urlscan.io logo urlscan.io
SecurityTrails logo

www.offers4all.net Open in urlscan Pro
2606:4700:3033::6815:3697  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://offers4all.net/
Effective URL: https://www.offers4all.net/
Submission Tags: tranco_l324
Submission: On November 10 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 12 domains to perform 73 HTTP transactions. The main IP is 2606:4700:3033::6815:3697, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.offers4all.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.
This is the only time www.offers4all.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3035::ac43:8bf7 (United States)

ASN13335 (CLOUDFLARENET, US)
offers4all.net
22    2606:4700:3033::6815:3697 (United States)

ASN13335 (CLOUDFLARENET, US)
www.offers4all.net
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    65.9.83.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-83-81.ams1.r.cloudfront.net
arc.io
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static.arc.io
core.arc.io
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
98250f023689eca207f5635046a87676.safeframe.googlesyndication.com
1    172.217.168.226 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s40-in-f2.1e100.net
partner.googleadservices.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4025:401::84 (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com
warden.arc.io
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
22 www.offers4all.net www.offers4all.net
14 static.arc.io arc.io
core.arc.io
static.arc.io
6 pagead2.googlesyndication.com www.offers4all.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net www.offers4all.net
securepubads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
3 netdna.bootstrapcdn.com www.offers4all.net
netdna.bootstrapcdn.com
3 fonts.googleapis.com www.offers4all.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 cdnjs.cloudflare.com static.arc.io
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ssl.google-analytics.com www.offers4all.net
1 www.google-analytics.com static.arc.io
1 warden.arc.io static.arc.io
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 98250f023689eca207f5635046a87676.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 core.arc.io arc.io
1 arc.io www.offers4all.net
1 offers4all.net 1 redirects
0 tracker.arc.io Failed static.arc.io
73 22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
plus.google.com
www.kvk.nl
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
arc.io
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
static.arc.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-09-14		 a year crt.sh
core.arc.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-09-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.offers4all.net/
Frame ID: 4EA00D6D9F0A1A81CF4F97C86C3D0805
Requests: 56 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?2326f2d
Frame ID: 87D7396824E1B49FC7A24FF21645288F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html
Frame ID: 6D7CD81A8BB6E8B63002B9BCE5D820E8
Requests: 1 HTTP requests in this frame

Frame: https://98250f023689eca207f5635046a87676.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 93A6D16BAAC2764314131F4EC25C9E74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9295862422587053&output=html&adk=1812271804&adf=3025194257&lmt=1636513051&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.offers4all.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636513050826&bpp=4&bdt=336&idt=171&shv=r20211108&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6636689196868&frm=20&pv=2&ga_vid=1958529792.1636513051&ga_sid=1636513051&ga_hid=55308402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354&oid=2&pvsid=2552929672511121&pem=417&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=195
Frame ID: D65A05C62A23D337D5F9C3D130237815
Requests: 1 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?2326f2d
Frame ID: 94327EF4FA5CB0665B2ADC65F491235B
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?2326f2d
Frame ID: FCBF023072C415F65EBAF4BC0C1C877C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D8B86279D34BC93AF6E679FCD13E219A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB15EFEF5F71EB297CD6719B46867627
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

offers4all.net

Page URL History Show full URLs

  1. http://offers4all.net/ HTTP 302
    https://www.offers4all.net/ Page URL

Page Statistics

73
Requests

99 %
HTTPS

80 %
IPv6

12
Domains

22
Subdomains

20
IPs

3
Countries

1207 kB
Transfer

3628 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://offers4all.net/ HTTP 302
    https://www.offers4all.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.offers4all.net/
Redirect Chain
  • http://offers4all.net/
  • https://www.offers4all.net/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
2494fe68e2f45ff979dc8729b79d9111c6c983bae450e12edd72e389db54ea1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQzQrmtu445h1v3h1MHlW5GYMW96dbMXGk1b4I%2FRzVYknqzBvfwG2iCYamndtydzYOUzPpnBFAQTuUkuwOMQl8EPSRHqPYXHFvjXCd%2BoDENXg7%2FTrNQByX%2B%2FXIWhyK8b5FCt47CQaVEMephXh2R0e84%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6abc03872b791e9d-AMS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Wed, 10 Nov 2021 02:57:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
location
https://www.offers4all.net/
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0R2jO7dDyRl%2BIdYMTTmQMdO4KG343%2Bs%2Bq0iw2FsdPG0QShfNeYqghI006hPoYY2S7rCEHxvKderUzmCA7SFluxrAQcNITnMGxYMDkgocRjfsMlMdSIpW0MdpZlL8NvOeVE1TVhfid5dYvnx86Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6abc03862ecaf16a-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
DT_GzQIqqc7pHW-Ac8hrvtLyRS8.js
www.offers4all.net/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/cdn-cgi/apps/head/DT_GzQIqqc7pHW-Ac8hrvtLyRS8.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d27e18a77b9946065a17636f3d4dd491063f8e92016e97c1ab9b739738b0e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1265715
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
D6YKS0ZJP2GKEG9E
x-amz-id-2
rvE9ap97irhc+vpi/tlW5IqwkhRXKcgOoiaXY+ugS8cojvNz/mJb30E74qbXRsVHayElPfQ1Kx0=
last-modified
Tue, 28 Apr 2020 12:54:21 GMT
server
cloudflare
etag
W/"ab9db4e3e046eef8cba74492fb33b42f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHnk5RXuNOZmGo1CR7ZvO9fLU2dSEq3RRfcbXDVJLC1CuWdTt%2F3UWjK0zeRXTmW5C%2BY6rCD6pQimrjTRjwWUHB3J1c7%2BdehwpN2eAwzojttzUGmqZp666QYKrvHrPYr6JBsvS3mfCJWNepBQpK0uImE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
NWoj8I58WMQehYyMakyULbVrJn4ymuf6
cf-ray
6abc03883cb91e9d-AMS
global.css
www.offers4all.net/templates/ModernBlue/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/templates/ModernBlue/css/global.css
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a8ae2faafdab311bfddaa0851f9b2cf67ed15dc5ccf540a5e54bf2cb744b03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1340
cf-polished
origSize=18497
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 01 Oct 2020 23:23:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrX3siuFKnFmMc1LyVbou5jYofdAb%2BFJBlQ6vnQA%2FvLbZV3X2EHxe1XbCTqRDjqOmKQhDKrfNiLisimFDaY4vWPlhc%2B2JtgEv8S43zHvzKBEWc1vYf8HXdxXdIPaWogedS1PLnlLE2ntCNvE2B4Njgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
6abc03883cbc1e9d-AMS
cf-bgj
minify
custom.css
www.offers4all.net/templates/ModernBlue/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/templates/ModernBlue/css/custom.css
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6de23ec36330c7dccf6eddad5cf7e2241239ebe219cd5f3e6dd6dfef84e4b16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1340
cf-polished
origSize=25599
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 24 Feb 2021 17:26:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nys1hkw%2BshrVEBLsJKGdjFDbpfuCEBpSvLNDSXkyT6nLcgjU7YKKc3%2BNdBWi4resOxzlg6Eh%2FxssjG1ZnyCBYFoSPY%2BVmVzwqVmKU1Jsdxt%2F372bHqvEOhvSde8y07PpF4AM6Sfdsfc8nPWsTf2JHT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
6abc03883cbd1e9d-AMS
cf-bgj
minify
jquery.min.js
www.offers4all.net/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/js/jquery.min.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:07:08 GMT
server
cloudflare
age
5970
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbyAqGQ5E7GcAN%2BTfih33ijLfgAvanG7S44XJBboRfqoeZMckOhL04cFTFNG%2B51USdIJf7sMKmieMZbUUKrLVcBuwq6kUsUqmFtt2VAxY2r7qgj6zoT5xvqBbLvVPDFgxZcdfk2bBxSawOCpLPq1nDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6abc03883cbf1e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-ui-1.9.1.custom.min.js
www.offers4all.net/js/ 		232 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/js/jquery-ui-1.9.1.custom.min.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ad2ef6106ceaae60bd93933cb3cc6defe63a5ec00188493227327260d2bf6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:07:08 GMT
server
cloudflare
age
5970
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgXC6oLJjoh4KQc0GEo0w5hWsgSlI%2F9EODUFExPj%2Fi7KCaRLG9oZK3X%2BrFh7ybIwUK4%2FaNSRU5m2g2DKnzXg3M5SpzQkjnsbndte9u03SiGFL0heZIbaUVafUzjtAq6mYM2M22Ht2w5bbIDI3e1O0BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6abc03883cc01e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-ui-1.9.2.custom.css
www.offers4all.net/templates/ModernBlue/css/evolutionscript/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/templates/ModernBlue/css/evolutionscript/jquery-ui-1.9.2.custom.css
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46922def6b45b05fbbec080d32519c6ba46ce267c4159949ae9fd678c150b158

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1340
cf-polished
origSize=32105
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Jul 2020 17:08:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfqqZza1snqPbyrb0n4%2FGM2toiKboI8NjXaDsxIXuHmOy1V0UwQe8H0%2FxQGHjigY5x%2FSoIHjZYdb0M3TgXd3Rcq7QdfxnLwM6f2s88%2F0fi7JIV7gWQRg44vWq45%2B9o1DNNg5XHir68GQDzVa0Ew7qxU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
6abc03883cbe1e9d-AMS
cf-bgj
minify
evolutionscript.js
www.offers4all.net/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/js/evolutionscript.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c0af12581f89dfd809b1a448203c350330b3bc96d9f113ebf274e96386130f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1340
cf-polished
origSize=14479
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Jul 2020 17:07:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtWqbjP54ebikcqM5LNiTB%2FRnSDU6r%2FqoSX5xpvOiLkFKrD2Yc386mZ7PamKSNlTtGrOOR3hvS26%2Fk0r1x1u6wui69GmiSmg2sozQLXKu87XKfL9Y%2BWyNCmaA39DJn31TWQBDI%2ByfJrlj2GibJGKY8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
6abc03883cc31e9d-AMS
cf-bgj
minify
l2blockit.js
www.offers4all.net/js/ 		2 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/js/l2blockit.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7e0fbe04ced2489dc388b0b710374790593e5f45799a138a2d4b68fdeaa0d8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1340
cf-polished
origSize=3885
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Jul 2020 17:07:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulhKlXopwZFeJi5GsxyklMCN8341%2BOwNJuDbVH0dtTiRT5wbiAWimsfKbRFOyvgP%2BC%2BG%2Bf0n%2B3XULyeKbxoyOYVMOFqgsLD5Arf9UBiFOsQAr4gpdl1%2F8UTG%2BI%2Br%2BYYwrLnqdkNtshwRjbc0OFElp9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
6abc03883cc41e9d-AMS
cf-bgj
minify
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 01:57:01 GMT
server
ESF
date
Wed, 10 Nov 2021 02:57:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 02:57:30 GMT
css
fonts.googleapis.com/ 		2 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2961ef025e9598bbc17229d642d373a9eb7feaa927ac1149a1bfc546d31caed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 02:01:30 GMT
server
ESF
date
Wed, 10 Nov 2021 02:57:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 02:57:30 GMT
bootstrap-combined.no-icons.min.css
netdna.bootstrapcdn.com/twitter-bootstrap/2.3.2/css/ 		116 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/twitter-bootstrap/2.3.2/css/bootstrap-combined.no-icons.min.css
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a721f6f467fcda98080593f318b78ff31558e822d283d473cabd3ad0d49b24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
549, 617
age
4205996
cdn-cachedat
2021-06-04 16:19:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:05:01 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f5039155a3a80188d57ff375ed0ff9e2
cf-ray
6abc0388883e4c85-AMS
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
459, 617, 617
age
4774144
cdn-cachedat
2021-08-07 01:36:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
97a639f940b91cf9231886fa8216c274
cf-ray
6abc038888404c85-AMS
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
custom.js
www.offers4all.net/templates/ModernBlue/js/ 		724 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/templates/ModernBlue/js/custom.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49cd8953be6166c0155bd1e5235357265de5da22bd267cb5cbe6a044b9fec55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2366
cf-polished
origSize=984
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Jul 2020 17:08:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gW9LV3xncHgYfUqJHpsZqht0fWMjk%2Bh1Or4UOJEeIz7Enp0cl2%2B1F7Eux%2BeUpIETnp3gKBPEKgcSzbK%2Fb8v8FPsNvvHJm1EVZ0%2BY%2BDsl05vPXDnQiI%2FroSe6cqCtE8eXp0aS5jG2GRy6jMEKRylqtW8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
6abc03883cc51e9d-AMS
cf-bgj
minify
widget.min.js
arc.io/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.83.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-83-81.ams1.r.cloudfront.net
Software
/
Resource Hash
1e68cbacbe27a32e9d10df40b6cc724e9c29abed6152c7b454426d5b76c5a5db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Thu, 28 Oct 2021 19:32:15 GMT
age
1242
etag
"617afabf-b73"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Wed, 10 Nov 2021 02:36:49 GMT
x-amz-cf-pop
AMS1-C1
content-length
2931
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-id
tHROXzdjNbjOXLSghvLLK8Fop4BhnGYxPU4dPlChOmFev5-NrrLKGA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e15a328673bafb9d6b86f2587ac4ea9e5e3e372cd5e938685d0a753ac2fb78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51366
x-xss-protection
0
server
cafe
etag
11263067960715751259
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 02:57:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
2c454e7c5958c61f1bc4af3f7cef6239a33d9abca0d467e10993d1e6bafc4e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1039 / 379 of 1000 / last-modified: 1636499218"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26874
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Nov 2021 02:57:31 GMT
logo.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/logo.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b85a4e316a5fff8d5f135a48b437ca915a712eef333395b7646fe77651fc29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:28 GMT
server
cloudflare
age
1761
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbRg8TdRYHD7WPTfaMZ0DzVSFT6VKzY9h%2BAkPDICcYjZeKt6kQ1VG%2BWrT5giMTSSCfxeW9nHO%2FyQoopxUjZKYLCZvUqBDTuSo8gGDbzXkxPhJs%2BhHqggSUfSbnRa8ixOuxiZxja%2FOOu6yo3L4VXukuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc0388fdc71e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6443
y7JXTS5onrE0khYGTrdh8t0HGNQ.js
www.offers4all.net/cdn-cgi/apps/body/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/cdn-cgi/apps/body/y7JXTS5onrE0khYGTrdh8t0HGNQ.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/cdn-cgi/apps/head/DT_GzQIqqc7pHW-Ac8hrvtLyRS8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8fe524f0add9c565b5722c61e63b6a810c045be77f7937796b2b884bf9fc1ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1265715
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
WR5S5TP776RJKJM3
x-amz-id-2
XMYtnQaWOn2/P00WBDnSxuBW8DpBBCl+s3+iZUmdlSKS3rTS4kgK6JabppUNdX6BNIqDKo3GBG4=
last-modified
Tue, 28 Apr 2020 12:54:20 GMT
server
cloudflare
etag
W/"0a4b5124474f0e92eea74327af636881"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkRvshOME2AXkyGH%2F1YETlXZkh%2FKvEDcwxSMhBJjw422BcWvpgjOncU9jFRPa7Usk03vbK78CCJlQtRIQ07jE0l47V2t5q8sl5F85JQO1bXPMW6LEzKsplzJqKI92Y0l4cg%2BzBymCv8K2wtY6lNN6qI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
bu8zh_9Hpca5oHXs8tFplPW8AzTGUb_7
cf-ray
6abc0388fdca1e9d-AMS
css
fonts.googleapis.com/ 		10 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 02:00:22 GMT
server
ESF
date
Wed, 10 Nov 2021 02:57:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Nov 2021 02:57:30 GMT
uicons.css
www.offers4all.net/templates/ModernBlue/css/ 		67 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/templates/ModernBlue/css/uicons.css
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f12d597028016c66ca4c7e7db40b2733243a9bc34254f677596120477fcd1a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1339
cf-polished
origSize=71765
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Jul 2020 17:08:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQD7L4CIcGlNgFOfgEWpJG6%2FnbsAg65XdPEFMFOo24qz83bN7iujFIPeL7Lua6ZALGQYL%2FPMzLoRv6S91yUPN9XZtZO%2FA%2FJ0AYopvuafXUrRae%2B3K%2F4t7yTEeWHiq%2B4AM0JZ4nkBFwg8OjT%2BAQ6HaHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
6abc03887d071e9d-AMS
cf-bgj
minify
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5352
date
Wed, 10 Nov 2021 01:28:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 10 Nov 2021 03:28:19 GMT
bitcoin.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/bitcoin.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9f985a99d7a9344f575b9dd8757ccf50c7f39897c22d55f2a02ea457fde8e41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:28 GMT
server
cloudflare
age
2036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYcy7MJZEnC1LyD5XylEz9loG4WgIubMxwwxJuAOsnmmyKhtmnOWLwnKYZRIvnYsFrNBEBHOnUPQB4Vzrt44%2B9OMNvIprjtcC%2FJp%2F%2BdT0W7DB0pnBlI1%2F%2FciqA85jBoFD%2F03nWQn55wYn67rx3uiX80%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc03890dde1e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19747
airtm.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/airtm.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4b457c6cb9f00342684bba0275d0bed68c9d2242b2db682e93c81fa685a406

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:27 GMT
server
cloudflare
age
2036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gChzTUP8KtBXWKmu106Fv7vgRM1dwG9hnP5R18WR3Ov96i30FeEGiCo5lkGbzhlWiPIJtiyo1rGbfXrXcYkPTz9%2F1YfCLNiA8WqObDdHD8xiGuPkFFZGUgRGHlGKr2tHcDtLbBgqoeWadT6RC%2Bee8ag%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc03890de11e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2433
payeer.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/payeer.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd15f45f49d9c8c0cc365d7ec9cc8787640c94b3426ce65c1ed850a592df2c24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:28 GMT
server
cloudflare
age
2036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRkxjMfYks40rOmMdZRh4tk7ssngKlywjhWg5CquSV4aWtFF86qVJ3%2Bp9NpN34uee%2F9LNkbvSD8mSil5yJdX1ZS7fqfKioxq6RriK7SV4HBaeo4XP9OOR%2Bcja%2BzTsYHtbyljHuu7esHUwMMJvXutpDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc03890dec1e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19053
benefit-1.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/benefit-1.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2882b512562d6d2f4347cf10ce626b07b14c1ffcc27bf208eb745ffda40fe3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:28 GMT
server
cloudflare
age
2036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNXmCD4NhUIcY0kSBy9xLjnIK8csa8%2FbgE8PLUe9vMYfBZcUdapVEBTkuW2r7oma5mO2oXeAolQAA8FQ9wbyuSBXQe7hxZyUwUmEYnJwQ%2FPIpMrUhjxc8ajJR7iLfU%2B0uIyHyFDmFjJoN8MPm%2BysIhg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc03891dee1e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
101948
benefits-tick.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/benefits-tick.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1c57d88acbd6a7f6150e6f899baea3e2c201f02c3460d1e82a4034e2ffef97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:27 GMT
server
cloudflare
age
2036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVHLWha56CpCqu51zItAg4Z%2BNVPzE82L27Nf05cUtAHUzU7wZ28HuEI%2F51OmiMH6%2FxAzH7l6mG5FnhZPvqJTGGDWkI8%2F4%2F%2B%2BzST821QHEg6Qq2z1Q1GJruN1ldTSPJidlShzDrOOedCRctoQTlJc654%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc03891df01e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3106
benefit-2.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/benefit-2.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f3125ce2daa1e4701aa5b680e2f90f4422b615e4190e60e946c25a4c13691e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:28 GMT
server
cloudflare
age
2036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyUdG%2Fd6BpcCRfcHVou4EJs17lYrdWjLY81Cb3tLN3XT%2B6pbGvSkdajFKuoBQ19BYkvvH6d%2FxT9TCf3mI%2BqwSuxg5c7efhX5xY3f0aMAHOJJFgxizemBDL20M%2Bv2AO7LdxK9tB%2BCrUBKKFTGk79USXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc03891df21e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
62467
benefit-3.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/benefit-3.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d330cfecc2d28cb043b621fc24ecb7bffc451a51414e4b43dbe9996859036fd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:28 GMT
server
cloudflare
age
2036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StmujD4Yt0kWMVbOhEptXoQ5JHL7%2Bl%2Bke4e69XFaO%2FWlcDwyX3mirMqZcCSTsv8gmZkM6RTGbeBJwCNbMnNKay%2BPvat1p1TSb3WR4c1o7xmDAwsfuDZmI28bPCL3AZUN4aYyDBFZ3rAxTZutIvBMhLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc03891df31e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65794
map-bg.png
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/map-bg.png
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/templates/ModernBlue/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f712ba88edafc7a37202eda92594aa25e8efd6a283c5a0489d24b3277544ce2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/templates/ModernBlue/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:28 GMT
server
cloudflare
age
2036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0vYSXLsEa8ExWQgZ%2FYgJeBgRQSEdelpa7e3Q7O7CZxNFp1jpjHGnHi%2FljkPug4m7jHs8fAjeF7wwLIw%2B4%2Fx%2FMJQG3ihQdkQfg3J6nO2W9Yv69hrVRlQlK%2FWyl3RJX1Ad16SCs5LF37W3WuKN16Fvlk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6abc03891df41e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
57635
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/3.2.1/font/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css
Origin
https://www.offers4all.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
549, 718, 718
age
17357290
cdn-cachedat
2021-04-23 04:27:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43572
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:51 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d1755c6d8b18295db17a41a2f4240c91
accept-ranges
bytes
cf-ray
6abc03893f6d417e-AMS
cdn-requestcountrycode
NL
cdn-requestpullsuccess
True
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v22/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.offers4all.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 02:53:35 GMT
x-content-type-options
nosniff
age
432236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21028
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 05 Nov 2022 02:53:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.offers4all.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:11:57 GMT
x-content-type-options
nosniff
age
107134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 21:11:57 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.offers4all.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 21:11:58 GMT
x-content-type-options
nosniff
age
107133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 08 Nov 2022 21:11:58 GMT
slider-vid.mp4
www.offers4all.net/templates/ModernBlue/css/images/custom/ 		640 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.offers4all.net/templates/ModernBlue/css/images/custom/slider-vid.mp4
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.offers4all.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Jul 2020 17:08:33 GMT
server
cloudflare
age
2355
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=famH4lNu5HR3YXK96kF38f%2B9R520J3UkYDcU%2FVAVoHyPNf8TL954OU%2BoIM4GohMG3kbMBs9XM9UhMBhv8R%2FfAcKp8WuA%2Bm8BqryavvENmkOj5C7zMR5ZVrPgHreXIGGE64Y5l%2BiPGZapf8o1lDPYtco%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-3147860/3147861
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6abc03896e6b1e9d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
3147861
core.js
static.arc.io/widget/js/ 		310 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/core.js?2326f2d
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
076b222b1d056f5506eea927973c18c7d736195002f105e918b86481db21e20a

Request headers

Referer
Origin
https://www.offers4all.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0TbCKYQAAAADvzYFGz/5eRYZ3TdKE8gFkQU1TMDRFREdFMTkyMQBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
5EGMB26KH0PPS979
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAABXxxWmqFQ0Tr8YC4bfRjHNWlJIRURHRTA3MTEAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
ZjaOjTPx3UFbEP239YVVP7QzcUzSb8/9y4mBN3Zdibb3fXAuankF//jG4HezNkhL7ABBRBl66kg=
last-modified
Thu, 28 Oct 2021 19:32:37 GMT
server
AmazonS3
etag
"c7cf763875a0e672861cec14368fa787"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
broker.html
core.arc.io/ Frame 87D7 		2 KB
905 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.arc.io/broker.html?2326f2d
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aff60aab429342ca14acac768a91f1877a51c6e7bf9d96f07f421f26f90bb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/

Response headers

cache-control
public
content-length
509
content-type
text/html
content-encoding
br
expires
Wed, 08 Dec 2021 17:20:31 GMT
last-modified
Sat, 14 Aug 2021 05:03:50 GMT
etag
"61174eb6-1fd"
vary
Accept-Encoding
x-cache
TCP_HIT
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
x-azure-ref-originshield
0C6OKYQAAAAANFqUWuh2JRJYWasIZo8DGQU1TMDRFREdFMTgwNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-azure-ref
0GzWLYQAAAACRgofQCnxSSqqeZvAuyLXiWlJIRURHRTEzMDgAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
date
Wed, 10 Nov 2021 02:57:30 GMT
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063692
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Nov 2021 02:57:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		37 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.offers4all.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a68abba98b69f0605cf7aaad8c2072c83e9a47b068a122e9b4b11f9245654793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53
x-xss-protection
0
expires
Wed, 10 Nov 2021 02:57:31 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/ 		267 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9295862422587053&plah=www.offers4all.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb94c266f9b7bdfcec7f2fcdb39082cb8ccbde9f45b58f102068196bb7478de2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97992
x-xss-protection
0
server
cafe
etag
9027102883918313510
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 02:57:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/ Frame 6D7C 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 10 Nov 2021 00:54:40 GMT
expires
Wed, 24 Nov 2021 00:54:40 GMT
content-type
text/html; charset=UTF-8
etag
4704609575283140419
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4891
x-xss-protection
0
age
7371
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		854 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=674287693&utmhn=www.offers4all.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=offers4all.net&utmhid=55308402&utmr=-&utmp=%2F&utmht=1636513050872&utmac=UA-41058957-8&utmcc=__utma%3D206838093.1958529792.1636513051.1636513051.1636513051.1%3B%2B__utmz%3D206838093.1636513051.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=232229874&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.offers4all.net
URL: https://www.offers4all.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 02:57:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.offers4all.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.offers4all.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		474 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2552929672511121&correlator=2704765047955950&output=ldjh&impl=fif&eid=31063692%2C44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211110&iu_parts=22287008444%2C8__adzbazar.com__default__Infold&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie_enabled=1&bc=31&abxe=1&lmt=1636513050&dt=1636513050973&dlt=1636513050490&idt=445&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3726559725&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.offers4all.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1975&msz=1x-1&ga_vid=1958529792.1636513051&ga_sid=1636513051&ga_hid=55308402&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1dc0ac3a1a4ffe4b30186fe674c882976a635e30b0d4828cd62e00cfaca4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.offers4all.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
98250f023689eca207f5635046a87676.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 93A6 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://98250f023689eca207f5635046a87676.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 10 Nov 2021 02:57:31 GMT
expires
Thu, 10 Nov 2022 02:57:31 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		204 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.offers4all.net&callback=_gfp_s_&client=ca-pub-9295862422587053
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9295862422587053&plah=www.offers4all.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.168.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ece4f78820fea0a9619139c10445087c171ae881692a7bb32e5dcfd266ad576d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D65A 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9295862422587053&output=html&adk=1812271804&adf=3025194257&lmt=1636513051&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.offers4all.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636513050826&bpp=4&bdt=336&idt=171&shv=r20211108&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6636689196868&frm=20&pv=2&ga_vid=1958529792.1636513051&ga_sid=1636513051&ga_hid=55308402&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354&oid=2&pvsid=2552929672511121&pem=417&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=195
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9295862422587053&plah=www.offers4all.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 10 Nov 2021 02:57:31 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 10 Nov 2021 02:57:31 GMT
cache-control
private
broker.dcd0e0f1.js
static.arc.io/broker/js/ Frame 87D7 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/broker.dcd0e0f1.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ff1ba9168acd72b164d43b76293ebc0dd85bb6ead45bc4eafc573cca190987a

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0UoWKYQAAAABMmIN3wyN5RZRMps39QnpBQU1TMDRFREdFMTgyMgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
R8SDSPFGXM62JGWY
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAAASGPHlRgaNQLK3X2H4junrWlJIRURHRTA3MTEAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
Tgm9b3HpDeDtZViZqumfDr11/HayvwDPUykbdue0WixG1ozEWXFKB5jGFm4ovLDEMVLxZLxFNhc=
last-modified
Sat, 14 Aug 2021 05:04:21 GMT
server
AmazonS3
etag
"b9bd4615b13b095520ab7444cbff4593"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
chunk-vendors.5e1d8045.js
static.arc.io/broker/js/ Frame 87D7 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:30 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0XxGLYQAAAADxpSnvVGtmQZ594OuFS+I0QU1TMDRFREdFMTgxNABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
JZWA4G8FADY30F7M
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAABeo+5UYDsGSY/7PNVjoQ9EWlJIRURHRTA3MTEAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
HdRAX/ckfcInLJByhImMaSQiAdiIZvbe+0EOTxz0MAje1oN1Nw5Bek7Jf3dh0wzkZ2ELuQIMe7c=
last-modified
Sat, 14 Aug 2021 05:04:21 GMT
server
AmazonS3
etag
"7baaa27cb0e1201fe90ecc5efca8fbcf"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 87D7 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0cLuKYQAAAABYW7JNs6BeTrXxKDd3+y2KQU1TMDRFREdFMTgxMQBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
JD1RV09DQM4J0T65
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAABZ9Q9JEeRaRJyqgkiBPuwGWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
IudKWT7ksHp+GqXhMGel2FQwyNc6Ewmu8BRtbgUVf8cx2chszuqH9+gXhnU0KmnngyLfV8Kv99Y=
last-modified
Sat, 14 Aug 2021 05:04:21 GMT
server
AmazonS3
etag
"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 87D7 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0Bo6KYQAAAACTzVz7Ps7+QY5ijIOsvgV2QU1TMDRFREdFMTkxNgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
GWS15M00YGHP91XE
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAAAWiw3l1Lj/SYS4LgL9njsCWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
R/7Fb0icFVSi3xq3MWL97jyQDLmFFlfzyLLSerywx9+NieA0Vnf99b0y5wOCrCm45F5VaiPw0/M=
last-modified
Sat, 14 Aug 2021 05:04:21 GMT
server
AmazonS3
etag
"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
vendors~widget-ui.js
static.arc.io/widget/js/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0Ga+KYQAAAAD9mG3LtsYEQ6dfyQ1OX5EiQU1TMDRFREdFMTkxNABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
PVKFAQH74ZBR1HPE
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAADfwMy96zQZSKNgMy8u9anYWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
eM0Nb9cvoIOzNFWQOLq9P4nJsGH1ztUEOvkNS8pd595xrlHsLDu5SBbD/e+HNbMJIvL8AP4U1pQ=
last-modified
Thu, 28 Oct 2021 19:32:37 GMT
server
AmazonS3
etag
"5f5181a44cab6b9ccdc03f0d9f46e177"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
widget.css
static.arc.io/widget/css/ 		85 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?2326f2d
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
036mKYQAAAAD+L0Jto24RQozXwJ2yfyqoQU1TMDRFREdFMTkxMQBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
TG0Y23QD6BFGKV3E
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAAC2suoW+nJxQo12G2cJKhyLWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
/jv/JofQfSs0hywJVC0wfnyXIGuqP6yOvo7ENFyFVR3x7Ck5Sx6R7RSrub7aSW4fNVs1z7A3BK0=
last-modified
Thu, 28 Oct 2021 19:32:37 GMT
server
AmazonS3
etag
"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
widget-ui.js
static.arc.io/widget/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-ui.js?c729574a
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a14c5bd9b77327adfa00669612c289eec1ef14d28cd1843301f069d237a1339e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0FiGLYQAAAACKLbL444mKQr+zfXD6Q4aKQU1TMDRFREdFMTkwNgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
1WFT8BSKWYD3VZVS
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAADDkKSe9m12SLm6QiZ3P31HWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
ADgpMMD4YBrzxAbYGRl1t605Iuu9EF5ZnlmC9vgap5ByVOEW9WNvyhpyr+HYQ2qZhxxaRs9Rtpg=
last-modified
Thu, 28 Oct 2021 19:32:37 GMT
server
AmazonS3
etag
"662d0f009df66a80b2998de512b22d1e"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a3e2ce7fe28a36447de618cb8cd31a54a77787816b92a19eeae3f238bfbbfaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9257
x-xss-protection
0
widget.css
static.arc.io/widget/css/ Frame 9432 		85 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?2326f2d
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c729574a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
036mKYQAAAAD+L0Jto24RQozXwJ2yfyqoQU1TMDRFREdFMTkxMQBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
TG0Y23QD6BFGKV3E
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAABZdaXxOdgTS7m9XGo5n25qWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
/jv/JofQfSs0hywJVC0wfnyXIGuqP6yOvo7ENFyFVR3x7Ck5Sx6R7RSrub7aSW4fNVs1z7A3BK0=
last-modified
Thu, 28 Oct 2021 19:32:37 GMT
server
AmazonS3
etag
"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 9432 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c729574a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9002935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxI3ZY8qVGuxAhEPxpceqE7ZUF0Llz%2Bw3LcDoSjc0%2BXHQ39pRxYkOI5FvhXrCU8xm%2FuwlTvU1scO7v%2FybQaR%2BBAZJpBDdZvPFXmHE3jbHNbACgObvQcjOiI7T72DcokrrKN4VxXIW8IFG%2BVW%2Bt6u60Hh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6abc038ccbce421e-AMS
expires
Mon, 31 Oct 2022 02:57:31 GMT
widget.css
static.arc.io/widget/css/ Frame FCBF 		85 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?2326f2d
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c729574a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
036mKYQAAAAD+L0Jto24RQozXwJ2yfyqoQU1TMDRFREdFMTkxMQBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
TG0Y23QD6BFGKV3E
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAABaPYNLZEZbRbkBcSsD+CsfWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
/jv/JofQfSs0hywJVC0wfnyXIGuqP6yOvo7ENFyFVR3x7Ck5Sx6R7RSrub7aSW4fNVs1z7A3BK0=
last-modified
Thu, 28 Oct 2021 19:32:37 GMT
server
AmazonS3
etag
"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame FCBF 		2 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c729574a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9002935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNAVeS6mXL1tQX%2FsqfvxcyW55fXZhLGIF0Q7casVOAyPzFXgpJXQr%2FyJKe48adDBDA%2BqvgxOgEJtfpSSOgpDnxcunmZQiJZ78yycrJaYfdMHR%2F4i6Y1xs3unB4ko4lamMFDUhnzLUMjbeE3NGSGA5eDp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6abc038ccbd1421e-AMS
expires
Mon, 31 Oct 2022 02:57:31 GMT
truncated
/ Frame 9432 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FCBF 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FCBF 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FCBF 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FCBF 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FCBF 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FCBF 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FCBF 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 10 Nov 2021 02:57:31 GMT
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 87D7 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.dcd0e0f1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0Bo6KYQAAAACTzVz7Ps7+QY5ijIOsvgV2QU1TMDRFREdFMTkxNgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
GWS15M00YGHP91XE
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAAC66eVFAxfbS5Z/zm/NH3HtWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
R/7Fb0icFVSi3xq3MWL97jyQDLmFFlfzyLLSerywx9+NieA0Vnf99b0y5wOCrCm45F5VaiPw0/M=
last-modified
Sat, 14 Aug 2021 05:04:21 GMT
server
AmazonS3
etag
"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
/
tracker.arc.io/ 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D8B8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::84 Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 06 Nov 2021 04:30:49 GMT
expires
Sun, 06 Nov 2022 04:30:49 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
340003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FB15 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1b7c448964a352c1ff45fab304d5c0780a07fe92f4ff2a29cc1419fb257c4ee6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5cfMWUzV9fVL7aXdSuwpUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 10 Nov 2021 02:57:31 GMT
date
Wed, 10 Nov 2021 02:57:31 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5cfMWUzV9fVL7aXdSuwpUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame FB15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110901&jk=2552929672511121&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 87D7 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.dcd0e0f1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0cLuKYQAAAABYW7JNs6BeTrXxKDd3+y2KQU1TMDRFREdFMTgxMQBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
JD1RV09DQM4J0T65
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAACY/WDlVVvnRbtepoNqxNE1WlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
IudKWT7ksHp+GqXhMGel2FQwyNc6Ewmu8BRtbgUVf8cx2chszuqH9+gXhnU0KmnngyLfV8Kv99Y=
last-modified
Sat, 14 Aug 2021 05:04:21 GMT
server
AmazonS3
etag
"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
JFtV3mhrR2QnUuP2AYvcdE
warden.arc.io/mailbox/nodes/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://warden.arc.io/mailbox/nodes/JFtV3mhrR2QnUuP2AYvcdE
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?2326f2d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-141-84.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.offers4all.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 Nov 2021 02:57:32 GMT
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security
max-age=15724800; includeSubDomains
vendors~widget-sc-client.js
static.arc.io/widget/js/ 		60 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0WZmKYQAAAABBBvTCcHwKQb+vxxIPlX8jQU1TMDRFREdFMTgxMABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
SHVZPXGT1J50ZRTR
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAACuLQqYEW7/SqpdZfr6+Av/WlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
QQGxvdQocrxGfiGRvZmq57KzPGNdaW11FbKFN3IT0/Qrk2JmaKx4knSlPV3bjah2/35+7MT6xJc=
last-modified
Thu, 28 Oct 2021 19:32:37 GMT
server
AmazonS3
etag
"fa12476f8ee3c92b8369e0c9d3b915f9"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
widget-sc-client.js
static.arc.io/widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-sc-client.js?5230d45a
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?2326f2d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e234d40f147f882074ec0cdc8056cbef522781262830a7e41594815da1839f7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 02:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0XbiKYQAAAAB2wRDvLOeIS5/hF/WM7QlTQU1TMDRFREdFMTgxMABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
DXGJYVF49543YJV0
x-cache
TCP_HIT
x-azure-ref
0GzWLYQAAAABVag75Sb5eQJu7EEFocVkpWlJIRURHRTA3MTIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
pMh1J74BZ6smpcsHTqG0FfWDP0QhAud+pJg3Cj+TPGtz9Y58gb2/Gke7tFdEknjy9cvTe3m8rb4=
last-modified
Thu, 28 Oct 2021 19:32:37 GMT
server
AmazonS3
etag
"d89aac5aa14dfdd92a465a008245a510"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
pagead2.googlesyndication.com/bg/ Frame D8B8 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
8177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13451
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 00:41:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110901&jk=2552929672511121&bg=!bW6lbirNAAYDGbPvAxk7ACkAdvg8WhMPwjj9DYb9t5LnK7xYeSlyHpAnZpv9stPc42JQ9Zqpte6QogIAAABnUgAAAAhoAQcKAEzYqiG29tPcoO4zaIW_F4FWi_Wv-U77wr9bz5cD_Nyjdc0jOavON-L6Ny2mliJZ0rWTtx1FkXNLssyRPSWhai3nzdt0ekZ6nf5jkq4-mQLI7TW_dZETFdAOwmg39xU_gvlXtKAGp1ZEAuLti00qvMkdB17mJs2ZBMmeepy6fsPJbuS8lhfM9rtOndIGdsegspIQa92FPIzFam4kDO4L1aKGKqGWJnKhBcgVDGZlD215ipAXej8QfDIFf270xRhHb7SoHhuzKAbjHg3oGnE6CU90zBQa5PvsfjmcxDuBGrOJfrEqRXomlVtzVloXsaoPhsF6NsdkIxtcNUHGFXHTJt5IxfMWaRSBznz_o5EMLspuqdIPEbyw9FskVG9f3KcI063UhLKTFViPtydQTfDx8QLiqCYr65HuhaEfobP5qsQq_97K63bGcBo7zOHcHY1BVp8hWyQRFU5UTBw4J3g8f2UVNvH3NowVsWm9hieKUMLtL3yCN0D2W8A3GJvKUPBd-xGPLKBwpwbek5B1qXJGBkTv7VDm95UlILFmmX8eKUqBszE7SEmxmyrNB4xDUoKYSuncWN7DCQ-36-EnFSqWlj19TJNIjofeSlm7Xz-48M7CzFl9Z-ofjABinXac-VN3Ou5hSDsV4Shwvk2WmX-9W2-SNbxyUEwyzlwcLiDKdWDMMsQTmVwJ_1tL_ssYn6QTNC6lyFD3cG6Efv2vf6Ww7d_qYxaZOKS-rqLWtFZzw62iGmcSBfM83rB9ILg3YhwdKBVCmyDjjE31EkU1iTcY1znj_EFo0W56vk8pQjSk6HmCXJUoidTn2-nbRKEC4AUpAHQRhsWqyDd2nw1o2vvLoQCxVtDCx6iVWHB12AW4X7Z6ylpwzXDngCr-xcnoeaD1qeDMXzNy9tqggY8WiVwWu8HJfC4x0YEv9ExS78mJ2IHrMGmgmqSFKDQjjXCRdB5Makr-SM8SFXxVx4jixj_og7lNkr9eWDFHe-EycfdYibHJuviNb7GjoJLw3OPUBu2Vqc8fyDUK7HNmFgIT4EAVspAJxN24bnSS0g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.offers4all.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 02:57:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
batch
www.google-analytics.com/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/batch
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?2326f2d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.offers4all.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Nov 2021 02:57:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.offers4all.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tracker.arc.io
URL
https://tracker.arc.io/

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| CloudflareApps function| $ function| jQuery function| DP_jQuery_1636513050605 function| loginkeyboard function| updateemail function| submitform function| checkall function| sowdeletionbar function| showWindowsModal function| openWindows function| forum_preview function| submitpayment function| loginoutprocess function| forum_openclosetopic function| adcontrol function| createad function| allocatead function| ptsuadvaction function| forum_postdelete function| calculatecredits function| recalculatecredits function| updatepack function| prepare_payment function| cancel_payad function| showerror function| hideerror function| dateTimer function| requestpayment function| showextensionbar function| message_action function| ptcevolution_surfer function| vshowadbar function| vendprogress function| hideAdminAdvertisement function| hideAdvertisement function| showtemplatebar function| restored_template function| update_template function| showlangbar function| restored_language function| update_language function| captchareload object| googletag object| _gaq object| jQuery18205917407676666566 object| Sentry object| __arc__ object| arc object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| _gat object| gaGlobal object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| arcWidgetJsonp object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
offers4all.net/ Name: PHPSESSID
Value: 4467443293b9c158cccc51e59dd18aef
www.offers4all.net/ Name: PHPSESSID
Value: 56468b7d9f37f07eb59d1ade3940215d
.offers4all.net/ Name: __utma
Value: 206838093.1958529792.1636513051.1636513051.1636513051.1
.offers4all.net/ Name: __utmc
Value: 206838093
.offers4all.net/ Name: __utmz
Value: 206838093.1636513051.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.offers4all.net/ Name: __utmt
Value: 1
.offers4all.net/ Name: __utmb
Value: 206838093.1.10.1636513051
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.offers4all.net/ Name: __gads
Value: ID=27fdf11675aa5841-220a34a33dcb009a:T=1636513051:RT=1636513051:S=ALNI_MYBRaHj1rutatYNmcyBV74V202WPg
core.arc.io/ Name: _immortal|Arc_nodeId
Value: JFtV3mhrR2QnUuP2AYvcdE
.arc.io/ Name: widgetOptState
Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222021-11-10T02:57:31.132Z%22%2C%22dismissedAt%22:null}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

98250f023689eca207f5635046a87676.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
arc.io
cdnjs.cloudflare.com
core.arc.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
netdna.bootstrapcdn.com
offers4all.net
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.arc.io
tpc.googlesyndication.com
tracker.arc.io
warden.arc.io
www.google-analytics.com
www.google.com
www.offers4all.net
tracker.arc.io
142.250.185.162
172.217.168.226
18.223.141.84
2606:4700:3033::6815:3697
2606:4700:3035::ac43:8bf7
2606:4700::6810:135e
2606:4700::6812:bcf
2620:1ec:bdf::45
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4025:401::84
65.9.83.81
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01d27e18a77b9946065a17636f3d4dd491063f8e92016e97c1ab9b739738b0e9
076b222b1d056f5506eea927973c18c7d736195002f105e918b86481db21e20a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1b7c448964a352c1ff45fab304d5c0780a07fe92f4ff2a29cc1419fb257c4ee6
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
1e68cbacbe27a32e9d10df40b6cc724e9c29abed6152c7b454426d5b76c5a5db
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
2494fe68e2f45ff979dc8729b79d9111c6c983bae450e12edd72e389db54ea1b
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014
2c454e7c5958c61f1bc4af3f7cef6239a33d9abca0d467e10993d1e6bafc4e07
2e15a328673bafb9d6b86f2587ac4ea9e5e3e372cd5e938685d0a753ac2fb78a
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
3a3e2ce7fe28a36447de618cb8cd31a54a77787816b92a19eeae3f238bfbbfaf
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
46922def6b45b05fbbec080d32519c6ba46ce267c4159949ae9fd678c150b158
47c0af12581f89dfd809b1a448203c350330b3bc96d9f113ebf274e96386130f
4c1c57d88acbd6a7f6150e6f899baea3e2c201f02c3460d1e82a4034e2ffef97
4f2882b512562d6d2f4347cf10ce626b07b14c1ffcc27bf208eb745ffda40fe3
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
6f12d597028016c66ca4c7e7db40b2733243a9bc34254f677596120477fcd1a5
75a721f6f467fcda98080593f318b78ff31558e822d283d473cabd3ad0d49b24
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca
87ad2ef6106ceaae60bd93933cb3cc6defe63a5ec00188493227327260d2bf6c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a4b457c6cb9f00342684bba0275d0bed68c9d2242b2db682e93c81fa685a406
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
8ff1ba9168acd72b164d43b76293ebc0dd85bb6ead45bc4eafc573cca190987a
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a14c5bd9b77327adfa00669612c289eec1ef14d28cd1843301f069d237a1339e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68abba98b69f0605cf7aaad8c2072c83e9a47b068a122e9b4b11f9245654793
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aff60aab429342ca14acac768a91f1877a51c6e7bf9d96f07f421f26f90bb9d6
c5a8ae2faafdab311bfddaa0851f9b2cf67ed15dc5ccf540a5e54bf2cb744b03
c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d
c7e0fbe04ced2489dc388b0b710374790593e5f45799a138a2d4b68fdeaa0d8d
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cd15f45f49d9c8c0cc365d7ec9cc8787640c94b3426ce65c1ed850a592df2c24
d330cfecc2d28cb043b621fc24ecb7bffc451a51414e4b43dbe9996859036fd6
d5b85a4e316a5fff8d5f135a48b437ca915a712eef333395b7646fe77651fc29
d8fe524f0add9c565b5722c61e63b6a810c045be77f7937796b2b884bf9fc1ef
e234d40f147f882074ec0cdc8056cbef522781262830a7e41594815da1839f7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
e9f3125ce2daa1e4701aa5b680e2f90f4422b615e4190e60e946c25a4c13691e
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
ece4f78820fea0a9619139c10445087c171ae881692a7bb32e5dcfd266ad576d
ef1dc0ac3a1a4ffe4b30186fe674c882976a635e30b0d4828cd62e00cfaca4a2
f2961ef025e9598bbc17229d642d373a9eb7feaa927ac1149a1bfc546d31caed
f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b
f49cd8953be6166c0155bd1e5235357265de5da22bd267cb5cbe6a044b9fec55
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f6de23ec36330c7dccf6eddad5cf7e2241239ebe219cd5f3e6dd6dfef84e4b16
f712ba88edafc7a37202eda92594aa25e8efd6a283c5a0489d24b3277544ce2b
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f9f985a99d7a9344f575b9dd8757ccf50c7f39897c22d55f2a02ea457fde8e41
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fb94c266f9b7bdfcec7f2fcdb39082cb8ccbde9f45b58f102068196bb7478de2