urlscan.io logo urlscan.io
SecurityTrails logo

df75908d.myoffer.pro Open in urlscan Pro
2606:4700:3030::6812:2cd8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://women.thefashiondresses.site/
Effective URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Submission: On May 25 via manual from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3030::6812:2cd8, located in United States and belongs to CLOUDFLARENET, US. The main domain is df75908d.myoffer.pro.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 11th 2019. Valid for: a year.
This is the only time df75908d.myoffer.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 116.202.209.183 24940 (HETZNER-AS)
1 3 198.143.165.221 32475 (SINGLEHOP...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 104.18.27.20 13335 (CLOUDFLAR...)
31 7
12    2606:4700:3031::681b:8912 (United States)

ASN13335 (CLOUDFLARENET, US)
women.thefashiondresses.site
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
webyonlendir.blogspot.com
1    116.202.209.183 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.183.209.202.116.clients.your-server.de
fast-redirecting.com
3    198.143.165.221 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
c.redirect750.us
12    2606:4700:3030::6812:2cd8 (United States)

ASN13335 (CLOUDFLARENET, US)
df75908d.myoffer.pro
4    104.18.27.20 (United States)

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
assets.hcaptcha.com
Domain Requested by
12 df75908d.myoffer.pro c.redirect750.us
df75908d.myoffer.pro
12 women.thefashiondresses.site 1 redirects women.thefashiondresses.site
3 assets.hcaptcha.com df75908d.myoffer.pro
assets.hcaptcha.com
3 c.redirect750.us 1 redirects fast-redirecting.com
c.redirect750.us
1 hcaptcha.com 1 redirects
1 fast-redirecting.com webyonlendir.blogspot.com
1 webyonlendir.blogspot.com women.thefashiondresses.site
1 fonts.googleapis.com women.thefashiondresses.site
31 8

This site contains links to these domains. Also see Links.

Domain
premedic.info
chrome.google.com
www.cloudflare.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-05 -
2020-10-09		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
fast-redirecting.com
Let's Encrypt Authority X3		 2020-03-25 -
2020-06-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Frame ID: B63CD7DC6A40CA6F6950EC301C32F761
Requests: 29 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/0686118/static/hcaptcha-challenge.html
Frame ID: 99173776B87AC92840DFEAF8F11C46D3
Requests: 1 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/0686118/static/hcaptcha-checkbox.html
Frame ID: 2D347E8E636FC71BD9411028C0981320
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://women.thefashiondresses.site/ HTTP 301
    https://women.thefashiondresses.site/ Page URL
  2. https://webyonlendir.blogspot.com/ Page URL
  3. https://fast-redirecting.com/sl/85cddafe Page URL
  4. http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream... Page URL
  5. http://c.redirect750.us/?utm_term=6830704378295353470&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  6. http://c.redirect750.us/proc.php?21a0de4b609f3316312250b64e02e821254dacfc HTTP 302
    https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /zepto.*\.js/i

Page Statistics

31
Requests

94 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

178 kB
Transfer

628 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://women.thefashiondresses.site/ HTTP 301
    https://women.thefashiondresses.site/ Page URL
  2. https://webyonlendir.blogspot.com/ Page URL
  3. https://fast-redirecting.com/sl/85cddafe Page URL
  4. http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=427a154c2bcf21b8ff4d69e65ad26da5 Page URL
  5. http://c.redirect750.us/?utm_term=6830704378295353470&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d Page URL
  6. http://c.redirect750.us/proc.php?21a0de4b609f3316312250b64e02e821254dacfc HTTP 302
    https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://women.thefashiondresses.site/ HTTP 301
  • https://women.thefashiondresses.site/
Request Chain 26
  • https://hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit HTTP 302
  • https://assets.hcaptcha.com/captcha/v1/0686118/hcaptcha.min.js

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
women.thefashiondresses.site/
Redirect Chain
  • http://women.thefashiondresses.site/
  • https://women.thefashiondresses.site/
27 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.6 PleskLin
Resource Hash
84544ad24e10f5c0c075d18b68cea62ad26c7a6b2571b8b89812e4b37299efd1

Request headers

:method
GET
:authority
women.thefashiondresses.site
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d90c1daee97f76374f747f7bc2dee39831590397296
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 25 May 2020 09:01:36 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.6 PleskLin
link
<https://women.thefashiondresses.site/wp-json/>; rel="https://api.w.org/", <https://women.thefashiondresses.site/>; rel=shortlink
vary
Accept-Encoding,User-Agent
x-mod-pagespeed
1.13.35.2-0
cache-control
max-age=0, no-cache, s-maxage=10
x-cache-status
BYPASS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
598e129dac1818e5-FRA
content-encoding
br
cf-request-id
02eca9f68b000018e54603b200000001

Redirect headers

Date
Mon, 25 May 2020 09:01:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d90c1daee97f76374f747f7bc2dee39831590397296; expires=Wed, 24-Jun-20 09:01:36 GMT; path=/; domain=.thefashiondresses.site; HttpOnly; SameSite=Lax
Location
https://women.thefashiondresses.site/
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
598e129cfb9b3260-FRA
cf-request-id
02eca9f61800003260b32aa200000001
style.min.css
women.thefashiondresses.site/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-includes/css/dist/block-library/style.min.css?ver=5.3.3
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Nov 2019 22:06:04 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5dc1f24c-a1fb"
x-cache-status
BYPASS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
598e129f88ea18e5-FRA
cf-request-id
02eca9f7b3000018e546077200000001
style.min.css
women.thefashiondresses.site/wp-content/themes/neve/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-content/themes/neve/style.min.css?ver=2.6.4
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
cb0c647b1a5a686c8451d2632eecec8a545240bbfc589911d6f69f34cdd4e077

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2644
x-powered-by
PleskLin
x-cache-status
BYPASS
status
200
cf-request-id
02eca9f7b3000018e546078200000001
last-modified
Wed, 25 Mar 2020 16:00:40 GMT
server
cloudflare
etag
W/"5e7b8028-c7e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
598e129f88ed18e5-FRA
elementor-icons.min.css
women.thefashiondresses.site/wp-content/plugins/elementor/assets/lib/eicons/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.6.2
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
445cd8a23972ac2d37cbc1676f21486a7f634cdc81fd8dac262935e27914647c

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 May 2020 18:30:07 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5eac6aaf-3e7e"
x-cache-status
BYPASS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
598e129f88f218e5-FRA
cf-request-id
02eca9f7b4000018e546079200000001
animations.min.css
women.thefashiondresses.site/wp-content/plugins/elementor/assets/lib/animations/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.9.8
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2644
x-powered-by
PleskLin
x-cache-status
BYPASS
status
200
cf-request-id
02eca9f7b4000018e54607a200000001
last-modified
Fri, 01 May 2020 18:30:07 GMT
server
cloudflare
etag
W/"5eac6aaf-4824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
598e129f88f418e5-FRA
frontend.min.css
women.thefashiondresses.site/wp-content/plugins/elementor/assets/css/ 		108 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.9.8
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d574be1557f9fd461e6fccef27e5bb97622031363b2d8adfed696439927b2384

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2644
x-powered-by
PleskLin
x-cache-status
BYPASS
status
200
cf-request-id
02eca9f7b4000018e54607b200000001
last-modified
Fri, 01 May 2020 18:30:07 GMT
server
cloudflare
etag
W/"5eac6aaf-1b0f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
598e129f88f518e5-FRA
global.css
women.thefashiondresses.site/wp-content/uploads/elementor/css/ 		6 KB
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-content/uploads/elementor/css/global.css?ver=1588359327
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
57b22f3a5df6b64e6c861d24379cc781da036eaff1326d9c508e593acdda3cb1

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2644
x-powered-by
PleskLin
x-cache-status
BYPASS
status
200
cf-request-id
02eca9f7b4000018e54607c200000001
last-modified
Fri, 01 May 2020 18:55:27 GMT
server
cloudflare
etag
W/"5eac709f-16db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
598e129f88f718e5-FRA
css
fonts.googleapis.com/ 		47 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.3.3
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af86b890070fab2cf95d1cdd277f5f477c97e3c6538fdbd5744483d8cb4cfbe8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 May 2020 09:01:36 GMT
server
ESF
date
Mon, 25 May 2020 09:01:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 May 2020 09:01:36 GMT
frontend.js
women.thefashiondresses.site/wp-content/themes/neve/assets/js/build/modern/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=2.6.4
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
51569e74dc39ef446aebc202eb0cbfe6b3ca6bdb78ff6b78f55528f1a5a8bd41

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2644
x-powered-by
PleskLin
x-cache-status
BYPASS
status
200
cf-request-id
02eca9f7b4000018e54607d200000001
last-modified
Wed, 25 Mar 2020 16:00:40 GMT
server
cloudflare
etag
W/"5e7b8028-15c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
598e129f88f918e5-FRA
comment-reply.min.js
women.thefashiondresses.site/wp-includes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-includes/js/comment-reply.min.js?ver=5.3.3
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2644
x-powered-by
PleskLin
x-cache-status
BYPASS
status
200
cf-request-id
02eca9f7b4000018e54607e200000001
last-modified
Mon, 11 Nov 2019 16:59:02 GMT
server
cloudflare
etag
W/"5dc99356-951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
598e129f88fa18e5-FRA
wp-embed.min.js
women.thefashiondresses.site/wp-includes/js/ 		1 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-includes/js/wp-embed.min.js?ver=5.3.3
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2644
x-powered-by
PleskLin
x-cache-status
BYPASS
status
200
cf-request-id
02eca9f7b6000018e54607f200000001
last-modified
Sat, 05 Oct 2019 19:49:10 GMT
server
cloudflare
etag
W/"5d98f3b6-577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
598e129f88fd18e5-FRA
wp-emoji-release.min.js
women.thefashiondresses.site/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://women.thefashiondresses.site/wp-includes/js/wp-emoji-release.min.js?ver=5.3.3
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://women.thefashiondresses.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:36 GMT
content-encoding
br
cf-cache-status
HIT
age
2644
x-powered-by
PleskLin
x-cache-status
BYPASS
status
200
cf-request-id
02eca9f7e9000018e546082200000001
last-modified
Tue, 05 Nov 2019 22:16:02 GMT
server
cloudflare
etag
W/"5dc1f4a2-362a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
598e129fd99718e5-FRA
/
webyonlendir.blogspot.com/ 		64 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webyonlendir.blogspot.com/
Requested by
Host: women.thefashiondresses.site
URL: https://women.thefashiondresses.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
webyonlendir.blogspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://women.thefashiondresses.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://women.thefashiondresses.site/

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Mon, 25 May 2020 09:01:36 GMT
date
Mon, 25 May 2020 09:01:36 GMT
cache-control
private, max-age=0
last-modified
Fri, 22 May 2020 18:32:19 GMT
etag
W/"fce1a3a794b0501b5c0853c0802f6c9ecf3469c6349e783cbf78a4e1b882264e"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
14890
server
GSE
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Cookie set 85cddafe
fast-redirecting.com/sl/ 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fast-redirecting.com/sl/85cddafe
Requested by
Host: webyonlendir.blogspot.com
URL: https://webyonlendir.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.209.183 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.183.209.202.116.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
57fcd66a62b316aaa850f1d344e19ce79ba5cb31d3c57c0845ae307e1030e3c2

Request headers

Host
fast-redirecting.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://webyonlendir.blogspot.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://webyonlendir.blogspot.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Mon, 25 May 2020 09:01:37 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Expires
Sun, 01 Jan 2010 00:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
user_key=1598173297%7CZmIwYTc5YjYxMmFmMjE1MjUyZWEzZjE4Y2IzNGQ5NTA%3D%7C05835631fa71a711abdf0f5701a1a0ec57b5c824; path=/; expires=Sun, 23-Aug-2020 09:01:37 UTC visited.85cddafe=1590440497%7CYToxOntpOjEzNDY7aToxO30%3D%7Cab5571dd58baa310b545e1519ec977bb3117786e; path=/; expires=Mon, 25-May-2020 21:01:37 UTC visited_time.85cddafe=1590440497%7CMTU5MDQ0MDQ5Nw%3D%3D%7C5ba5376a873c49f59af30952004bac1133da5917; path=/; expires=Mon, 25-May-2020 21:01:37 UTC tracking.1.85cddafe=1590483697%7CMQ%3D%3D%7C11afcdda4193bd21658ca6d2276cb871bc4f4746; path=/; expires=Tue, 26-May-2020 09:01:37 UTC tracking.1.85cddafe-1346=1590656497%7CMQ%3D%3D%7C88ae5dc903e335dbaaa82ef4b857fbb8f98af4d8; path=/; expires=Thu, 28-May-2020 09:01:37 UTC
Content-Encoding
gzip
Cookie set /
c.redirect750.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=427a154c2bcf21b8ff4d69e65ad26da5
Requested by
Host: fast-redirecting.com
URL: https://fast-redirecting.com/sl/85cddafe
Protocol
HTTP/1.1
Server
198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
43e9d9d372f6f150f1cabd4e549f9829878a2bf224f421f0113e02fe00794d0d

Request headers

Host
c.redirect750.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Mon, 25 May 2020 09:01:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
u=c67114d5d08fdf7000f6e34ed619c5f7; expires=Tue, 25-May-2021 09:01:37 GMT; Max-Age=31536000; path=/
Content-Encoding
gzip
/
c.redirect750.us/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://c.redirect750.us/?utm_term=6830704378295353470&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Requested by
Host: c.redirect750.us
URL: http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=427a154c2bcf21b8ff4d69e65ad26da5
Protocol
HTTP/1.1
Server
198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
d686a97d22facf0e3cb51a878b5fcdb47954df009415acce0a897f87dfeef73f

Request headers

Host
c.redirect750.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=427a154c2bcf21b8ff4d69e65ad26da5
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
u=c67114d5d08fdf7000f6e34ed619c5f7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://c.redirect750.us/?utm_medium=b682fbb7dc542d9c148486129c2fb2a99574e9b9&utm_campaign=mainstream&cid=427a154c2bcf21b8ff4d69e65ad26da5

Response headers

Server
nginx
Date
Mon, 25 May 2020 09:01:37 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
Primary Request 48584c8e13
df75908d.myoffer.pro/oc/
Redirect Chain
  • http://c.redirect750.us/proc.php?21a0de4b609f3316312250b64e02e821254dacfc
  • https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Requested by
Host: c.redirect750.us
URL: http://c.redirect750.us/?utm_term=6830704378295353470&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4199498db68f4bf6526f9f90c4140d1c6c25fef5b5159532eb360f12f3a287a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
df75908d.myoffer.pro
:scheme
https
:path
/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://c.redirect750.us/?utm_term=6830704378295353470&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://c.redirect750.us/?utm_term=6830704378295353470&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d#

Response headers

status
403
date
Mon, 25 May 2020 09:01:38 GMT
content-type
text/html; charset=UTF-8
cf-chl-bypass
1
set-cookie
__cfduid=df80ef11e40c45404cd1c10c922e566e51590397298; expires=Wed, 24-Jun-20 09:01:38 GMT; path=/; domain=.myoffer.pro; HttpOnly; SameSite=Lax __cf_bm=792ab6eaf53b90d09ab7bc2b1afcba75ee20b50c-1590397298-1800-ASUaVsePjt1m5EhSyQ7bZvORsfyyoLoRQMcR/nOJ/wUf/a33R5yfkZZU44Ujx/B31OSf+EOxmArfMzP6nw0Pa7U=; path=/; expires=Mon, 25-May-20 09:31:38 GMT; domain=.myoffer.pro; HttpOnly; Secure; SameSite=None
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
598e12a91fe92fa5-FRA
content-encoding
br
cf-request-id
02eca9fdb100002fa57c2ef200000001

Redirect headers

Server
nginx
Date
Mon, 25 May 2020 09:01:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
cf.errors.css
df75908d.myoffer.pro/cdn-cgi/styles/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2dba22a9ee028e3aa09baa7c36e14c86effba2516862aad01019c06e757b375
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ebacb03-6eeb"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=7200, public
cf-ray
598e12a9589f2fa5-FRA
cf-request-id
02eca9fdd400002fa57c2f3200000001
expires
Mon, 25 May 2020 11:01:38 GMT
zepto.min.js
df75908d.myoffer.pro/cdn-cgi/scripts/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df75908d.myoffer.pro/cdn-cgi/scripts/zepto.min.js
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb3d0c8bdaa4ff0e4808dd9f53c33f0898fd934c3df605368b82a92c88ec049
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
etag
W/"5ebacb03-618f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
598e12a958a12fa5-FRA
cf-request-id
02eca9fdd400002fa57c2f4200000001
expires
Wed, 27 May 2020 09:01:38 GMT
cf.common.js
df75908d.myoffer.pro/cdn-cgi/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df75908d.myoffer.pro/cdn-cgi/scripts/cf.common.js
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
393c14162b5472e48358ba027ef7fc321d7761e6f4a86ea909b58ad9839177c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
etag
W/"5ebacb03-1138"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
598e12a958a32fa5-FRA
cf-request-id
02eca9fdd400002fa57c2f5200000001
expires
Wed, 27 May 2020 09:01:38 GMT
hcaptcha.challenge.js
df75908d.myoffer.pro/cdn-cgi/scripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df75908d.myoffer.pro/cdn-cgi/scripts/hcaptcha.challenge.js
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eff766fe814feec55954a6f8d3935be7e732cdb0a87f94bedf5d8ce3e29b4ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
etag
W/"5ebacb03-2fce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
598e12a978cc2fa5-FRA
cf-request-id
02eca9fde800002fa57c2f6200000001
expires
Wed, 27 May 2020 09:01:38 GMT
transparent.gif
df75908d.myoffer.pro/cdn-cgi/images/trace/captcha/nojs/h/ 		42 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df75908d.myoffer.pro/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=598e12a91fe92fa5
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5ebacb03-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
598e12a989072fa5-FRA
content-length
42
cf-request-id
02eca9fdf600002fa57c2f8200000001
expires
Mon, 25 May 2020 11:01:38 GMT
browser-bar.png
df75908d.myoffer.pro/cdn-cgi/images/ 		916 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df75908d.myoffer.pro/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3073ea23a66b474cdb02c3ec5a76a4510830bcf41671cad9247a6a0baa23f816
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5ebacb03-394"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
598e12a9890b2fa5-FRA
content-length
916
cf-request-id
02eca9fdf600002fa57c2f9200000001
expires
Mon, 25 May 2020 11:01:38 GMT
error_icons.png
df75908d.myoffer.pro/cdn-cgi/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df75908d.myoffer.pro/cdn-cgi/images/error_icons.png
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6276600a8879318ffd1752e37c4702ebe5aafa18d5a1c43fa4efef9ab899347b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5ebacb03-2c20"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
598e12a9890e2fa5-FRA
content-length
11296
cf-request-id
02eca9fdf600002fa57c2fa200000001
expires
Mon, 25 May 2020 11:01:38 GMT
opensans-300.woff
df75908d.myoffer.pro/cdn-cgi/styles/fonts/ 		15 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://df75908d.myoffer.pro/cdn-cgi/styles/fonts/opensans-300.woff
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059fb5b9c3140723dd817f3e0a6dd38b62465864cc6922727ff23a4c4fb157a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
Origin
https://df75908d.myoffer.pro

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ebacb03-3dfc"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
598e12a9991e2fa5-FRA
cf-request-id
02eca9fdfa00002fa57c2fb200000001
expires
Mon, 25 May 2020 11:01:38 GMT
opensans-400.woff
df75908d.myoffer.pro/cdn-cgi/styles/fonts/ 		16 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://df75908d.myoffer.pro/cdn-cgi/styles/fonts/opensans-400.woff
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d3578fac745f8a18cd8068a55f0c45d68c37532e2f85b98be69f32d8ab23ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
Origin
https://df75908d.myoffer.pro

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ebacb03-3e40"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
598e12a999262fa5-FRA
cf-request-id
02eca9fdfb00002fa57c2fc200000001
expires
Mon, 25 May 2020 11:01:38 GMT
opensans-600.woff
df75908d.myoffer.pro/cdn-cgi/styles/fonts/ 		16 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://df75908d.myoffer.pro/cdn-cgi/styles/fonts/opensans-600.woff
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8662216acfc2aebb92efb59860305bf049548c55dbf3c7507df48d36ec4ae09f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://df75908d.myoffer.pro/cdn-cgi/styles/cf.errors.css
Origin
https://df75908d.myoffer.pro

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ebacb03-3eb8"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
max-age=7200, public
cf-ray
598e12a9a95a2fa5-FRA
cf-request-id
02eca9fe0500002fa57c2fe200000001
expires
Mon, 25 May 2020 11:01:38 GMT
hcaptcha.min.js
assets.hcaptcha.com/captcha/v1/0686118/
Redirect Chain
  • https://hcaptcha.com/1/api.js?onload=onloadCallback&render=explicit
  • https://assets.hcaptcha.com/captcha/v1/0686118/hcaptcha.min.js
57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/0686118/hcaptcha.min.js
Requested by
Host: df75908d.myoffer.pro
URL: https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273a30388b0874de770d7014d152fd5817b2ecbe530a696b36820faab69e9388
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3098
cf-ray
598e12ac7ce0bd82-AMS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
18682
x-amz-id-2
i0LIc1IJeFiJqdCto4/VPU2H9zg/mqp20X4wNqBLqtgMz3N8NGBUo7jpncTLODYxDT+fVv8Esuk=
last-modified
Fri, 22 May 2020 03:27:06 GMT
server
cloudflare
etag
"d2f82077f59d55bd6704b70a9bd31099"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-amz-request-id
B98AFAE8F84156F6
vary
Accept-Encoding
cf-request-id
02eca9ffcf0000bd82130aa200000001
accept-ranges
bytes
content-type
application/javascript

Redirect headers

date
Mon, 25 May 2020 09:01:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
656
status
302
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://assets.hcaptcha.com/captcha/v1/0686118/hcaptcha.min.js
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
598e12abeca5bd82-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02eca9ff730000bd82130a7200000001
hcaptcha-challenge.html
assets.hcaptcha.com/captcha/v1/0686118/static/ Frame 9917 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/0686118/static/hcaptcha-challenge.html
Requested by
Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/0686118/hcaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/0686118/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z

Response headers

status
200
date
Mon, 25 May 2020 09:01:38 GMT
content-type
text/html
set-cookie
__cfduid=deef1693781b780812a72a23c3d682c2b1590397298; expires=Wed, 24-Jun-20 09:01:38 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
XXoy1s9jAg7Xs1HXeV2mLa8XXJpax1XU2mqI8d80EI7C/4yIOCXImS31HNVAg3RHUBP1GkjkuW4=
x-amz-request-id
8DF86BE708A4F365
last-modified
Fri, 22 May 2020 03:27:02 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
598e12ad5d2bbd82-AMS
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02ecaa00540000bd82130ae200000001
hcaptcha-checkbox.html
assets.hcaptcha.com/captcha/v1/0686118/static/ Frame 2D34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/0686118/static/hcaptcha-checkbox.html
Requested by
Host: assets.hcaptcha.com
URL: https://assets.hcaptcha.com/captcha/v1/0686118/hcaptcha.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/0686118/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z

Response headers

status
200
date
Mon, 25 May 2020 09:01:39 GMT
content-type
text/html
set-cookie
__cfduid=deef1693781b780812a72a23c3d682c2b1590397298; expires=Wed, 24-Jun-20 09:01:38 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
CUOIMpPqo9pHQA6rdRqNzOJMs9MRb/AvwcYfW/6nLO1O++XDB1o4gIJVAtyfhMTliidZdICVi5I=
x-amz-request-id
5068C7E92CA58416
last-modified
Fri, 22 May 2020 03:27:02 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
598e12ad7d31bd82-AMS
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02ecaa006a0000bd82130af200000001
transparent.gif
df75908d.myoffer.pro/cdn-cgi/images/trace/captcha/js/h/ 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df75908d.myoffer.pro/cdn-cgi/images/trace/captcha/js/h/transparent.gif?ray=598e12a91fe92fa5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6812:2cd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://df75908d.myoffer.pro/oc/48584c8e13?affclick=6830704378295353470&pubid=965-ac39164z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:01:38 GMT
last-modified
Tue, 12 May 2020 16:12:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5ebacb03-2a"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
598e12ad3cb72fa5-FRA
content-length
42
cf-request-id
02ecaa004000002fa57c31f200000001
expires
Mon, 25 May 2020 11:01:38 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Zepto function| $ function| Polyglot object| polyglot object| _cf_translation function| onloadCallback object| hcaptcha object| grecaptcha

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.hcaptcha.com
c.redirect750.us
df75908d.myoffer.pro
fast-redirecting.com
fonts.googleapis.com
hcaptcha.com
webyonlendir.blogspot.com
women.thefashiondresses.site
104.18.27.20
116.202.209.183
198.143.165.221
2606:4700:3030::6812:2cd8
2606:4700:3031::681b:8912
2a00:1450:4001:81d::2001
2a00:1450:4001:821::200a
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
059fb5b9c3140723dd817f3e0a6dd38b62465864cc6922727ff23a4c4fb157a8
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
273a30388b0874de770d7014d152fd5817b2ecbe530a696b36820faab69e9388
3073ea23a66b474cdb02c3ec5a76a4510830bcf41671cad9247a6a0baa23f816
38d3578fac745f8a18cd8068a55f0c45d68c37532e2f85b98be69f32d8ab23ed
393c14162b5472e48358ba027ef7fc321d7761e6f4a86ea909b58ad9839177c4
4199498db68f4bf6526f9f90c4140d1c6c25fef5b5159532eb360f12f3a287a9
43e9d9d372f6f150f1cabd4e549f9829878a2bf224f421f0113e02fe00794d0d
445cd8a23972ac2d37cbc1676f21486a7f634cdc81fd8dac262935e27914647c
51569e74dc39ef446aebc202eb0cbfe6b3ca6bdb78ff6b78f55528f1a5a8bd41
57b22f3a5df6b64e6c861d24379cc781da036eaff1326d9c508e593acdda3cb1
57fcd66a62b316aaa850f1d344e19ce79ba5cb31d3c57c0845ae307e1030e3c2
6276600a8879318ffd1752e37c4702ebe5aafa18d5a1c43fa4efef9ab899347b
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
7eff766fe814feec55954a6f8d3935be7e732cdb0a87f94bedf5d8ce3e29b4ef
84544ad24e10f5c0c075d18b68cea62ad26c7a6b2571b8b89812e4b37299efd1
8662216acfc2aebb92efb59860305bf049548c55dbf3c7507df48d36ec4ae09f
af86b890070fab2cf95d1cdd277f5f477c97e3c6538fdbd5744483d8cb4cfbe8
cb0c647b1a5a686c8451d2632eecec8a545240bbfc589911d6f69f34cdd4e077
cdb3d0c8bdaa4ff0e4808dd9f53c33f0898fd934c3df605368b82a92c88ec049
d574be1557f9fd461e6fccef27e5bb97622031363b2d8adfed696439927b2384
d686a97d22facf0e3cb51a878b5fcdb47954df009415acce0a897f87dfeef73f
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
e2dba22a9ee028e3aa09baa7c36e14c86effba2516862aad01019c06e757b375
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c