www.offersfx.com Open in urlscan Pro
2606:4700:3031::6815:26fc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xtrade.com/
Effective URL:
https://www.offersfx.com/
Submission: On January 10 via manual (January 10th 2022, 2:54:00 pm UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3031::6815:26fc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.offersfx.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 7th 2021. Valid for: a year.

This is the only time www.offersfx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:9489	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.111.236.214 104.111.236.214	16625 (AKAMAI-AS) (AKAMAI-AS)
35	2606:4700:303... 2606:4700:3031::6815:26fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4 8	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.66 142.250.181.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:401... 2a00:1450:4019:802::2002	15169 (GOOGLE) (GOOGLE)
72	16

1 2606:4700:3032::ac43:9489 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xtrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.236.214 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-236-214.deploy.static.akamaitechnologies.com

www.xtrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:3031::6815:26fc (United States)

ASN13335 (CLOUDFLARENET, US)

www.offersfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.offersfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:7aaf (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fjr04s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

offersfx.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4019:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	offersfx.com www.offersfx.com static.offersfx.com	2 MB
11	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1848 ekr.zdassets.com — Cisco Umbrella Rank: 2062	401 KB
8	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 829	109 KB
4	zendesk.com offersfx.zendesk.com	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	167 KB
2	google.se www.google.se — Cisco Umbrella Rank: 22577	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 8	565 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	2 KB
2	xtrade.com 2 redirects xtrade.com — Cisco Umbrella Rank: 529348 www.xtrade.com	809 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 97	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	43 KB
72	14

	Domain	Requested by
27	static.offersfx.com	www.offersfx.com static.offersfx.com
10	static.zdassets.com	www.offersfx.com static.zdassets.com
8	unpkg.com	4 redirects www.offersfx.com
8	www.offersfx.com	www.offersfx.com static.offersfx.com
4	offersfx.zendesk.com	static.zdassets.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	www.offersfx.com www.googletagmanager.com
2	www.google.se	www.offersfx.com
2	www.google.com	www.offersfx.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	ekr.zdassets.com	static.zdassets.com
1	fonts.googleapis.com	www.offersfx.com
1	cdnjs.cloudflare.com	www.offersfx.com
1	www.xtrade.com	1 redirects
1	xtrade.com	1 redirects
72	18

This site contains links to these domains. Also see Links.

Domain
static.offersfx.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-07` - `2022-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
offersfx.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.offersfx.com/
Frame ID: C0A572F79A298F8A01402ED1FC47E598
Requests: 61 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js
Frame ID: 9BC3E276E556F0F2EB06DCDBADED3517
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Forex Trading and CFD Trading - OffersFX

Page URL History Show full URLs

http://xtrade.com/ HTTP 301
https://www.xtrade.com/ HTTP 301
https://www.offersfx.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

72
Requests

94 %
HTTPS

71 %
IPv6

14
Domains

18
Subdomains

16
IPs

5
Countries

2382 kB
Transfer

5887 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://static.offersfx.com/documents/risk-disclosure.pdf
Title: here

Search URL Search Domain Scan URL

URL: https://static.offersfx.com/documents/terms-and-conditions.pdf
Title: Client Agreement

Search URL Search Domain Scan URL

URL: https://static.offersfx.com/documents/privacy-policy.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://static.offersfx.com/documents/cookies-policy.pdf
Title: Cookies Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xtrade.com/ HTTP 301
https://www.xtrade.com/ HTTP 301
https://www.offersfx.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/swiper/swiper-bundle.css HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.css

Request Chain 4

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Request Chain 9

https://unpkg.com/swiper/swiper-bundle.js HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.js

Request Chain 10

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js

72 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.offersfx.com/
Redirect Chain

http://xtrade.com/
https://www.xtrade.com/
https://www.offersfx.com/

72 KB
14 KB

523ms
449ms

Document
text/html

2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offersfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d73f625dec571121d22cc566901fcce687258d82a20140a26b1af2c47d10f7c4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 30 Dec 2021 16:00:57 GMT
vary: Accept-Encoding
x-ua-compatible: IE=Edge,chrome=1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bwuofsTl2ptuaRPuzZnOhtGrmWlzhvERav%2BxYwJ2tZECtL7EOiGkvXetfLLoR7CiUqNgqTJIhP73%2FGz9HKrYimF7REJHHfYAWxEK0vOOuNNZ8hOgHBHIZykL%2Fb4yxwnI7xzIiuJmf6jxfBTm51t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cb6bcc49832406c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://www.offersfx.com/
date: Mon, 10 Jan 2022 14:53:52 GMT

GET
H2 200 core.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/ 232 KB
43 KB 69ms
27ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2748046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42723
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-3a1e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGhEV50Wk2Fyl5BqckMn%2B2CnaexPUBGUkzr7MUOeRwC71fBnFvazeEwZd8YfQlREsN0ER5iSbl1Y9v%2FBQw%2Fd%2FTxPWi7sIVXs%2Fkm7qYMvLz6f0QuDrGWxUxBMOD8Nk5kpVx7IaKiutlLj9gdf9Z2NrQsW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb6bcc7cde14eda-FRA
expires: Sat, 31 Dec 2022 14:53:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 66ms
24ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

451575204ff8e8fb6a42a669185d8480a461132285ebf960c9368513f910457f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 14:34:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 Jan 2022 14:53:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jan 2022 14:53:53 GMT

GET
H2 200 all.min.css
static.offersfx.com/styles/ 634 KB
103 KB 736ms
710ms Stylesheet
text/css 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.offersfx.com/styles/all.min.css?27348000
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf770b50de7fae30e1e9eb18b543227095c1805045c6f9e5cd5a10474f9f8bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Dec 2021 16:01:02 GMT
server: cloudflare
etag: W/"9e68f-5d45f293baa58-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSZv%2FnMBr2Kvr4Agr7R3GkGxW33LXEDu893rlGIW3Fz76P%2FjQ2B3ntuXYy7pBy%2FO0%2BM2wFQ9XXL2FIAhn1MOapnSf3%2Bjf%2B1eALBDVwrUTw9jk0o2NO2Eedbvr43vIKqUZqH2NTirff49%2F%2BfIVKW0NogN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcc7bd75406c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

swiper-bundle.css
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.css
https://unpkg.com/swiper@7.4.1/swiper-bundle.css

18 KB
5 KB

72ms
72ms

Stylesheet
text/css

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.css

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc929983decee1acd675cc4ad2806328cb44dff05dd7e75ae6826d389a67b9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1481055
fly-request-id: 01FQP387CPFRYNCNWZR97PSNF8
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4772-5S+Ww9TsM4+6AJkz3w3G4qZeCFk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6cb6bcc7ff957057-FRA

Redirect headers

date: Mon, 10 Jan 2022 14:53:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FS27DXJ3G2P9JHPJQ456XMFF
server: cloudflare
age: 279
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.4.1/swiper-bundle.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cb6bcc7be427057-FRA
access-control-allow-origin: *

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

15 KB
4 KB

34ms
34ms

Stylesheet
text/css

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 338974
fly-request-id: 01FRR4DRPZB9WM8HMNCHND98E2
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-5Koe10fACH1gYqRziowpfORPwas"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6cb6bcc85ffc7057-FRA

Redirect headers

date: Mon, 10 Jan 2022 14:53:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FS278133YP9BXTQCYP5G76C8
server: cloudflare
age: 472
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.4.1/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cb6bcc7be477057-FRA
access-control-allow-origin: *

GET
H2 200 gdpr.min.js Show response
static.offersfx.com/scripts/ 1 KB
910 B 480ms
454ms Script
application/javascript 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.offersfx.com/scripts/gdpr.min.js?27348000
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e9a4870ea6e66c88ea00fd73f052cde0d2ed1cd6adea3d6edb931e857d18d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Dec 2021 16:01:25 GMT
server: cloudflare
etag: W/"47b-5d45f2a9d8830-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfYIXPlsTTzmChlk%2FXEFaAIVzwxxW2bYKsn2wPCSsgzkUZxteAhpPQZgYUen56nh%2FH%2Bq0bDJO3D7Lz01Zcoqllqs9Rts23s8z5WhO0YGFsUePGy469b3TO%2B0hiQMqzOrqOpW6M9BxRHznByjXaSRY69D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcc7bd79406c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 all.min.js Show response
static.offersfx.com/scripts/ 885 KB
233 KB 789ms
763ms Script
application/javascript 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.offersfx.com/scripts/all.min.js?27348000
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de52f0601f452f9894d4291380ee4f98cbf5d9e48843546134e7468576e19757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 30 Dec 2021 16:01:25 GMT
server: cloudflare
etag: W/"dd26b-5d45f2a9cebef-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6FUYxcuvXeK6mlHTW3aYZPpgSTptUp7LgQ8URphUntqfe9v3gu16dUmJB3bOkGbtH8tkbJ1mjq0GflDKPLptPvCEhZ4IgL7FrjjmgawxFnNYmHDvpYNCsuqJUlQRJoWflUWeNE1XfbgSja3m1a%2BAaVJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcc7bd77406c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hp-all.min.js Show response
static.offersfx.com/scripts/ 2 KB
1 KB 473ms
448ms Script
application/javascript 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.offersfx.com/scripts/hp-all.min.js?27348000
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6b738d5151e92857353686079a2f1b40d8b89dc11b1063234ef51cbc6bea28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 30 Dec 2021 16:01:37 GMT
server: cloudflare
etag: W/"819-5d45f2b53d810-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K33IWltkA9qaa3Hr5X6FkgKgwzM5oa%2BYRTfYHgnQj7lyP8A49%2BOZvIFbDKX89IA9cJ%2BsRWhEt65LvkiK8mABNb7ZCxHnPjtDnYShoP8fO1j1T9q90KIX4Mbz02wCvzba9InPNTsE17MfQBpNFcQxHwIW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcc7bd7a406c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 89ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=04419f69-36a3-4720-96a3-2bc7619fcedf

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: T1VS11XZ26F7EXE5
x-amz-id-2: hmvETnKs833+aUP9MMiEkWLXyXr/38qsqelGFVTLs0Qkkz/tK6O61FJiN6fkQ086hwvwQ59YppA=
last-modified: Sun, 09 Jan 2022 23:14:59 GMT
server: cloudflare
etag: W/"301f9083ec60c9321ec7789c905c3232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjodSSbi4UHqzaBLnehgZQEBFfkOXh15%2FnJCDK5hKatWRMWnh1%2BalpdWKhqNwD56vvCmfXRVPU9mgMmWELBm39fygAo6H5sm84ZG4joKhxIiCiQi48EZBDRwGL6oUHaNYDh%2BcP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: oV93LKh3GEBdpA7a6pYv5Alew2GE593j
cf-ray: 6cb6bcc7d81e42f1-FRA

GET
H2

200

swiper-bundle.js Show response
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.js
https://unpkg.com/swiper@7.4.1/swiper-bundle.js

313 KB
61 KB

47ms
46ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.js

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b71e9fcc0b2930582280e26c8002ad858d9d8cfb38aa0da0d814e3f1c444004d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1480874
fly-request-id: 01FQP3DQV82F19M4RQTMR2PFR1
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4e513-coaN4eETat6BwEeI/iP/Ql+IWlk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6cb6bcc7ff9b7057-FRA

Redirect headers

date: Mon, 10 Jan 2022 14:53:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FS27D2SN40314E1JHAZR6FQV
server: cloudflare
age: 307
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.4.1/swiper-bundle.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cb6bcc7be487057-FRA
access-control-allow-origin: *

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js

133 KB
38 KB

90ms
90ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1481099
fly-request-id: 01FQP36W9STC0BGS6P94044JBH
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6cb6bcc7ff987057-FRA

Redirect headers

date: Mon, 10 Jan 2022 14:53:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FS27HF189G4TBDJDED6CTHBQ
server: cloudflare
age: 163
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.4.1/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cb6bcc7be497057-FRA
access-control-allow-origin: *

GET
H3 200 phone-hp.png
static.offersfx.com/site-images/ 248 KB
249 KB 32ms
32ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/phone-hp.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77d2151fa05915888da11d86edeb30ae7cbc1b8cce820328756517f6629642c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 254418
last-modified: Thu, 30 Dec 2021 16:02:20 GMT
server: cloudflare
etag: "3e1d2-5d45f2de66d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jL7iZAmDznJh3Krl98fLEo9H260fCs6E0eWpGjivmpkZt0RtafxWyMnJYTclIB1sCMZm%2FIhUkZVfCbZG9bsYaQT66igSpbuPWsuKvkno3c%2B%2F2ibhgKgqstEH1MTqj0nOEWuYjjnAN8O2SU7iH5XqrPtk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bccc99f54eb0-FRA

GET
H3 404 platforms_mobile.png
static.offersfx.com/site-images/ 0
0 481ms
480ms Image
text/html 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/platforms_mobile.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 platforms_ipad.png
static.offersfx.com/site-images/ 161 KB
162 KB 26ms
25ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/platforms_ipad.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff5f1909a7bddfca2bf62d38a86e434a2481c3398e5db69d138bb29796f4192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 164848
last-modified: Thu, 30 Dec 2021 16:00:41 GMT
server: cloudflare
etag: "283f0-5d45f28046aa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUHfp4xokq37T7Widg%2FTzAzoJt2Endr9GLnvUEYmPVMwiKX7OymttYs9M6N%2Fcbpoqbmpj9YzsBtq9lAiaCLf0d5oefqWg5yw7TakLniOwvzbdIqwc78n2iK8LFaRNRs5GHnBv%2F81Chd2zFDD2pKfT7U4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd488f04eb0-FRA

GET
H3 200 icon-phone.png
static.offersfx.com/site-images/ 1 KB
2 KB 24ms
23ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/icon-phone.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa9a089e5ddbe1c2a80daceef2e3f59d4c6546a53f0507342fa23bd03fcddf70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3917
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1398
last-modified: Thu, 30 Dec 2021 16:00:41 GMT
server: cloudflare
etag: "576-5d45f2801e237"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLzMp2qPPGgVq9FXgeUzGIojt9F4X95j4CwnzEYifGpviLUyM0vfql1lP%2FyiYSyjuyVwynXxjfUvuDrMaRa96dQUCVfhOejSt9X04coFdCChDgjaK0Bunzj4n8SkyF9ymQZwf9wfuPJDFxK7W6fJSla7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd488f24eb0-FRA

GET
H3 200 icon-mail.png
static.offersfx.com/site-images/ 1 KB
2 KB 42ms
41ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/icon-mail.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe79b4377dc7efb56831bed23647f7efc42086822fc31a9be513280389b7417f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1313
last-modified: Thu, 30 Dec 2021 16:00:41 GMT
server: cloudflare
etag: "521-5d45f2801e237"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WSvkq8akPWZpBdbMLqmTkHa9gGOkiUu%2FKuL3TuLqMV0nenkfMX2npML3PEOpOw65MbEOjGpHgQ6pEUHAxAXQc3PCEqsyHB%2BOfdyq3BpIllAFqsfLBIkNTKbublCCoTqHSks8WwHJey0UUHBEGD1%2FeXO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd488f54eb0-FRA

GET
H2 200 email-decode.min.js Show response
www.offersfx.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 41ms
40ms Script
application/javascript 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offersfx.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Jan 2022 15:17:54 GMT
server: cloudflare
etag: W/"61d5b6a2-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGpPnYCti8eO4obOwJ11ER0OwoIcKrpehpRoeJQ7JLt%2FWdBVSs7iK%2Fs6t9gDANp1P5yHRPjASRIH533TELqUrnx9BzfaYOd9eLUBobQbWEMy4AEl4kCNNl5UXuwvL8juX6cXvoSMbyy421mwduTC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bccc6cd1406c-LHR
vary: Accept-Encoding
expires: Wed, 12 Jan 2022 14:53:53 GMT

GET
H3 200 apple-store-new.png
static.offersfx.com/site-images/ 3 KB
3 KB 42ms
42ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/apple-store-new.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a773647bbd0d7c8ca2fedb4d2f61bafb7fd466ab35e611b16fe4cd4b954903cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2864
last-modified: Thu, 30 Dec 2021 16:00:38 GMT
server: cloudflare
etag: "b30-5d45f27ce9180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XC5Pe837kiHijaI2nGiNPugMoet11%2BUJfy2jlhMXEmNSvm%2BfjA%2B4q5VAT0mLBi7wAov6ezTZ%2B8Fb%2B0lseyGIgFrGzv65zn41IzQ2wjgqY9yC9ggAKhMp4vQ6VMJMVZ9Qp5%2BRuxk%2FAxZAiOb7Whm%2BO9wo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd488f64eb0-FRA

GET
H3 200 google-store-new.png
static.offersfx.com/site-images/ 3 KB
3 KB 43ms
42ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/google-store-new.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236ef5ebba7b79aba4700f0a9d17b132050bee31316246eb813b06f291fc66aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3914
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2841
last-modified: Thu, 30 Dec 2021 16:02:20 GMT
server: cloudflare
etag: "b19-5d45f2de47925"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6nkXtCUcomzIEWymDL9S2ovzvjvLXJxrfLm7deWnxjuUMPC9jFXtCKkeA2JeGfjiyp%2FOFBAJfVHKE92C8w0CyGP8o7daRDN9%2FqdtRg05t%2FYKnw3rxjTo7hei3G60TyGOwaPhgsC8N6fA1%2FoHWL%2BnZIh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd488f94eb0-FRA

GET
H3 200 gears.gif
static.offersfx.com/site-images/ 15 KB
15 KB 43ms
42ms Image
image/gif 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/gears.gif
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb66e81f07a1a6ff47ed88eb3857a8ab2bb7517f48dd3f313264feddd243f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3914
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15233
last-modified: Thu, 30 Dec 2021 16:02:20 GMT
server: cloudflare
etag: "3b81-5d45f2de47155"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx051jAbS4p0VzRK7IXbKM20%2FNxIoXAmhxY4vE%2FTYg8H%2FXzJA9c4fVlS1fmsYAizlWmaonoWkfQBvOr%2Fq3iuwk4riM1nOs2gIRJJzLrmHfipFiiQWFyIt516fADpn5hSK%2B6cT88Vkdh5o%2FyAdh5vXDX9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd488fb4eb0-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
67 KB 78ms
31ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W6VBW3D

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

215972371b287dab9c0f14f1c53fc0efe7680bc4f7b66732aeed59b54b65b031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67817
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 14:53:55 GMT

GET
H3 200 userRegulation Show response
www.offersfx.com/mxt/ 784 B
1 KB 1160ms
1160ms XHR
application/json 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offersfx.com/mxt/userRegulation?_=1641826434080
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/scripts/all.min.js?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bbd9a9c55655b30b1714b32cd65e852ae2c65ea3c956fa5c7c9e086ea5de05a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.offersfx.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible: IE=Edge,chrome=1
pragma: no-cache
server: cloudflare
etag: W/"310-F5qgiFuSGb0141Kje1VAwID1iCk-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fROqkG5HbIJIp%2FfMrrY%2BjHev1nCataoGxDOC%2BEyfUI4vEoKqoGrYmzfXG5ifv72Sf2IhI7Y8gnzmGbITKIXpbUQLZPZGRkpdMmayJmQnZ4vuAnsMH6zePh7f69akKtw5qV5LB63b54b2X%2F75hXbm"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 6cb6bccd2b144eb0-FRA
expires: -1

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 main_logo.svg
static.offersfx.com/site-images/ 5 KB
3 KB 36ms
35ms Image
image/svg+xml 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/main_logo.svg
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0beab3036c0759bef75b1f98f027ad0ad21c6ffd9917622385f5b04dc764e080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Dec 2021 16:02:20 GMT
server: cloudflare
age: 3712
etag: W/"15b6-5d45f2de5c149"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNFqDx5HZJdTJQ0RX%2BAbRZpn7JkR2hCjiVgDfZVoVeZlcIqrGv5yNArjrr5WbdlK9VE13mM5egKUjHbVFddF6cyMWVWSqcfkvSRD9BNSZiYjK90bvFlcKn4XfBUKydbPHJ72zu574NkRrcmXzfoWiIgC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcd489144eb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 60ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offersfx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 01:54:06 GMT
x-content-type-options: nosniff
age: 478789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 01:54:06 GMT

GET
H3 200 bg_main.jpg
static.offersfx.com/site-images/ 15 KB
15 KB 34ms
33ms Image
image/jpeg 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/bg_main.jpg
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd26c14e2b317bfd6609103cd3402f26bd80e3e120f4bd99d1e5c931f70223d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14983
last-modified: Thu, 30 Dec 2021 16:00:38 GMT
server: cloudflare
etag: "3a87-5d45f27ced3e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNoSveWXi9u3uv%2FWxCaVTc0QXeQxg7vECK%2FzADHzwEr%2FBiUlF8u%2BJm47zSFAtT51U7%2BGZCM2Q7mSSyxQdG53d7C8DdJciYusaw%2BYUa0Rmd5G9wRfDJtDuJfP6YPNJYyNKEIXeYxLXHfbymEKFdbprWxv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd499254eb0-FRA

GET
H3 404 arrow.png
static.offersfx.com/site-images/ 0
0 532ms
532ms Image
text/html 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/arrow.png
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 404 icon_1_block.png
www.offersfx.com/wp-content/uploads/ 54 KB
54 KB 670ms
670ms Image
text/html 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offersfx.com/wp-content/uploads/icon_1_block.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6efd6dcf1ebcb3243a6f0657aad2c9b82ff08092a8a41859289c9690c8c72cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 30 Dec 2021 16:00:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJP9OX%2B124%2B6kN3oJIqaYlYUhJDuoUYxA%2FL%2BAK9pSw0RcHy8bfzOq3nIsLjVsQnYh2LBWaE8p9qeUxibZ%2B8lnPj%2BKabdhSDr86LEX1XeUfA4C64Zcwt2YwWjoB6p2DAROoeOYYtJD2X91L%2FeI3xs"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcd4992d4eb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible: IE=Edge,chrome=1

GET
H3 404 icon_2_block.png
www.offersfx.com/wp-content/uploads/ 54 KB
54 KB 312ms
312ms Image
text/html 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offersfx.com/wp-content/uploads/icon_2_block.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b5e24923465146f49ebd8e7eedc43f17efa00afe85ffb3d941a65377a72af51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 30 Dec 2021 16:02:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCLfdBRBeR96iyT%2BihLKFUGLR5AWaXKf4Vr2xcOBKXhPya9O2w0Bnc07gFVvovd2GQovs49N4AhPNhyWGKnkhbHpYll%2Fdt9Q9etMO7Z%2Fkv3DglLPNMB886FHuELWOfh5SRF5jaLm83OvkukKAbiR"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcd4992e4eb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible: IE=Edge,chrome=1

GET
H3 404 icon_3_block.png
www.offersfx.com/wp-content/uploads/ 54 KB
54 KB 720ms
720ms Image
text/html 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offersfx.com/wp-content/uploads/icon_3_block.png
Requested by: Host: www.offersfx.com
URL: https://www.offersfx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef801f566d2f51b60d31b93b831217fcf6594bc9c6ba986b7a9f792693527d2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 30 Dec 2021 16:00:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAx%2FP1Qvy46BuVYI%2B2Dsi%2F6fh%2BRsb5rttdfGz96akKVAoHidsU0YPbMVm4dS99kY%2B60aSA5oSkwA5lVHZfT5VEJiiPKMCb62T9V9Xq5rnUsRpyXBG7n95ROdoH0qxLP%2FRzYV2LVHab8q7A77t0u4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcd4992f4eb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible: IE=Edge,chrome=1

GET
H3 200 tools.jpg
static.offersfx.com/site-images/ 82 KB
83 KB 30ms
30ms Image
image/jpeg 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/tools.jpg
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9047191e6da9e4de70b8d4c8041ce11d41dc076621daa9b9fefd051fd27c099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 84462
last-modified: Thu, 30 Dec 2021 16:00:42 GMT
server: cloudflare
etag: "149ee-5d45f28063b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqLhdrvpqdJIKM3bMTWaVVLyjhodAxt0B0ok78W3Dq%2FvPaRjFOh1nWJyKF6NDZpUUdWjAkAPCAh1VX4lowPXI4HfS1EIodciQMVAQ0p8QkN2qML9BWp0CzrOgEbRtrbc7Z9bt1EBlDeBpOgnSXhEPmtc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd499314eb0-FRA

GET
H3 200 first.jpg
static.offersfx.com/site-images/ 135 KB
136 KB 44ms
43ms Image
image/jpeg 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/first.jpg
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dfe11d1f033736a093f6004d4f27f0b65737535bc1d16cabe005f08aa8838d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 138129
last-modified: Thu, 30 Dec 2021 16:00:40 GMT
server: cloudflare
etag: "21b91-5d45f27f134b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kozV9zkhTKfxnjmxfI8Ox2zzLUdjbUgJbhphPLj9cD7%2B%2BiKZJ3wxg%2Bu4uhEcT1LPxgf80UmI7I6yFlQMuYWcXWma5OgdbfLYBW8gSfpdm91fHZDBdLSa5zNXUTNA53v6F2OBCenPrcprTeUYV4YX4YGc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd499324eb0-FRA

GET
H3 200 first_title.png
static.offersfx.com/site-images/ 1 KB
2 KB 41ms
41ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/first_title.png
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 091756d5543b309244ed8f8c088623e6c45d41498761fa3fba1f916663975a5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1096
last-modified: Thu, 30 Dec 2021 16:00:40 GMT
server: cloudflare
etag: "448-5d45f27f1444f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVVa4rLB7nRSt37lG%2BtwWZZ3caNubCVeRl8a849znLHen7f%2FGHN%2BfoBiVL1fBHp3wTy%2Bd6Ss3Dcs%2FfoGGLxGXL%2FTgcjiH5akKkpK2y2s%2FfkriK7Feq3SB99WLtx8bWNQfEzL2kBEQlTI4qKlskqexsOO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd499354eb0-FRA

GET
H3 200 second.jpg
static.offersfx.com/site-images/ 149 KB
150 KB 42ms
41ms Image
image/jpeg 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/second.jpg
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f792ee7f7d4a7be9803a682d86ab3f5c8c3281abd1923a839e89f29200d248c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 152453
last-modified: Thu, 30 Dec 2021 16:00:42 GMT
server: cloudflare
etag: "25385-5d45f280604cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrImUdD9YS%2Fvs2RT0S5FSqXoH34a%2FQ2iqLRSS9dKDZLgLPGWQoRV8FW6jmLdPq7NR4oyqkOfOmLr4JQiEAB4HQpgdwJXmwzX2zLTFpGR%2FVB%2FScX1lwTCZmwY0Xn68EFFce1XGCxHtQ3PkaEflcEjnD8T"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd499364eb0-FRA

GET
H3 200 second_title.png
static.offersfx.com/site-images/ 1 KB
2 KB 31ms
31ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/second_title.png
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2310caa6da29aae3661622c9e0102657341f6fd58dafd606b94b0863384a139a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3710
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1180
last-modified: Thu, 30 Dec 2021 16:02:20 GMT
server: cloudflare
etag: "49c-5d45f2de918cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qchmLWL8bYjgpa%2FDWkQAdtsQC7IG%2F1XMiXvPKy%2FC7%2FQpMSUwKJtJd4YGOfH70dXeAUMuTP%2FSn6Bme4xet8pZeKPZuVjFb8zIDA%2Bn3LTwuxJ2Ul6QUaMTq00mVI7r0y3U%2BnH9xkB6ghq5KYNgknLt%2FJHF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd499384eb0-FRA

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 66ms
31ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offersfx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 444678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 11:22:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 50ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offersfx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 499560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 20:07:55 GMT

GET
H3 200 icons.menu.svg.css
static.offersfx.com/styles/icons.menu/ 15 KB
4 KB 36ms
33ms Stylesheet
text/css 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.offersfx.com/styles/icons.menu/icons.menu.svg.css
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/scripts/all.min.js?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3f35df15622db7fdc27a0790f0845f34cc9487f1bb7c97efc310d3f9988e42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Dec 2021 16:00:42 GMT
server: cloudflare
age: 3711
etag: W/"3ca6-5d45f28086248-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g26sd9vvuL7cWEjsLdI%2FN3qTQhUgCXzkP3MubImJNNlIGIu9EUDElN7H4OZbMxIbbF7xuuCARE8r5YNxbT1ZzywwmkYq8Yszmw3%2FGqUiHqnzod5O55AIPyc1Hrq3BfUzRH0EDMVX70PxZXQFAm32Ob%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcd4d9a04eb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 04419f69-36a3-4720-96a3-2bc7619fcedf Show response
ekr.zdassets.com/compose/ 487 B
1020 B 750ms
711ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/04419f69-36a3-4720-96a3-2bc7619fcedf

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=04419f69-36a3-4720-96a3-2bc7619fcedf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee9c1f517b456b48c359bd9d1072c3bedec8ad77621bfbde0a2540ed84a4fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 9f5e339b-4726-4afd-a25e-4dfb919ba26c
x-runtime: 0.002414
server: cloudflare
etag: W/"fee9c1f517b456b48c359bd9d1072c3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rbs0IECzeKWw5qpD9vMTyciryiLmgc%2B%2FhBBCuvGmf8hkUX1kOI9gEpvZFBH%2Fq%2FPsXM0AKx1soSqHdqhSUzNpZhwETw4VKw6NjAhlvwyZQVS46WStRDA9y6p44ueCOOFrmGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6cb6bcd51a1a69a3-FRA

GET
H3 200 logos-sprite.png
static.offersfx.com/site-images/ 18 KB
19 KB 24ms
23ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/logos-sprite.png
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7773a4702ea57418686b1e14a2f3152410085848f9cacaae931500d52e87f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3910
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18389
last-modified: Thu, 30 Dec 2021 16:02:20 GMT
server: cloudflare
etag: "47d5-5d45f2de5a9d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BKHOWtIQWTk2lVnDfPItvDdt86tGJGrUQ5sfBPPnMaI50g2U8P8AA6HfV9MDM4L6uMR6Al84KuufoutKAhkZ%2BevLCgm%2FBfQ6KI7aGIYIZxtGmeuf0aqyxHVypbG9Ypld4OWQM6isJf%2F%2Bo8KYVjRfomB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd4e9ae4eb0-FRA

GET
H3 200 Chat.svg
static.offersfx.com/site-images/ 400 B
871 B 22ms
22ms Image
image/svg+xml 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/Chat.svg
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cc4d49da7962851a5c7a47ea95a51ba7791577507d5162728c83b191f5dfc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Dec 2021 16:00:38 GMT
server: cloudflare
age: 3910
etag: W/"190-5d45f27cd87df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4%2Bcd6UpG%2ByUZ81P14xEAbkiiouWoZoU5zcmjAQkCO7d2ld4JugU9g9Hg59HW18GAkuMAyTDa8YMTJZDhx0JQWxxKu7Khh9SxS0B6sJU15jt1rWsxSGe8hbrgkU%2FLbscZzztxnRg5GfiHXytHzc7H3fH"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcd4e9b24eb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
static.offersfx.com/vendor/fonts/ 70 KB
71 KB 76ms
52ms Font
application/octet-stream 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.offersfx.com/vendor/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://static.offersfx.com/styles/all.min.css?27348000
Origin: https://www.offersfx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 71896
x-ua-compatible: IE=Edge,chrome=1
last-modified: Thu, 30 Dec 2021 16:00:42 GMT
server: cloudflare
etag: "118d8-5d45f280b0de0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaobxrD5cQq9BzuurQNjPpqp34yZnu4SSIc2WqSXMdH9CUehw6oJ2FWUqpvo1IzNqhJFIqhtnTD36JmepurpsUFaiZHtxA%2BSukw2CEGdZ047wz9Ys0hop0ID60dkfpv%2Biv7Hvq3MGrh82yNxv7tWvss1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.offersfx.com
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd50acb6957-FRA

GET
H3 200 en.json Show response
static.offersfx.com/locale/ 6 KB
3 KB 478ms
478ms Script
application/json 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.offersfx.com/locale/en.json
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/scripts/all.min.js?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e406d5bddf5d232bd470a694ea48490f0bf4a8f3d9e53aa598d360a8d05d8e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Dec 2021 16:02:18 GMT
server: cloudflare
etag: W/"182a-5d45f2dc57f1a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Fd0rz3j4bwr71oZgUOw2jzjthc7rNnMpACtKF%2F9HIrPIyb77DgGy8ZLGlSD9yzzMabFTS26GKhEKQJlWraP4Efw1eB2OyPn9AgvmbeRU2w1tUT5AlwjndGoJZtLjIMjUdLgsnht4OPlGqVVxtdkUQnK"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cb6bcd51a184eb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible: IE=Edge,chrome=1

GET
H3 200 lang.png
static.offersfx.com/site-images/ 1 KB
2 KB 34ms
34ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/lang.png
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27e67e1550778619f86e71ec39517854c2615b49789055e233722f102e64e60a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3910
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1208
last-modified: Thu, 30 Dec 2021 16:00:41 GMT
server: cloudflare
etag: "4b8-5d45f2802343f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG%2BpN6Kv77EnzshcZUNClwSj7ggKwI%2BMq3iYUglqSL2OF4cf3l0GUsthLvafNhJ1%2FhO6vsm%2FgoK1agCuyv%2FVV2QVOkWYuvFW8k1KSNroahbNFIU0rfqwGGL2JbnUIkiAOmtqQPR4Lmt2YO5DKwEyKKPA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd54a594eb0-FRA

GET
H3 200 sprite.png
static.offersfx.com/site-images/hp-slider/ 89 KB
90 KB 28ms
27ms Image
image/png 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.offersfx.com/site-images/hp-slider/sprite.png
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/styles/all.min.css?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a8980e6cea31e22b4c58cb746bfcb1da41399694081600a82239557ac13002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.offersfx.com/styles/all.min.css?27348000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 91126
last-modified: Thu, 30 Dec 2021 16:02:20 GMT
server: cloudflare
etag: "163f6-5d45f2de4d2fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXa%2BwjlxjfWApqGDdyIRpy4zVh4y3rdRP8ti3uipLiFax97ZrtHNUT27VJE5uvfzzH2xrohyqodifN9cyN2dWuQ2tSavehtvriqcwIpetMcTz6YbfiQpfDyVChtteatzPhMXYzMKOC1ZapLkCYGx1w8U"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6bcd55a764eb0-FRA

GET
H3 200 ratesImproved Show response
www.offersfx.com/mxt/ 379 KB
43 KB 585ms
585ms XHR
application/json 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offersfx.com/mxt/ratesImproved?_=1641826434081
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/scripts/all.min.js?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e35ed0d98d1c4a5615d07da635d324e5d7579a0b1d490ddd48f32577659e566

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.offersfx.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible: IE=Edge,chrome=1
pragma: no-cache
server: cloudflare
etag: W/"5ea7e-+M+9nX1ftycnlBO5fNF7rquR3hk-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFRb2H4BgQIvy9y3WcVWobtT4by3rtqoOc2fSiS5UObiOfcFU851%2BHuCLygidL7jDcaMdh54FdEmKb9kHq6Re1KyvP1%2B3gqK5pO0%2BKAVzmInb4GU7nsxbOZ7XlHCaZr%2Fm8kEIOIPh4rC0tp6gzVU"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 6cb6bcd56a8e4eb0-FRA
expires: -1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 52ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DF2TKHF6VN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6VBW3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

376fd0d972dd9a8c452eacc232dcc68bc6c1aecfde9f0606b98ff8f3392180f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62859
x-xss-protection: 0
expires: Mon, 10 Jan 2022 14:53:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6VBW3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6769
date: Mon, 10 Jan 2022 13:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 10 Jan 2022 15:01:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 59ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-382363263

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6VBW3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e19342fac92178b2fb0edae38c0df5c9246c22e31f5a23b870bebd4e3c08af56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39626
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 14:53:55 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 49ms
24ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2078456779&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offersfx.com%2F&ul=en-us&de=UTF-8&dt=Online%20Forex%20Trading%20and%20CFD%20Trading%20-%20OffersFX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2025439079&gjid=349025327&cid=703851073.1641826436&tid=UA-58482219-1&_gid=873734479.1641826436&_r=1&gtm=2wg150W6VBW3D&cd1=703851073.1641826436&z=571603812

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offersfx.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:53:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offersfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 23ms
23ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DF2TKHF6VN&gtm=2oe150&_p=2078456779&sr=1600x1200&ul=en-us&cid=703851073.1641826436&_s=1&dl=https%3A%2F%2Fwww.offersfx.com%2F&dt=Online%20Forex%20Trading%20and%20CFD%20Trading%20-%20OffersFX&sid=1641826435&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DF2TKHF6VN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offersfx.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:53:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offersfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 784ms
416ms Script
text/javascript 142.250.181.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-382363263

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14724
x-xss-protection: 0
server: cafe
etag: 224124413464385116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:53:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 70ms
23ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-58482219-1&cid=703851073.1641826436&jid=2025439079&gjid=349025327&_gid=873734479.1641826436&_u=YEBAAEAAAAAAAC~&z=153582027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offersfx.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 Jan 2022 14:53:55 GMT
content-type: text/plain
access-control-allow-origin: https://www.offersfx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 80ms
40ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-58482219-1&cid=703851073.1641826436&jid=2025439079&_u=YEBAAEAAAAAAAC~&z=426794249

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:53:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 78ms
39ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-58482219-1&cid=703851073.1641826436&jid=2025439079&_u=YEBAAEAAAAAAAC~&z=426794249

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:53:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-framework-0f965cd6a1734f68a45d.js Show response
static.zdassets.com/web_widget/latest/ Frame 9BC3 207 KB
70 KB 44ms
43ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=04419f69-36a3-4720-96a3-2bc7619fcedf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dbc3de5efa1fe36fc745d76f9832b2bb4307d381bb36d15eeca273c27d2b913

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 394448
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: WFX8QGW7B1QNWA65
x-amz-id-2: Sa11I/bSiPdTO55kdvwAvMWU6iMc+oMQ1yInWq4J1eZrOppXprtC/MDzQ6SWIAipi+e8waEjN/s=
last-modified: Wed, 05 Jan 2022 02:31:41 GMT
server: cloudflare
etag: W/"bb8719bf2eb278cf941f1c5c02407b7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBH%2BbelaSkXENjFIgOJn4pUGvEPqFRTMnJ4oS%2FDP53hAryjgk5VZpm7gKizERnwsO0rABJI0FL49G8k835BxU%2BEHMuuWUwuhnzs%2F%2FPFPZkFn53BPEDSo4NhFgTXoKc1LQH49Pho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: ALSwn14QIcQ4sllQHSix2RT.Ix3nOSJc
cf-ray: 6cb6bcd9af6642f1-FRA
expires: Thu, 05 Jan 2023 02:31:40 GMT

GET
H2 200 web-widget-chat-sdk-58987df92c8073e96c0f.js Show response
static.zdassets.com/web_widget/latest/ Frame 9BC3 203 KB
52 KB 61ms
60ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-58987df92c8073e96c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=04419f69-36a3-4720-96a3-2bc7619fcedf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5834341
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRPDF78JQN9K987N
x-amz-id-2: PEl9lKzd3xQBnF8++H9gRI2BXBi3HU1KY8BrDImkmUw4yzZkDZUtI7aewa61A51qimgCchW7/2w=
last-modified: Wed, 03 Nov 2021 23:49:38 GMT
server: cloudflare
etag: W/"f4e9b6a21f729895e00473e7f3947ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8EKMGLRdX5iSixW6aTNGp%2BVmE6WOK%2Fww10nOvxNcO3URspp14BuiRSIvqsvTWtNVBaF3tJlq9U4Ql6cfLlJt%2F%2FtxTHXVLHmn0L7jIQAMgzlycKRXW%2Fj4z49JpGbGTGJT75S%2FYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VCxuCJi40dVya7RnPTXVZ9S02BueApP5
cf-ray: 6cb6bcd9af6a42f1-FRA
expires: Thu, 03 Nov 2022 23:49:37 GMT

GET
H2 200 config Show response
offersfx.zendesk.com/embeddable/ Frame 9BC3 819 B
1 KB 132ms
84ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offersfx.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de75742d3db3754bb26cbe55a393329915006826759c378721605bfcb6219bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
x-envoy-decorator-operation: embeddable.pod18.svc.cluster.local:80/*
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-667db84695-gcxbp
x-envoy-upstream-service-time: 3
zendesk-api-version: 2022-01-01
access-control-allow-methods: GET
content-encoding: br
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 6cb6bcda7d8d8b93-FRA
x-runtime: 0.001820
last-modified: Mon, 10 Jan 2022 14:53:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFfz85IWQs6zJJpC%2FHSb509UV0VuK%2FjKlpiAQWrX%2F9g19jYO%2FHa0TgVmQLdyubAP1hNTmcWuRXoxX%2FOEcsJQ4D2vcp4xhpYJlu8eEfUItoiERdn9Utj3jG506BXSLKbiKqX3cWmX"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6cb6bcda7d8d8b93-FRA

GET
H3 200 rates Show response
www.offersfx.com/mxt/ 2 KB
1 KB 120ms
120ms XHR
application/json 2606:4700:3031::6815:26fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offersfx.com/mxt/rates?type=popular&_=1641826434082
Requested by: Host: static.offersfx.com
URL: https://static.offersfx.com/scripts/all.min.js?27348000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:26fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972a872043ff153259463b5bf0de00f6169f89d8c1b3a0b4ba710c19afc29b48

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.offersfx.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible: IE=Edge,chrome=1
pragma: no-cache
server: cloudflare
etag: W/"8ab-Kx6Y6r+sn91EqLBBuWShlCG9QX8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9j2FwXZu4CxhWVuwGnBSSOXO4scWTzBq9Gi34jaadRL9uIYyw3PxvMF18SySS1dQ2X9r%2B8SuKSy%2BpMEVJfLSxl5WDWEXc5vgo042VzJ9AwW1A4YA2WY9sohvdVv0ejiEKys8LA05XLuJMCHJlJS"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 6cb6bcda3af04eb0-FRA
expires: -1

GET
H2 200 web-widget-87858-cee7f1eb2b6523d204ba.js Show response
static.zdassets.com/web_widget/latest/ Frame 9BC3 374 KB
115 KB 36ms
36ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-87858-cee7f1eb2b6523d204ba.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f42d2283b5b2fa5fc2fbdcdcadb95e6b760e9a13feb37649e55a4aa542127f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: T9KKXN161J0T3AFK
x-amz-id-2: ABuiu2tO2pFEQHTw/PtatHUEyFWsmI0vxjOMASuZE/AocvvL2ir5h2wmuCLH+mzPIW7YUYlZAhs=
last-modified: Thu, 09 Dec 2021 04:16:41 GMT
server: cloudflare
etag: W/"b9e4aa2f9e863379247f2e69b03fb07a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7L%2FRsGlQN%2BbcUHoZ7zVkAiAzgds8rHkn0u5i97eOVaxOKNjZW34IxegLqRJUjpBHojk7FvISfJCmwzEyJeRy3S2ojxnOuBvZZVDKXqnl19LA9a2Rz2D3vE9C9cGkObgLqlI1MRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: IhzKgpFg6X40kiy_r6s.Yhbo43mI2sZY
cf-ray: 6cb6bcdb0af842f1-FRA
expires: Fri, 09 Dec 2022 04:16:40 GMT

GET
H2 200 web-widget-84623-03f10abe0b80d11f9509.js Show response
static.zdassets.com/web_widget/latest/ Frame 9BC3 84 KB
23 KB 34ms
34ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-84623-03f10abe0b80d11f9509.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbdd287f80de0ee376529f207aa4dc7abd422800e8a7c095362c39923017d160

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 476075
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: DSQK2Q9FTZR7FD6Q
x-amz-id-2: Lt04gS7WqIssrSiDisNW/8vETZccWEBXl5YVRz+IUO0ykIlc1lsWTu8Eo/MZGARSRltT7Uh3MZ0=
last-modified: Wed, 05 Jan 2022 02:31:44 GMT
server: cloudflare
etag: W/"dffb67388efdc0b53e616b74c24368eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiwlEU%2FXnXhd1EUm%2BMcfjikx%2F8UI7CHamPBH6IzYyehqW7s0lGrhGVTVo9HOh9vckh6N%2FqrPDTyIEbn%2F06nhxFBW1356YkKe%2B4oxhJhUOeSLkEpeLpesWQWkXpZwO9Efuduytj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: JJbDOwT9GbNiwkBFyEFAtE0GFZ48YSBV
cf-ray: 6cb6bcdb0af942f1-FRA
expires: Thu, 05 Jan 2023 02:31:43 GMT

GET
H2 200 web_widget-4f8be087d2990cd0ba36.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 9BC3 451 KB
100 KB 36ms
36ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-4f8be087d2990cd0ba36.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4546ac1d49544865341d880cfb9c4f270d75e2ad171bb7b5a351ab8ae3fbea34

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14210
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: S5DPWHTFHY5AWKBQ
x-amz-id-2: p0eHkmK1Z3gXXmev+vkCKY32+hAeFsbDm+pfsqumrOwjhTFU9zvTBKdS8Al2uH9o+vfUPLepNGM=
last-modified: Wed, 05 Jan 2022 02:28:24 GMT
server: cloudflare
etag: W/"d1b6a12a0e76ddc12e17192e071c45d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQUUXMpnrZsKM8aQD6I0zdpmv%2FWOldYkPbMg3fdAlon%2BrbRlvXC2w%2FWVzpmhBttLTrn%2FwC1GHDpSlb4c8fqYsyZvn6kahbCrjyOhRmSsvri3jOSgfgTl3qOEkIfRvoR%2B%2FC2l0%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Kf4cq3Ps_fsB3UHoI.eoyJ79Uei59anl
cf-ray: 6cb6bcdb0afa42f1-FRA
expires: Thu, 05 Jan 2023 02:28:23 GMT

GET
H2 200 embeddable_blip Show response
offersfx.zendesk.com/ Frame 9BC3 0
282 B 133ms
133ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offersfx.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTcuMC40NjkyLjcxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiIyZGIxOWY4MDczMTE0ZjYxYTM2OGFhMGNiODFhYjVjZCIsInN1aWQiOiIyNTUxODY1YmE2YTU0MjQ4YTRjNTE2MjEwMDBiZmY2YSIsInZlcnNpb24iOiJkNmE0NDg0IiwidGltZXN0YW1wIjoiMjAyMi0wMS0xMFQxNDo1Mzo1Ni40MzlaIiwidXJsIjoiaHR0cHM6Ly93d3cub2ZmZXJzZnguY29tLyJ9

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 9069655f6b8e190b7eee176e084b2c2d
last-modified: Mon, 10 Jan 2022 14:53:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kA7iN3z9XnZ2LU7EO7UU9zjMIP%2BOVbdm0QQNa2aBAvtp7mHfdx%2BzrXKYDtvGsokd%2F1lmzytpZnsGpsqloZDv6XGzysZ4dn749Dpvk6jCSVmMgZE18MjSMW4zzJg6JWbwb9ZlCSOv"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.offersfx.com
accept-ranges: bytes
cf-ray: 6cb6bcdbc9628b93-FRA

GET
H2 200 embeddable_blip Show response
offersfx.zendesk.com/ Frame 9BC3 0
343 B 65ms
64ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offersfx.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29udGFjdEZvcm0iOnsiYXR0YWNobWVudHMiOmZhbHNlfX19LCJidWlkIjoiMmRiMTlmODA3MzExNGY2MWEzNjhhYTBjYjgxYWI1Y2QiLCJzdWlkIjoiMjU1MTg2NWJhNmE1NDI0OGE0YzUxNjIxMDAwYmZmNmEiLCJ2ZXJzaW9uIjoiZDZhNDQ4NCIsInRpbWVzdGFtcCI6IjIwMjItMDEtMTBUMTQ6NTM6NTYuNDQ4WiIsInVybCI6Imh0dHBzOi8vd3d3Lm9mZmVyc2Z4LmNvbS8ifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: c3a48f31b1e72219e1531bc4e20f87fb
last-modified: Mon, 10 Jan 2022 14:53:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMdg%2FHR1u4MZy%2FBRpQDHvqLuSB7scMiLg%2FWcLCe%2BsiAeRHcRlbuqAYgLrl%2F%2B2GWtjedE1iD0I722OzliMZXQfk3VqwmJCUJgAM5vCl%2BtGPv7rgaQuA5Oo3kZJSc5dldn%2BaT%2FbVP9"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.offersfx.com
accept-ranges: bytes
cf-ray: 6cb6bcdbd9868b93-FRA

GET
H2 200 de-de-json-0e7b9ae3b696a34b6d22.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame 9BC3 28 KB
7 KB 35ms
35ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/de-de-json-0e7b9ae3b696a34b6d22.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5834340
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 3TRDR0P6WNWBEPYH
x-amz-id-2: iJsqr8nQkqn7pABNTa6yutDePeG38EWrGJLwokBJeVpjBfBxnou3D/N6r6F272FCUKbHBRPHBlE=
last-modified: Wed, 03 Nov 2021 23:47:17 GMT
server: cloudflare
etag: W/"8fc7b388e5d1886d801f856533dc1ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y75td%2F4Jszs6aloeuPzaqMI0QgFRDfUFUGD1W%2FufkdQnXiQkcSpPequ9bOMfOZ68WMG%2BCWdRZ4jtorwrZhUh2KympXXlaRUrMSoIH2YvTCtMIei7VuP8W0zOy2wwG71Q6GmuI9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 6RmU.xLcJA.EQghxyd1xkwY2BBWkSgbD
cf-ray: 6cb6bcdbdd1242f1-FRA
expires: Thu, 03 Nov 2022 23:47:15 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/382363263/ 2 KB
2 KB 613ms
248ms Script
text/javascript 2a00:1450:4019:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/382363263/?random=1641826436460&cv=9&fst=1641826436460&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.offersfx.com%2F&tiba=Online%20Forex%20Trading%20and%20CFD%20Trading%20-%20OffersFX&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

020e4b2643b0355c4e2db1208318685d2ac2ec20ee0fbf64af949180d597a9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-252dd9c57c7ccd6fb1b5.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame 9BC3 26 KB
6 KB 35ms
32ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/en-us-json-252dd9c57c7ccd6fb1b5.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c9973e0109dbadad00f38c2cc090f7dfa912ef8c033ac525471d2267f8afdb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 303689
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZQKCMTS8FRZ4JBVY
x-amz-id-2: RJCxwl/V2whGlCl83SaTHLFt5qX9wNAO9EeIxD+n/rLaup4IgqPpISqGc6697wLqYMmsqwHo87Q=
last-modified: Thu, 06 Jan 2022 03:22:10 GMT
server: cloudflare
etag: W/"62379f28b9f6a37d756721716e320007"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpGLczmDbmZl3Svq7vtlsTKNEc5u8zMpisvQJO2o361eGn7vi0Hts4reqkH7FE9kBYFm%2BJ5yS9ZtBxw1y%2FUSLYG5BwQ3qqXtC%2F%2FrRCQwDxmUHkOVGS%2FuDiq9JJAkRrp%2FHwzM0tE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: zHE6JgfT.xpIHtW1bd0JvlfhW0LuJieS
cf-ray: 6cb6bcdc2dd542f1-FRA
expires: Fri, 06 Jan 2023 03:22:09 GMT

GET
H2 200 embeddable_blip Show response
offersfx.zendesk.com/ Frame 9BC3 0
274 B 41ms
41ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offersfx.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly93d3cub2ZmZXJzZnguY29tLyIsInRpbWUiOjgyLCJsb2FkVGltZSI6NjAuNzk5OTk5MjM3MDYwNTUsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJPbmxpbmUgRm9yZXggVHJhZGluZyBhbmQgQ0ZEIFRyYWRpbmcgLSBPZmZlcnNGWCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiMmRiMTlmODA3MzExNGY2MWEzNjhhYTBjYjgxYWI1Y2QiLCJzdWlkIjoiMjU1MTg2NWJhNmE1NDI0OGE0YzUxNjIxMDAwYmZmNmEiLCJ2ZXJzaW9uIjoiZDZhNDQ4NCIsInRpbWVzdGFtcCI6IjIwMjItMDEtMTBUMTQ6NTM6NTYuNTIyWiIsInVybCI6Imh0dHBzOi8vd3d3Lm9mZmVyc2Z4LmNvbS8ifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 711c9fbd59ac89235149e39f44b0317d
last-modified: Mon, 10 Jan 2022 14:53:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlovr30Kmzjf6Kut1xjXgzPMDAhnt8cjUt3sToRHt8FsJR3Jm4OC2ccSsciH5jmgmc6EK94nil8aebr4bFhNeGL6WWU8Y82L9XpCtfDLv5acJGu7pboEMwLZT0ES2rwCDjCMzYy7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.offersfx.com
accept-ranges: bytes
cf-ray: 6cb6bcdc5ac28b93-FRA

GET
H2 200 web-widget-chat-incoming-message-notification-abe0508c4615c51b9efb.js Show response
static.zdassets.com/web_widget/latest/ Frame 9BC3 337 B
930 B 28ms
28ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-abe0508c4615c51b9efb.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-0f965cd6a1734f68a45d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

835b428abb7dc757393b5c89290221036dcace94b53de6d0e8e990b44cc633a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 572191
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 2K6XVYD0W26605H3
x-amz-id-2: tEgRisQTpBK+LlAjKoRT91MRwvEALfR+mSy5w+9xklBaOF31VNUfPz3LEd9PDgpSY8RQ2GqWJbM=
last-modified: Mon, 03 Jan 2022 23:37:01 GMT
server: cloudflare
etag: W/"a7069caa3d0c66a01d617c556d15afe7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Bc54rBSj5eJE0zU3V8Mx36CHFQjSoHdzKCwCd8DkYo0zp4YieI6juVWaB0SDdb6FciyHFjJs2jT0L%2FsUgSNkTYzfiX07EYlD4k%2B20EDJFgFyulA8Yz3o8ao0p8oS0UpwZd82zU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: YowV3WS1hDd.dYN.KkLiopXUJEH2mOUT
cf-ray: 6cb6bcde0aa642f1-FRA
expires: Tue, 03 Jan 2023 23:37:00 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame 9BC3 19 KB
20 KB 32ms
32ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 10 Jan 2022 14:53:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13276412
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: PB1NH3KM9FCC1HA2
x-amz-id-2: JspcdWrlVgCQlP0+8pqormEm9QUD2yicqBPLCdaBFIh3dfw3LJTDui8OCqSOO/R290/rv25PVNQ=
last-modified: Mon, 09 Aug 2021 15:02:07 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4emLU9d1UaOJhWPaDBHX127YM0SRWVnYNpvLaDz4Az3pOsJg99bnmQFMv4ZtI9dKsfwqAa%2BhDTw3GuvEBES7mYp5Uaf7elosJVVnAcW%2FAnlAOrJXHPGp7XGeCQlmwsEdeFQElwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wo_lCnzkgzNmTw3PEFheI9QEyCECIezA
Content-Length: 19698
cf-ray: 6cb6bcde6b8642f1-FRA
expires: Tue, 09 Aug 2022 15:02:06 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/382363263/ 42 B
64 B 55ms
30ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/382363263/?random=1641826436460&cv=9&fst=1641823200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.offersfx.com%2F&tiba=Online%20Forex%20Trading%20and%20CFD%20Trading%20-%20OffersFX&async=1&fmt=3&is_vtc=1&random=2044280697&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:53:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.se/pagead/1p-user-list/382363263/ 42 B
64 B 56ms
32ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/382363263/?random=1641826436460&cv=9&fst=1641823200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.offersfx.com%2F&tiba=Online%20Forex%20Trading%20and%20CFD%20Trading%20-%20OffersFX&async=1&fmt=3&is_vtc=1&random=2044280697&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.offersfx.com
URL: https://www.offersfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offersfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:53:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.offersfx.com/	1970-01-20 08:49:22	Name: token Value: 1673362434093__39be6cb1-7a26-4c93-aaf2-b79923dbe384
www.offersfx.com/	1970-01-20 08:49:22	Name: userRegulation Value: 1673362435066__DE
www.offersfx.com/	1970-01-20 08:49:22	Name: country Value: 1673362435066__DE
www.offersfx.com/	1970-01-20 08:49:22	Name: contactFlag Value: 1673362435066__DE
www.offersfx.com/	1970-01-20 08:49:22	Name: contactPhone Value: 1673362435066__%2B357%2025030742
www.offersfx.com/	1970-01-20 00:47:41	Name: ipAddress Value: 1644461635066__2001%3A1b60%3A1010%3A3%3A1011%3A622b%3A9f40%3A7200
www.offersfx.com/	1970-01-20 08:49:22	Name: lang Value: 1673362435259__en
.offersfx.com/	1970-01-20 02:13:22	Name: _gcl_au Value: 1.1.1859705871.1641826436
.offersfx.com/	1970-01-20 00:05:12	Name: _gid Value: GA1.2.873734479.1641826436
.offersfx.com/	1970-01-20 00:03:46	Name: _gat_UA-58482219-1 Value: 1
.offersfx.com/	1970-01-20 17:34:58	Name: _ga_DF2TKHF6VN Value: GS1.1.1641826435.1.0.1641826435.0
.offersfx.com/	1970-01-20 17:34:58	Name: _ga Value: GA1.1.703851073.1641826436
www.offersfx.com/	1970-01-20 00:47:41	Name: clearBlock Value: 0
widget-mediator.zopim.com/	1970-01-20 00:13:51	Name: AWSALBCORS Value: Mfax73eQjQy0h/tFCdrogQ+v3hTAHBtl5A/i3D/XxwpK+AEu0EUg75oysB1kAdp44WuCostmdhysh3gzi3H0UviCPvVohD4/fvnBNbKV/T4A+gl1ToLMInhRJL0Q
.offersfx.com/	1970-01-20 08:49:22	Name: __zlcmid Value: 17ykcWhkypWZ2jG
.doubleclick.net/	1970-01-20 00:03:47	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.offersfx.com/site-images/platforms_mobile.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.offersfx.com/wp-content/uploads/icon_2_block.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.offersfx.com/site-images/arrow.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.offersfx.com/wp-content/uploads/icon_1_block.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.offersfx.com/wp-content/uploads/icon_3_block.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
offersfx.zendesk.com
static.offersfx.com
static.zdassets.com
stats.g.doubleclick.net
unpkg.com
www.google-analytics.com
www.google.com
www.google.se
www.googleadservices.com
www.googletagmanager.com
www.offersfx.com
www.xtrade.com
xtrade.com
104.111.236.214
104.16.51.111
104.18.70.113
104.18.72.113
142.250.181.66
2606:4700:3031::6815:26fc
2606:4700:3032::ac43:9489
2606:4700::6810:125e
2606:4700::6810:7aaf
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9d
2a00:1450:4019:802::2002
020e4b2643b0355c4e2db1208318685d2ac2ec20ee0fbf64af949180d597a9c3
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
091756d5543b309244ed8f8c088623e6c45d41498761fa3fba1f916663975a5d
09a8980e6cea31e22b4c58cb746bfcb1da41399694081600a82239557ac13002
0beab3036c0759bef75b1f98f027ad0ad21c6ffd9917622385f5b04dc764e080
0dfe11d1f033736a093f6004d4f27f0b65737535bc1d16cabe005f08aa8838d8
0e7773a4702ea57418686b1e14a2f3152410085848f9cacaae931500d52e87f8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f792ee7f7d4a7be9803a682d86ab3f5c8c3281abd1923a839e89f29200d248c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
215972371b287dab9c0f14f1c53fc0efe7680bc4f7b66732aeed59b54b65b031
22cc4d49da7962851a5c7a47ea95a51ba7791577507d5162728c83b191f5dfc4
2310caa6da29aae3661622c9e0102657341f6fd58dafd606b94b0863384a139a
236ef5ebba7b79aba4700f0a9d17b132050bee31316246eb813b06f291fc66aa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27e67e1550778619f86e71ec39517854c2615b49789055e233722f102e64e60a
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
2e35ed0d98d1c4a5615d07da635d324e5d7579a0b1d490ddd48f32577659e566
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833
376fd0d972dd9a8c452eacc232dcc68bc6c1aecfde9f0606b98ff8f3392180f0
3b5e24923465146f49ebd8e7eedc43f17efa00afe85ffb3d941a65377a72af51
3e406d5bddf5d232bd470a694ea48490f0bf4a8f3d9e53aa598d360a8d05d8e3
3ff5f1909a7bddfca2bf62d38a86e434a2481c3398e5db69d138bb29796f4192
451575204ff8e8fb6a42a669185d8480a461132285ebf960c9368513f910457f
4546ac1d49544865341d880cfb9c4f270d75e2ad171bb7b5a351ab8ae3fbea34
4c9973e0109dbadad00f38c2cc090f7dfa912ef8c033ac525471d2267f8afdb7
4dbc3de5efa1fe36fc745d76f9832b2bb4307d381bb36d15eeca273c27d2b913
4dd26c14e2b317bfd6609103cd3402f26bd80e3e120f4bd99d1e5c931f70223d
4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c
5e6b738d5151e92857353686079a2f1b40d8b89dc11b1063234ef51cbc6bea28
718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d
73e9a4870ea6e66c88ea00fd73f052cde0d2ed1cd6adea3d6edb931e857d18d2
7bbd9a9c55655b30b1714b32cd65e852ae2c65ea3c956fa5c7c9e086ea5de05a
7cb66e81f07a1a6ff47ed88eb3857a8ab2bb7517f48dd3f313264feddd243f1f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7de75742d3db3754bb26cbe55a393329915006826759c378721605bfcb6219bd
835b428abb7dc757393b5c89290221036dcace94b53de6d0e8e990b44cc633a5
8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6
972a872043ff153259463b5bf0de00f6169f89d8c1b3a0b4ba710c19afc29b48
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce
a773647bbd0d7c8ca2fedb4d2f61bafb7fd466ab35e611b16fe4cd4b954903cc
aa9a089e5ddbe1c2a80daceef2e3f59d4c6546a53f0507342fa23bd03fcddf70
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
b71e9fcc0b2930582280e26c8002ad858d9d8cfb38aa0da0d814e3f1c444004d
bdf770b50de7fae30e1e9eb18b543227095c1805045c6f9e5cd5a10474f9f8bb
cbdd287f80de0ee376529f207aa4dc7abd422800e8a7c095362c39923017d160
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc929983decee1acd675cc4ad2806328cb44dff05dd7e75ae6826d389a67b9ce
d6efd6dcf1ebcb3243a6f0657aad2c9b82ff08092a8a41859289c9690c8c72cb
d73f625dec571121d22cc566901fcce687258d82a20140a26b1af2c47d10f7c4
d77d2151fa05915888da11d86edeb30ae7cbc1b8cce820328756517f6629642c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de52f0601f452f9894d4291380ee4f98cbf5d9e48843546134e7468576e19757
e19342fac92178b2fb0edae38c0df5c9246c22e31f5a23b870bebd4e3c08af56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
e9047191e6da9e4de70b8d4c8041ce11d41dc076621daa9b9fefd051fd27c099
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef801f566d2f51b60d31b93b831217fcf6594bc9c6ba986b7a9f792693527d2d
f42d2283b5b2fa5fc2fbdcdcadb95e6b760e9a13feb37649e55a4aa542127f4f
fe3f35df15622db7fdc27a0790f0845f34cc9487f1bb7c97efc310d3f9988e42
fe79b4377dc7efb56831bed23647f7efc42086822fc31a9be513280389b7417f
fee9c1f517b456b48c359bd9d1072c3bedec8ad77621bfbde0a2540ed84a4fd5

www.offersfx.com Open in urlscan Pro 2606:4700:3031::6815:26fc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

94 %HTTPS

71 %IPv6

14 Domains

18 Subdomains

16 IPs

5 Countries

2382 kBTransfer

5887 kBSize

16 Cookies

4 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.offersfx.com Open in urlscan Pro
2606:4700:3031::6815:26fc Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

94 %
HTTPS

71 %
IPv6

14
Domains

18
Subdomains

16
IPs

5
Countries

2382 kB
Transfer

5887 kB
Size

16
Cookies

72 HTTP transactions
2 data transactions