03-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2023-07-06 -
2024-07-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mycaoffer.com/evan11946
Frame ID: D2292C0A2231A667EF62F0DD09727EA6
Requests: 42 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=103102&cache_buster=1704687712&url=https%3A%2F%2Fmycaoffer.com%2Fevan11946
Frame ID: 78FD370ED8B2F539EDE5CA07A653EF49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Credit Associates

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

63 %
IPv6

14
Domains

16
Subdomains

17
IPs

3
Countries

632 kB
Transfer

1625 kB
Size

55
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request evan11946
mycaoffer.com/ 		69 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fe68de36e61a7deb09ebf108d74396f34961d695905da6113d48cd0caf63ee1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 08 Jan 2024 04:21:51 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 02:51:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Jan 2024 04:21:52 GMT
style.css
mycaoffer.com/icon-below/css/ 		206 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mycaoffer.com/icon-below/css/style.css?v=1.7
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3258cf8e4f06e2fff8ce20095b36538de06cb361c8c7495c3e7d1f81ef0f64a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
W/"65982861-33630"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
responsive.css
mycaoffer.com/icon-below/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mycaoffer.com/icon-below/css/responsive.css?v=1.7
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b30f5dd7f3bd9cb379e68329d2f3c9f1ff3ed46c63eb467ca7724ec8f0486aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
W/"65982861-19a9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://mycaoffer.com/
Origin
https://mycaoffer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
9783913
x-cache
HIT, HIT
content-length
23856
x-served-by
cache-lga21963-LGA, cache-sof1510031-SOF
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1704687712.203460,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
18, 202854
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://mycaoffer.com/
Origin
https://mycaoffer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
208377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EN%2B35nhMRVoPe4ZVS98XvMBKO4YpI%2BZRstsZKVxPuQLRbp3WkhzY8004vftsjaRfxYM1UsPjMq6pqWhHh%2BEowP55Ccyo7rynFgN19uGe9Zeq7aYtQy4dea1Szk8aRLEbyXaUllRuGfq4285uBaIuN4dn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8421a7f8fab33815-FRA
expires
Sat, 28 Dec 2024 04:21:52 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mycaoffer.com/
Origin
https://mycaoffer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
865
cdn-cachedat
12/21/2023 20:03:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f6143a4e05beb1e54d640712b6f49304
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8421a7f8ff4219af-FRA
cdn-requestpullsuccess
True
gaconnector.js
tracker.gaconnector.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.gaconnector.com/gaconnector.js
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21db6fb0077187167f4c7fe0f684a3056a1ecf6809e5450dc1bc1abe6fa1c8b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbfqJsq8HPo3YkctfAf1vXGAPuaHQSuMgfOhqPb%2BI372K%2B38sSs34BM6Qv%2FZsEZDJi5Dzwr14chiTryHv2t28vJvP8JSbkN2ofr70n8YFBEBkwJtYwzVhZ7UDny1nlctym%2FhA9fVQA6VeIkWDmHviM3OkGj6"}],"group":"cf-nel","max_age":604800}
x-cache
HIT
content-type
text/javascript
cf-ray
8421a7f8fe132bb0-FRA
__CA_logo_600px%202.png
mycaoffer.com/v2/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/__CA_logo_600px%202.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0ef62d06bc1e156b1501d7354008afc600dc8bc52b834847334e07f0255ae192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-67f3"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
26611
x-xss-protection
1; mode=block
_Phone_lightblue%202.png
mycaoffer.com/v2/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/_Phone_lightblue%202.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fb0eb2ee562df550d3ec14bec4141e25f513e3952ae48aae55c40e03d2a96cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-1158"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
4440
x-xss-protection
1; mode=block
mob_photo.png
mycaoffer.com/v2/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/mob_photo.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
43017d748dc6d7a72858e56e59c5ee67f854a2ff7dc699a931000225d4b69ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-197a"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
6522
x-xss-protection
1; mode=block
lock.png
mycaoffer.com/v2/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/lock.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a50de2dfa446bbec8df39a7c2b9f16cf0d3eed773c036de3d8868a32a1663551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-1452"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
5202
x-xss-protection
1; mode=block
cardwhite.png
mycaoffer.com/v2/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/cardwhite.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ff849d65389e7e3047f1af78bac5ee43fd309ff39321cdf9e8d1914c7c596049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-1ec2"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
7874
x-xss-protection
1; mode=block
icon2.png
mycaoffer.com/v2/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/icon2.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cfb4972162cfb53944554d864988365bbab193170dc19fedf6faab4aea693df5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-164f"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
5711
x-xss-protection
1; mode=block
icon3.png
mycaoffer.com/v2/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/icon3.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2556413886de3ca76a20f77475abe0507c7cacfabd243cfaf68195a1f258dc14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-3378"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
13176
x-xss-protection
1; mode=block
ValueProp_Icons_300k_white.png
mycaoffer.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/images/ValueProp_Icons_300k_white.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6baa2c07089e577ae03a350346c0be31b65ecf2066a5ea3d49dbecbd46336b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-244f"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
9295
x-xss-protection
1; mode=block
ValueProp_Icons_15years_white.png
mycaoffer.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/images/ValueProp_Icons_15years_white.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7b06125768c5834de91386c0582a412952b9e6cf33ed1244fafa1d31928bd84f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-2806"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
10246
x-xss-protection
1; mode=block
5star.png
mycaoffer.com/v2/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/5star.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1587548bc344ff788723e3a941410e32f94e6913c98e5dd2ea608fa47bbc3499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-54b7"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
21687
x-xss-protection
1; mode=block
blueright.png
mycaoffer.com/v2/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/blueright.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
64b595aeda92da7c0721e9569ae5cd82b777f9aa1de0f5ae3b41483433d0ec35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-4252"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
16978
x-xss-protection
1; mode=block
headset.png
mycaoffer.com/v2/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/headset.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e48494d60e0896cbfee26023b4fefde17b3149fdb3909a7e277d831d741ebc26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-1bf0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
7152
x-xss-protection
1; mode=block
whitelogo.png
mycaoffer.com/v2/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/v2/images/whitelogo.png
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
fe63c8743fe26c37e8066c4f537c652d71a0d4b8ef80b9acf248daf3802282d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/evan11946
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-49ab"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
18859
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		214 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WB74VKM
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08ea4b5de2874180753537df03a14eb7f12c7b8c255680de2b7a27b791b522cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77694
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Jan 2024 04:21:52 GMT
gaconnector-server.js
tracker.gaconnector.com/ 		461 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.gaconnector.com/gaconnector-server.js?page_url=https%3A%2F%2Fmycaoffer.com%2Fevan11946&referer=
Requested by
Host: tracker.gaconnector.com
URL: https://tracker.gaconnector.com/gaconnector.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7620dc4f49a9027ff53d98ae386167ce6fc7a558816919001b3bed2bfb82fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycI1wUHPJ6rlVsReHGc%2F3aunQ650iDPKXPpNSTgmkNo%2BDBiqei2al9LSeYIlbspuk9Lzk4ss%2BFsCsRE0Ee5EafCzFvLox0lXqVfzy9VVHNYZVFlRt30%2FxzCZMlD5eP5LizlsIv9PG3P1%2BgSBPZL2tV8mvS%2FB"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray
8421a7fa8e9d2bb0-FRA
j.php
dev.visualwebsiteoptimizer.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=808355&u=https%3A%2F%2Fmycaoffer.com%2Fevan11946&vn=2
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
daabc61244295a89141e20f7bfd73f90fe3535477be95f5f92a3a596b32e1a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1704143258_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2022_Q3_PURL_Background_72_Alt.jpg
mycaoffer.com/icon-below/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycaoffer.com/icon-below/images/2022_Q3_PURL_Background_72_Alt.jpg
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/icon-below/css/style.css?v=1.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.133.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-133-217.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
42cd7ba402e97dde4b26f8859646b95fe60995d382e679b431068d44f4b0484e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/icon-below/css/style.css?v=1.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 16:03:45 GMT
server
nginx
etag
"65982861-4ec6"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
20166
x-xss-protection
1; mode=block
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mycaoffer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:34:04 GMT
x-content-type-options
nosniff
age
557268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 17:34:04 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mycaoffer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 23:26:46 GMT
x-content-type-options
nosniff
age
276906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 23:26:46 GMT
va_gq-db1b0efccde4c9db4e501aaf8505fdef.js
dev.visualwebsiteoptimizer.com/edrv/ 		218 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-db1b0efccde4c9db4e501aaf8505fdef.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=808355&u=https%3A%2F%2Fmycaoffer.com%2Fevan11946&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
921e6f26837d0b302016e00891e505dbfd78f223975e3b2d0fb3c7c09a7b4d38

Request headers

Referer
https://mycaoffer.com/
Origin
https://mycaoffer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jan 2024 13:45:22 GMT
server
gfra1
etag
"659807f2-e683"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59011
nc-db1b0efccde4c9db4e501aaf8505fdef.js
dev.visualwebsiteoptimizer.com/edrv/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-db1b0efccde4c9db4e501aaf8505fdef.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=808355&u=https%3A%2F%2Fmycaoffer.com%2Fevan11946&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
d310603e39fcdee9f8b15b8a752558302493b930334c802136c4de86f87fe769

Request headers

Referer
https://mycaoffer.com/
Origin
https://mycaoffer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Jan 2024 13:45:22 GMT
server
gfra1
etag
"659807f2-ad0"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2768
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=808355&d=mycaoffer.com&u=DBC61F77A5730CA83F5FF9BD88BFC7215&h=15910a287e396f7e5086fc1dbfbebbd2&t=false
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
e8570212-0fbf-4241-a48a-d42c4629f2f9
https://mycaoffer.com/ 		809 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mycaoffer.com/e8570212-0fbf-4241-a48a-d42c4629f2f9
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6850c2e811a829304e28ac0ce10435043af8b3a70713c97f45122ba3e2797c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
809
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		238 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PGWSBMS8YT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WB74VKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ebb4d1c36da4b9f463fb6f15b87767012e5cb8a52747c309ddf91b058a0c9147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84604
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 Jan 2024 04:21:52 GMT
hotjar-1672821.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1672821.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WB74VKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-125.muc50.r.cloudfront.net
Software
/
Resource Hash
599e873cd8a4fb5a0867bea71a79ecefd84679c8f9b955fb7511d0d23242539a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/d1f3a5c5b1a7bdb293b603db5fb9530a
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ZtkL3S6XH-79cy0OL-F2Zu2D58gDYowAhpzFbHNgpDeRANfA7KOkpw==
adelphic_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WB74VKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:14:34 GMT
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
459
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
FhioxirBInNanHuAYA7O6MXoowTEbXk2e2dOM86Tq1zYxeWflismIA==
pixel
ad.ipredictive.com/d/rt/ 		631 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=45622&uuid=1876fba5-77a1-4bbb-9e5d-14520fe1d08b&rr=CACHE_BUSTER
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.161.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-161-34.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 08 Jan 2024 04:21:53 GMT
Content-Encoding
gzip
Connection
keep-alive
X-CI-RTID
b475cf63-ad54-4af1-9412-fa95a8731720
Content-Length
479
Content-Type
image/jpeg
pixel
ad.ipredictive.com/d/track/cvt/ 		631 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/cvt/pixel?acct_id=38177&cache_buster=[timestamp]
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.161.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-161-34.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 08 Jan 2024 04:21:53 GMT
Content-Encoding
gzip
Connection
keep-alive
X-CI-RTID
be73b60d-16f7-46bb-a6da-eaa5dfa69bc5
Content-Length
479
Content-Type
image/jpeg
s.gif
dev.visualwebsiteoptimizer.com/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=808355&u=DBC61F77A5730CA83F5FF9BD88BFC7215&s=1704687712&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1704687712696%2C%22tO%22%3A-1%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fmycaoffer.com%2Fevan11946&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1704687712701&v=2cd1c8d79
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 04:21:52 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
collect
region1.analytics.google.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PGWSBMS8YT&gtm=45je4130v9115286111z8846657344&_p=1704687712318&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1350268406.1704687713&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704687712&sct=1&seg=0&dl=https%3A%2F%2Fmycaoffer.com%2Fevan11946&dt=Credit%20Associates&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1257
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PGWSBMS8YT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 04:21:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mycaoffer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PGWSBMS8YT&cid=1350268406.1704687713&gtm=45je4130v9115286111z8846657344&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PGWSBMS8YT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 04:21:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mycaoffer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PGWSBMS8YT&cid=1350268406.1704687713&gtm=45je4130v9115286111z8846657344&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1428432279
Requested by
Host: mycaoffer.com
URL: https://mycaoffer.com/evan11946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 04:21:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=808355&settings_type=1&vn=&eventArch=1&uuid=&ec=524699&exc=2
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-db1b0efccde4c9db4e501aaf8505fdef.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
0c24ac48a0af145a2ac3720868aab55b076e4ee50d8ef7dc90a735ad2664f609

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 04:21:52 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1704143258_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
ad.ipredictive.com/d/track/ Frame 78FD 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=103102&cache_buster=1704687712&url=https%3A%2F%2Fmycaoffer.com%2Fevan11946
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.161.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-161-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mycaoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 08 Jan 2024 04:21:53 GMT
X-CI-RTID
3d74d8f7-2303-4cac-b89d-053991ef8d05
modules.618aa075c4d9b6424e07.js
script.hotjar.com/ 		220 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.618aa075c4d9b6424e07.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1672821.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mycaoffer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 10:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1534306
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55689
last-modified
Thu, 21 Dec 2023 10:09:33 GMT
etag
"6ed2c6300d63320c76677ced187741fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8fKX3a5KuOCK4x4rG9CLniIxTH_8Qmu6dq-BRiN2ln6Oo2CgIluMkg==

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery function| Popper object| bootstrap object| dataLayer object| gaconnector boolean| internal function| setGaconnectorHiddenFields object| code object| _vwo_code number| _vwo_settings_timer number| _vwo_j_e string| _vwo_mt string| _vwo_tm string| _vwo_cookieDomain string| _vwo_surveyAssetsBaseUrl object| VWO number| _vwo_acc_id object| vwo_iehack_queue undefined| _vwo_clicks object| VWOOmni object| mainThread number| _vwo_library_timer string| _vis_opt_lib string| valueName string| fc_valueName object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| JSONStringify object| _vwo_evq function| _vwo_ev object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vis_opt_queue object| fetcher function| _removeVwoGlobalStyle function| vwo_$ object| functionWrapper string| _vwo_server_url function| _vwo_s object| _vwo_exp string| _vwo_uuid function| _vis_opt_goal_conversion function| _vis_opt_register_conversion function| _vis_opt_revenue_conversion function| _vis_opt_createCookie function| _vis_opt_readCookie function| _vis_opt_element_loaded boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_surveySettings object| gaGlobal object| _vwo_exp_ids object| _vwo_pa string| pushcrewHash function| AdelphicUniversalPixel object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules boolean| vwo_libExecuted

55 Cookies

Domain/Path Name / Value
mycaoffer.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImNBWGZXcTI4QWZCd0tBS0FpTmdLUUE9PSIsInZhbHVlIjoiSkJ5dmhpVGJMZ3YwVDBwOVZraldwaWozdGQ0SUxtVmliaWt0K005OFdncXRBRWl2OEZVUTMzcXpCZ0ttcHlyQ1Q3bC8xcytDN1JYbUs3RW92Y2IvMWd6RHhFNnJvVFhQc3E0dFpQOFJBTG5ld3EyU2p3NUNIbVR3Wkh4Q056WW4iLCJtYWMiOiJkMjc1ZTVkNDZhNTA4ZTJiOGY1ZjYyOWI5MTVlZGIyNGE3MjI2NTdhOGRhNTE4MzMzODcwNjE2ZDAwYzM4NmJlIiwidGFnIjoiIn0%3D
mycaoffer.com/ Name: creditassociates_session
Value: eyJpdiI6IlYzd1Q4Y0NaYjgvbVBHTGFscDIwU1E9PSIsInZhbHVlIjoiMUhCZFBzRkJUak41ODd6YXpQL0xwR3RSeXUxWHl2Z3BTcXdsZDB6T2hiYkM1Q0xlVnEwR3BvalBOV0xTdjhPdlFRdURIejErb3JzR1BKc1dYdmpoZStUMVlWSXY5Z3Q1NlVxUzlNclhJV0pJSytHdjFLeFhudVJXek5pbDE1Q2wiLCJtYWMiOiI4ZWEyZjIzOWFhMjg3NTE1ODU1NzAwMDYzZThkMDA5MWNkMjYxOWQwMDI5ZjZjMmEzZGVhNjExZjIyOTc3ZTQ4IiwidGFnIjoiIn0%3D
mycaoffer.com/ Name: viant
Value: eyJpdiI6IjVNUmR6N3BvM2VhbCtwb2c3R052RkE9PSIsInZhbHVlIjoiVFhya3FHRUZkcVhYVk9XSTUvZFU1dytuSnFGcy9SNDZyaHpGSFFTaHhBVGFrdGpVOFVyV2Y1dlZNUWdwY3VqaWFYckxQT3IvRFg0RWJXTkpTczlnaWc9PSIsIm1hYyI6ImM2ZmIyMGE5MWM4ZGZmOGM4NzZlZGI2YmVhNTQ1NWM5MjAzMjRkOWNjNzUxY2Y0YjIxMTFiZjNhNTA1ZjhiYmIiLCJ0YWciOiIifQ%3D%3D
mycaoffer.com/ Name: mr-uuid
Value: eyJpdiI6IkNXVit1c1dJa1F3a1lkOUt3aFFaRVE9PSIsInZhbHVlIjoiL2FVTjFWUWxTQXQrRXJXWjZhNXlpK0ZoMEttL3VxTHpiNWRTeEVQK2tKUGx2NDFEblkvVk5leC9qdHpQdVpoNkVoTHVoR3phWVFpSmh3NzcrUk1CbEpIRkhlNC9IQlNQMkc2dFJRT242WU09IiwibWFjIjoiNzg1OGQ1NGNhN2VhMmQ0MWQ2MjZhZWM3NjhkNTJmMWJlNzA4YTJkY2ExMTZjZWI5NWE1ZjNiZjZjNDhhYWYyNiIsInRhZyI6IiJ9
mycaoffer.com/ Name: 9WvAHTDKDuZjYMJkweiYp0M4hgHH6adzYQ0BDOwb
Value: eyJpdiI6IkFZaHdUMTNoQVc3TSswZlNpZXRpb0E9PSIsInZhbHVlIjoicTd1eWVmTzZPVVRUbGZ6Y05oZ2dyRFRHcDJmRnk0ZjhldkxqUU5jaHN2bENnMXp2bmxlU3MzcWtiQUVxRnZqK0Ixa2pac1JhVHErZ3NMNk91U2doNGt3a1RCU1VENWtLRy9VV1lHTGNzTkdKWmMzb2pma3dkbFlZbWd0TzZHNldMMG9pdDZrMzlhdDA1MDF3L01FTUZRZ3N6MUFWVnFwYWlaUG15ZGUzWlBkQ2ZicHhkQ055cVJtNzNnbHR0Q3RKdDBId3JTZGVFTzZwWU1MZmRQRDlYbVdsV2xjWlZTeHdWaTYrbmV3ZWxmNVRWMTBHSURxd0NndDVSUTNuT2l2aDdDeElHM2pBUTBLZ0t1eUpYZlZOK1Jqa0FKSjJIdWRsanEzR2hkWjM5OGdJL3FjNTBOOW5nMW10R2VkZWpWc0t6ZVlQVk4wL0JBQXJrUGRoQUdMajZyVDR3R1RreGhNZERoK01xbCs2N3ZDT2NOK2hPUnhGNjFFTVlaaVZmMW5EK0Y0azZGRHdjOHlmY2oyRXRTeE5zUDhCOWFlUWRkV1kwNTNLRWw5citqQT0iLCJtYWMiOiJlNWU3NTJhY2ZjZDVjOWZhYWRkMTVkNGIwMzM1ZWU4MzIzN2RkYTljMWY3MjE1NjBiZGRmOTIyMjU0NTIzYWJlIiwidGFnIjoiIn0%3D
.mycaoffer.com/ Name: gaconnector_pages_visited_list
Value: /evan11946
.mycaoffer.com/ Name: gaconnector_page_visits
Value: 1
.mycaoffer.com/ Name: _vwo_uuid_v2
Value: DBC61F77A5730CA83F5FF9BD88BFC7215|15910a287e396f7e5086fc1dbfbebbd2
.mycaoffer.com/ Name: gaconnector_gclid
Value:
.mycaoffer.com/ Name: gaconnector_fc_source
Value: (direct)
.mycaoffer.com/ Name: gaconnector_lc_source
Value: (direct)
.mycaoffer.com/ Name: gaconnector_fc_medium
Value: (none)
.mycaoffer.com/ Name: gaconnector_lc_medium
Value: (none)
.mycaoffer.com/ Name: gaconnector_fc_campaign
Value: (direct)
.mycaoffer.com/ Name: gaconnector_lc_campaign
Value: (direct)
.mycaoffer.com/ Name: gaconnector_fc_term
Value: (not set)
.mycaoffer.com/ Name: gaconnector_lc_term
Value: (not set)
.mycaoffer.com/ Name: gaconnector_fc_content
Value: (not set)
.mycaoffer.com/ Name: gaconnector_lc_content
Value: (not set)
.mycaoffer.com/ Name: gaconnector_fc_landing
Value: https://mycaoffer.com/evan11946
.mycaoffer.com/ Name: gaconnector_lc_landing
Value: https://mycaoffer.com/evan11946
.mycaoffer.com/ Name: gaconnector_fc_referrer
Value: (not set)
.mycaoffer.com/ Name: gaconnector_lc_referrer
Value: (not set)
.mycaoffer.com/ Name: gaconnector_fc_channel
Value: Direct
.mycaoffer.com/ Name: gaconnector_lc_channel
Value: Direct
.mycaoffer.com/ Name: gaconnector_ip_address
Value: -
.mycaoffer.com/ Name: gaconnector_OS
Value: Windows 10
.mycaoffer.com/ Name: gaconnector_device
Value: desktop
.mycaoffer.com/ Name: gaconnector_browser
Value: Chrome 120.0.6099.129
.mycaoffer.com/ Name: gaconnector_city
Value:
.mycaoffer.com/ Name: gaconnector_country
Value: Germany
.mycaoffer.com/ Name: gaconnector_country_code
Value: DE
.mycaoffer.com/ Name: gaconnector_region
Value:
.mycaoffer.com/ Name: gaconnector_time_zone
Value: Europe/Berlin
.mycaoffer.com/ Name: gaconnector_latitude
Value: 51.2993
.mycaoffer.com/ Name: gaconnector_longitude
Value: 9.491
.mycaoffer.com/ Name: gaconnector_all_traffic_sources
Value: (direct)/(none)
.mycaoffer.com/ Name: _vwo_uuid
Value: DBC61F77A5730CA83F5FF9BD88BFC7215
.mycaoffer.com/ Name: _vwo_ds
Value: 3%241704687712%3A14.51833475%3A%3A
.mycaoffer.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.mycaoffer.com/ Name: _ga_PGWSBMS8YT
Value: GS1.1.1704687712.1.0.1704687712.60.0.0
.mycaoffer.com/ Name: _ga
Value: GA1.1.1350268406.1704687713
.mycaoffer.com/ Name: _vis_opt_s
Value: 1%7C
.mycaoffer.com/ Name: _vis_opt_test_cookie
Value: 1
.mycaoffer.com/ Name: gaconnector_GA_Client_ID
Value: 1350268406.1704687713
.mycaoffer.com/ Name: gaconnector_GA_Session_ID
Value: 1704687712
.mycaoffer.com/ Name: _hjSessionUser_1672821
Value: eyJpZCI6ImFhNWE2ZjU4LTFlOWYtNWQ4Ny1hOTM0LTJjZjJjN2I2YjhkZiIsImNyZWF0ZWQiOjE3MDQ2ODc3MTI5OTgsImV4aXN0aW5nIjpmYWxzZX0=
.mycaoffer.com/ Name: _hjFirstSeen
Value: 1
.mycaoffer.com/ Name: _hjIncludedInSessionSample_1672821
Value: 0
.mycaoffer.com/ Name: _hjSession_1672821
Value: eyJpZCI6IjAwM2YyNWI1LWFjNjUtNGJjZi04NWY2LWQzZjA3ZTAzYmNmOCIsImMiOjE3MDQ2ODc3MTI5OTksInMiOjAsInIiOjAsInNiIjowfQ==
.mycaoffer.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.ipredictive.com/ Name: ci_rtc
Value: _uts=1704687713
.ipredictive.com/ Name: cu
Value: 5adebc0d-4015-4c19-bf92-75244bdeef81|1704687713166
.mycaoffer.com/ Name: gaconnector_GA_Measurement_ID
Value: G-PGWSBMS8YT
.mycaoffer.com/ Name: gaconnector_time_passed
Value: 4001

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ipredictive.com
cdnjs.cloudflare.com
code.jquery.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
js.ipredictive.com
maxcdn.bootstrapcdn.com
mycaoffer.com
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tracker.gaconnector.com
www.google.de
www.googletagmanager.com
13.32.27.54
18.66.112.100
18.66.192.125
2001:4860:4802:34::36
2606:4700:20::681a:36e
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9b
2a04:4e42:200::649
3.144.133.217
34.96.102.137
52.73.161.34
08ea4b5de2874180753537df03a14eb7f12c7b8c255680de2b7a27b791b522cd
0c24ac48a0af145a2ac3720868aab55b076e4ee50d8ef7dc90a735ad2664f609
0ef62d06bc1e156b1501d7354008afc600dc8bc52b834847334e07f0255ae192
1587548bc344ff788723e3a941410e32f94e6913c98e5dd2ea608fa47bbc3499
21db6fb0077187167f4c7fe0f684a3056a1ecf6809e5450dc1bc1abe6fa1c8b4
2556413886de3ca76a20f77475abe0507c7cacfabd243cfaf68195a1f258dc14
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
3258cf8e4f06e2fff8ce20095b36538de06cb361c8c7495c3e7d1f81ef0f64a3
42cd7ba402e97dde4b26f8859646b95fe60995d382e679b431068d44f4b0484e
43017d748dc6d7a72858e56e59c5ee67f854a2ff7dc699a931000225d4b69ebb
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
599e873cd8a4fb5a0867bea71a79ecefd84679c8f9b955fb7511d0d23242539a
64b595aeda92da7c0721e9569ae5cd82b777f9aa1de0f5ae3b41483433d0ec35
6850c2e811a829304e28ac0ce10435043af8b3a70713c97f45122ba3e2797c86
6baa2c07089e577ae03a350346c0be31b65ecf2066a5ea3d49dbecbd46336b59
7b06125768c5834de91386c0582a412952b9e6cf33ed1244fafa1d31928bd84f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
921e6f26837d0b302016e00891e505dbfd78f223975e3b2d0fb3c7c09a7b4d38
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a50de2dfa446bbec8df39a7c2b9f16cf0d3eed773c036de3d8868a32a1663551
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
b30f5dd7f3bd9cb379e68329d2f3c9f1ff3ed46c63eb467ca7724ec8f0486aec
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cfb4972162cfb53944554d864988365bbab193170dc19fedf6faab4aea693df5
d310603e39fcdee9f8b15b8a752558302493b930334c802136c4de86f87fe769
d7620dc4f49a9027ff53d98ae386167ce6fc7a558816919001b3bed2bfb82fcd
daabc61244295a89141e20f7bfd73f90fe3535477be95f5f92a3a596b32e1a63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48494d60e0896cbfee26023b4fefde17b3149fdb3909a7e277d831d741ebc26
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ebb4d1c36da4b9f463fb6f15b87767012e5cb8a52747c309ddf91b058a0c9147
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb0eb2ee562df550d3ec14bec4141e25f513e3952ae48aae55c40e03d2a96cbd
fe63c8743fe26c37e8066c4f537c652d71a0d4b8ef80b9acf248daf3802282d0
fe68de36e61a7deb09ebf108d74396f34961d695905da6113d48cd0caf63ee1d
ff849d65389e7e3047f1af78bac5ee43fd309ff39321cdf9e8d1914c7c596049
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277