urlscan.io logo urlscan.io
SecurityTrails logo

www.givemethisoffer.com Open in urlscan Pro
2606:4700:e4::ac40:a917  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paypal-support.de/
Effective URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7Jg...
Submission: On August 30 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 20 domains to perform 52 HTTP transactions. The main IP is 2606:4700:e4::ac40:a917, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.givemethisoffer.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 7th 2019. Valid for: a year.
This is the only time www.givemethisoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a01:4f8:c2c:... 24940 (HETZNER-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.161.188.132 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.90.52.15 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 138.201.252.161 24940 (HETZNER-AS)
2 144.76.0.242 24940 (HETZNER-AS)
1 1 108.168.193.184 36351 (SOFTLAYER)
1 2 23.82.9.96 30633 (LEASEWEB-...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
23 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.217 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
52 19
2    2a01:4f8:c2c:bc6c::1 (Germany)

ASN24940 (HETZNER-AS, DE)
paypal-support.de
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
stackpath.bootstrapcdn.com
3    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    108.161.188.132 (United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
trafficclub-nde.netdna-ssl.com
2    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    52.90.52.15 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-90-52-15.compute-1.amazonaws.com
logs-01.loggly.com
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    138.201.252.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: proxy.traffic.club
track.traffic.club
2    144.76.0.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.0.76.144.clients.your-server.de
track.tkbo.com
1    108.168.193.184 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b8.c1.a86c.ip4.static.sl-reverse.com
forwrdnow.com
2    23.82.9.96 (Rockville, United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)
7lyonline.com
7proof.com
1    2606:4700:30::681f:5484 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.givemeapplink.com
23    2606:4700:e4::ac40:a917 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.givemethisoffer.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
2    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY - Fastly, US)
browser.sentry-cdn.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
2    2606:4700:e6::ac40:c403 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.cherami-cloud.com
4    2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2606:4700:30::681b:9928 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
search.saferesultonline.net
Domain Requested by
23 www.givemethisoffer.com track.tkbo.com
www.givemethisoffer.com
code.jquery.com
4 cdnjs.cloudflare.com code.jquery.com
www.gstatic.com
3 fonts.googleapis.com paypal-support.de
code.jquery.com
www.givemethisoffer.com
2 www.cherami-cloud.com www.givemethisoffer.com
2 www.google.com www.givemethisoffer.com
www.gstatic.com
2 track.tkbo.com trafficclub-nde.netdna-ssl.com
track.tkbo.com
2 fonts.gstatic.com paypal-support.de
www.gstatic.com
2 www.google-analytics.com paypal-support.de
2 paypal-support.de paypal-support.de
1 7proof.com
1 search.saferesultonline.net www.givemethisoffer.com
1 www.gstatic.com www.google.com
1 browser.sentry-cdn.com www.givemethisoffer.com
1 code.jquery.com www.givemethisoffer.com
1 www.givemeapplink.com 1 redirects
1 7lyonline.com 1 redirects
1 forwrdnow.com 1 redirects
1 track.traffic.club trafficclub-nde.netdna-ssl.com
1 ajax.googleapis.com trafficclub-nde.netdna-ssl.com
1 logs-01.loggly.com paypal-support.de
1 trafficclub-nde.netdna-ssl.com paypal-support.de
1 stackpath.bootstrapcdn.com paypal-support.de
52 22
Subject Issuer Validity Valid
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.googleapis.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-18 -
2020-02-27		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
logs-01.loggly.com
Starfield Secure Certificate Authority - G2		 2018-02-08 -
2020-04-10		 2 years crt.sh
track.tkbo.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-27 -
2020-02-27		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-08-07 -
2020-08-06		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
www.google.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
v2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-08-26 -
2020-02-26		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
7proof.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-13 -
2021-04-09		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Frame ID: AB650B75F60AC818E5264047AE258AAF
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms&co=aHR0cHM6Ly93d3cuZ2l2ZW1ldGhpc29mZmVyLmNvbTo0NDM.&hl=en&v=v1565591531251&size=invisible&cb=dv5qldbce9ps
Frame ID: 62A30F8BD4267ADF9B0483F2FC198F88
Requests: 1 HTTP requests in this frame

Frame: https://search.saferesultonline.net/wim/static/wi/install.php?cid=8301_fid71_lp23.5_wit1567181139&yid=d5pr&clickid=75207427281&vert=privateSearch&days=180&extid=oohgljecdmahbdiafheoabbeplbiopkp&npage=skip&bnp=1&icon=img&res=1200x1600&step=0&extType=dm&endpointUrl=https%3A%2F%2Fwww.safelyonline.info
Frame ID: D1A7D7A61DC2695D0681FD2FE9B0582E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paypal-support.de/ Page URL
  2. https://track.tkbo.com/proceed.php?domain=paypal-support.de&hash=44446ffdd7e0e9575bac66c813054605&u... Page URL
  3. https://track.tkbo.com/beam.php?target=aHR0cDovL2ZvcndyZG5vdy5jb20vYVMvZmVlZGNsaWNrP3M9dG14dmZiYWRX... Page URL
  4. http://forwrdnow.com/aS/feedclick?s=tmxvfbadWlmWoJ8TCT3o6kWut6U4gTSnEKrESHXCZOW5aKepYkVoKrUC6hWIe... HTTP 302
    http://7lyonline.com/app/feedclick?p=AXBLUlzsVqH3z7jqt6hV0C0yVB7rjxb4pPuU9JlASw0CDAht0ByMJcNnA02f... HTTP 302
    http://www.givemeapplink.com/wim/wi/mpsr.php?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPS... HTTP 302
    https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cach... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="[^"]*materialize(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link[^>]* href="[^"]*materialize(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

52
Requests

92 %
HTTPS

67 %
IPv6

20
Domains

22
Subdomains

19
IPs

3
Countries

518 kB
Transfer

1330 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paypal-support.de/ Page URL
  2. https://track.tkbo.com/proceed.php?domain=paypal-support.de&hash=44446ffdd7e0e9575bac66c813054605&u=eyJkb21haW4iOiJwYXlwYWwtc3VwcG9ydC5kZSIsImRvbWFpbl9pZCI6IjExMzEyODAzIiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIxNzciLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiI5NiIsInRhcmdldCI6Imh0dHA6XC9cL2ZvcndyZG5vdy5jb21cL2FTXC9mZWVkY2xpY2s/cz10bXh2ZmJhZFdsbVdvSjhUQ1QzbzZrV3V0NlU0Z1RTbkVLckVTSFhDWk9XNWFLZXBZa1ZvS3JVQzZoV0llVGdhNklrQ2JnN3NLRXVZRE1tM3ZTVUdjRDFsQ3A4cTVvRTdvNHFhTndyYm9nSzRSeUJVaHZjTHJaX1AwS0Y3WUJYTWZfTGdCSEtaQTJLcHppd3dZZFdBbHRVbnNnY09UNE5oR2VkbzBqRXdxdFdremFqVWR4a1ZUdEdtMUJNSGhQMm9lcDJjdHdPa0dFb2R4dUJZblBBTlJOdlJWTE5SQ19rd3ItcU5oZEw2NG5xeF9VT2Y0U0hsZ3hhZmhLYjZhWVFEbTZBbk9MUERGczhYWHpyWTl2S2lNbFVTdjRwRVRSbS1QZF96ZnFzQ1R0RFNUdkdBNmI2UjY1SFRKaE9hRm5xYmJOcjJ6Wi0xZWhiMnB5WmpxZ3BheUczeWxMdzN0cHVmWXZnTk5YLW9qQTAxVkdaOUdOMnFvb2kxS1dtaVZuWkxsT2o5Rm4waW8zMU16Tk5SbWVaR2ZlOF94N0FSdDhUajJNTHhjRF9GdFhCMUE0Slh5Y3k4SElQblQzcGF1YmRET3l2d3NyUGQxWDFSeVpHMVlfR0xTY3poWUtydDIxQnpzNFZtWFJoaG9PWFNMT2dCUW5jazFLbDJLSFBhN0gzUVNrRWNwc1RaNHdOSFFKcHN5eFY3bTRNUlhmcWM5dVpMOHZPNk9EVktYMTlYS1NMcmhYdnVqeFFaVGI2bmdUWlNwdEhJUktuam5GMWlROEFlTTJxYVlWR1ZXeXNlV1d3SzZjN29pRFRweERhUU9keS1LdGJjZC0tWXFza1hpbVJDTDdvZXFFbVFMS2JxOUlhWTZMWXhJWldNZExoVlotYjVYckNTaUFpWEJsbXJwZjNIZF9Na1NPcnhNY0lNeEdaOERkNmtoZ3cxeGl3dG5WdTl3aklQOVQtZURScVp2dXBHdnpxeHVkZUlGS0NFLVNGOWd1UDFNb1Q0OUZSQnA3UWV1bVJMNV9VTXdUV2xYVFlUUTZ3c0FyMjNvLW5qNGt3RzBXc19mQ3RudE14dW9UdXF1MWVwRlpnY20yZWFnelczNl81cjRVanBiZE1LVjFqYnpYWGxxa1ZfWWg1dk1MbXJ3cmpwR3JaQTFJOGFQT3l4cVplRkYwVm1KTHh2bm1GZU5Iek5PdlhZMW5zcUtfUzJoTEFueHd6ZmpoV0lncEhHM2JlUURlY1RITG9oMERRYVNFVElHUGVVX09NWWJ0M2k5XzAwNnlUeFFyX09YQjJkNnBJT2UwbU1KWGRORXZEaGRKMGlaVzJEMlZBdzdHWGtsSzgyZEEiLCJpcF9hZGRyZXNzIjoiMTg1LjE2OS4yNTUuNTIiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDUifQ== Page URL
  3. https://track.tkbo.com/beam.php?target=aHR0cDovL2ZvcndyZG5vdy5jb20vYVMvZmVlZGNsaWNrP3M9dG14dmZiYWRXbG1Xb0o4VENUM282a1d1dDZVNGdUU25FS3JFU0hYQ1pPVzVhS2VwWWtWb0tyVUM2aFdJZVRnYTZJa0NiZzdzS0V1WURNbTN2U1VHY0QxbENwOHE1b0U3bzRxYU53cmJvZ0s0UnlCVWh2Y0xyWl9QMEtGN1lCWE1mX0xnQkhLWkEyS3B6aXd3WWRXQWx0VW5zZ2NPVDROaEdlZG8wakV3cXRXa3phalVkeGtWVHRHbTFCTUhoUDJvZXAyY3R3T2tHRW9keHVCWW5QQU5STnZSVkxOUkNfa3dyLXFOaGRMNjRucXhfVU9mNFNIbGd4YWZoS2I2YVlRRG02QW5PTFBERnM4WFh6clk5dktpTWxVU3Y0cEVUUm0tUGRfemZxc0NUdERTVHZHQTZiNlI2NUhUSmhPYUZucWJiTnIyelotMWVoYjJweVpqcWdwYXlHM3lsTHczdHB1Zll2Z05OWC1vakEwMVZHWjlHTjJxb29pMUtXbWlWblpMbE9qOUZuMGlvMzFNek5OUm1lWkdmZThfeDdBUnQ4VGoyTUx4Y0RfRnRYQjFBNEpYeWN5OEhJUG5UM3BhdWJkRE95dndzclBkMVgxUnlaRzFZX0dMU2N6aFlLcnQyMUJ6czRWbVhSaGhvT1hTTE9nQlFuY2sxS2wyS0hQYTdIM1FTa0VjcHNUWjR3TkhRSnBzeXhWN200TVJYZnFjOXVaTDh2TzZPRFZLWDE5WEtTTHJoWHZ1anhRWlRiNm5nVFpTcHRISVJLbmpuRjFpUThBZU0ycWFZVkdWV3lzZVdXd0s2YzdvaURUcHhEYVFPZHktS3RiY2QtLVlxc2tYaW1SQ0w3b2VxRW1RTEticTlJYVk2TFl4SVpXTWRMaFZaLWI1WHJDU2lBaVhCbG1ycGYzSGRfTWtTT3J4TWNJTXhHWjhEZDZraGd3MXhpd3RuVnU5d2pJUDlULWVEUnFadnVwR3Z6cXh1ZGVJRktDRS1TRjlndVAxTW9UNDlGUkJwN1FldW1STDVfVU13VFdsWFRZVFE2d3NBcjIzby1uajRrd0cwV3NfZkN0bnRNeHVvVHVxdTFlcEZaZ2NtMmVhZ3pXMzZfNXI0VWpwYmRNS1YxamJ6WFhscWtWX1loNXZNTG1yd3JqcEdyWkExSThhUE95eHFaZUZGMFZtSkx4dm5tRmVOSHpOT3ZYWTFuc3FLX1MyaExBbnh3emZqaFdJZ3BIRzNiZVFEZWNUSExvaDBEUWFTRVRJR1BlVV9PTVlidDNpOV8wMDZ5VHhRcl9PWEIyZDZwSU9lMG1NSlhkTkV2RGhkSjBpWlcyRDJWQXc3R1hrbEs4MmRB&hash=0fc96cb268460547fb25a044829aa884 Page URL
  4. http://forwrdnow.com/aS/feedclick?s=tmxvfbadWlmWoJ8TCT3o6kWut6U4gTSnEKrESHXCZOW5aKepYkVoKrUC6hWIeTga6IkCbg7sKEuYDMm3vSUGcD1lCp8q5oE7o4qaNwrbogK4RyBUhvcLrZ_P0KF7YBXMf_LgBHKZA2KpziwwYdWAltUnsgcOT4NhGedo0jEwqtWkzajUdxkVTtGm1BMHhP2oep2ctwOkGEodxuBYnPANRNvRVLNRC_kwr-qNhdL64nqx_UOf4SHlgxafhKb6aYQDm6AnOLPDFs8XXzrY9vKiMlUSv4pETRm-Pd_zfqsCTtDSTvGA6b6R65HTJhOaFnqbbNr2zZ-1ehb2pyZjqgpayG3ylLw3tpufYvgNNX-ojA01VGZ9GN2qooi1KWmiVnZLlOj9Fn0io31MzNNRmeZGfe8_x7ARt8Tj2MLxcD_FtXB1A4JXycy8HIPnT3paubdDOyvwsrPd1X1RyZG1Y_GLSczhYKrt21Bzs4VmXRhhoOXSLOgBQnck1Kl2KHPa7H3QSkEcpsTZ4wNHQJpsyxV7m4MRXfqc9uZL8vO6ODVKX19XKSLrhXvujxQZTb6ngTZSptHIRKnjnF1iQ8AeM2qaYVGVWyseWWwK6c7oiDTpxDaQOdy-Ktbcd--YqskXimRCL7oeqEmQLKbq9IaY6LYxIZWMdLhVZ-b5XrCSiAiXBlmrpf3Hd_MkSOrxMcIMxGZ8Dd6khgw1xiwtnVu9wjIP9T-eDRqZvupGvzqxudeIFKCE-SF9guP1MoT49FRBp7QeumRL5_UMwTWlXTYTQ6wsAr23o-nj4kwG0Ws_fCtntMxuoTuqu1epFZgcm2eagzW36_5r4UjpbdMKV1jbzXXlqkV_Yh5vMLmrwrjpGrZA1I8aPOyxqZeFF0VmJLxvnmFeNHzNOvXY1nsqK_S2hLAnxwzfjhWIgpHG3beQDecTHLoh0DQaSETIGPeU_OMYbt3i9_006yTxQr_OXB2d6pIOe0mMJXdNEvDhdJ0iZW2D2VAw7GXklK82dA HTTP 302
    http://7lyonline.com/app/feedclick?p=AXBLUlzsVqH3z7jqt6hV0C0yVB7rjxb4pPuU9JlASw0CDAht0ByMJcNnA02fFaz8lWn4KNhVEXmJoSstDxnED5wAADH3lhZg2AtjukE22YE-4owZblFg94ApcIOl7tNuiO-qreMhlW7uxVAmflQVrcIBkcm7NlOakTZIW4WvJRUpgqf7Le9YkxRGRY-92Wie6KNCzrepiCfkfmVcJ_q2dQ HTTP 302
    http://www.givemeapplink.com/wim/wi/mpsr.php?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D HTTP 302
    https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 7
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=877917971&t=pageview&_s=1&dl=http%3A%2F%2Fpaypal-support.de%2F&ul=en-us&de=UTF-8&dt=PAYPAL-SUPPORT.DE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=459566057&gjid=596315929&cid=1711991843.1567181130&tid=UA-43967021-7&_gid=1540675581.1567181130&_r=1&cd1=splitter_static&cd2=127&cd3=no&z=292110005 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=877917971&t=pageview&_s=1&dl=http%3A%2F%2Fpaypal-support.de%2F&ul=en-us&de=UTF-8&dt=PAYPAL-SUPPORT.DE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=459566057&gjid=596315929&cid=1711991843.1567181130&tid=UA-43967021-7&_gid=1540675581.1567181130&_r=1&cd1=splitter_static&cd2=127&cd3=no&z=292110005

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
paypal-support.de/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://paypal-support.de/
Protocol
HTTP/1.1
Server
2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c158db0fc75f19ae2145aa49b2526b1ddbae6d2405ac37656e7d3886999ec2bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
paypal-support.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Fri, 30 Aug 2019 16:05:29 GMT
Content-Type
text/html; charset=utf8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
ndsp=eyJkb21haW5OYW1lIjoicGF5cGFsLXN1cHBvcnQuZGUiLCJtZW1iZXIiOiIxMjciLCJ0ZW1wbGF0ZSI6InNwbGl0dGVyX3N0YXRpYyIsInVzZXJBZ2VudCI6Ik1vemlsbGFcLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdFwvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lXC83NC4wLjM3MjkuMTY5IFNhZmFyaVwvNTM3LjM2Iiwic2Vzc2lvbiI6IjNjNjA0YTg3ZDRkZDQ5OWIzY2QxMzRhNDE4NDAzMzk3IiwidGltZV9pbml0IjoxNTY3MTgxMTI5fQ%3D%3D; expires=Fri, 30-Aug-2019 21:59:59 GMT; Max-Age=21270; path=/
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
bootstrap.min.css
stackpath.bootstrapcdn.com/bootswatch/4.1.0/sketchy/ 		162 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootswatch/4.1.0/sketchy/bootstrap.min.css
Requested by
Host: paypal-support.de
URL: http://paypal-support.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
33171d159191d9aee7967996572a02b6fc2a2ffb231f0c9aa83b41efefc61893

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:30 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:01 GMT
status
200
etag
"1544639701"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
22902
custom.css
paypal-support.de/template/splitter_static/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://paypal-support.de/template/splitter_static/css/custom.css
Requested by
Host: paypal-support.de
URL: http://paypal-support.de/
Protocol
HTTP/1.1
Security
, ,
Server
2a01:4f8:c2c:bc6c::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
b73f0dd9f8b1f342b89386a83b08eb8d6d9b9c534565a276d596ae6511e64740

Request headers

Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Fri, 30 Aug 2019 16:05:29 GMT
Last-Modified
Fri, 11 Mar 2016 11:43:52 GMT
Server
nginx
ETag
"56e2af78-617"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1559
Expires
Sun, 29 Sep 2019 16:05:29 GMT
css
fonts.googleapis.com/ 		1 KB
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Neucha|Cabin+Sketch
Requested by
Host: paypal-support.de
URL: http://paypal-support.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3fd1eba0416bda9c32dbf8f1716b8a18aa9f7769512850da3f332f08f2bec05a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 30 Aug 2019 16:05:30 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 30 Aug 2019 16:05:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 30 Aug 2019 16:05:30 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: paypal-support.de
URL: http://paypal-support.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2373
date
Fri, 30 Aug 2019 15:25:57 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 30 Aug 2019 17:25:57 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
rtb.min.js
trafficclub-nde.netdna-ssl.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafficclub-nde.netdna-ssl.com/rtb.min.js
Requested by
Host: paypal-support.de
URL: http://paypal-support.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.132 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
77101c7fed0d10c82b345d35cec48844c6ca3912b2a935a02bccc55591cc671e

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:31 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2019 10:37:29 GMT
server
NetDNA-cache/2.2
etag
W/"1e4e-5841fa0222c40"
x-cache
HIT
content-type
application/javascript
status
200
q5uGsou0JOdh94bfvQltKRZUgQ.woff2
fonts.gstatic.com/s/neucha/v11/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/neucha/v11/q5uGsou0JOdh94bfvQltKRZUgQ.woff2
Requested by
Host: paypal-support.de
URL: http://paypal-support.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3e2ea470e6730906ac4026cab3e37b8395e94c02d485127a2bc1427d29e98e54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Neucha|Cabin+Sketch
Origin
http://paypal-support.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 03:28:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:45:32 GMT
server
sffe
age
650205
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11896
x-xss-protection
0
expires
Sat, 22 Aug 2020 03:28:45 GMT
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=877917971&t=pageview&_s=1&dl=http%3A%2F%2Fpaypal-support.de%2F&ul=en-us&de=UTF-8&dt=PAYPAL-SUPPORT.DE&sd=24-bit&sr=1600x1200&vp=1600x120...
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=877917971&t=pageview&_s=1&dl=http%3A%2F%2Fpaypal-support.de%2F&ul=en-us&de=UTF-8&dt=PAYPAL-SUPPORT.DE&sd=24-bit&sr=1600x1200&vp=1600x12...
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=877917971&t=pageview&_s=1&dl=http%3A%2F%2Fpaypal-support.de%2F&ul=en-us&de=UTF-8&dt=PAYPAL-SUPPORT.DE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=459566057&gjid=596315929&cid=1711991843.1567181130&tid=UA-43967021-7&_gid=1540675581.1567181130&_r=1&cd1=splitter_static&cd2=127&cd3=no&z=292110005
Requested by
Host: paypal-support.de
URL: http://paypal-support.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2019 16:05:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=877917971&t=pageview&_s=1&dl=http%3A%2F%2Fpaypal-support.de%2F&ul=en-us&de=UTF-8&dt=PAYPAL-SUPPORT.DE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=459566057&gjid=596315929&cid=1711991843.1567181130&tid=UA-43967021-7&_gid=1540675581.1567181130&_r=1&cd1=splitter_static&cd2=127&cd3=no&z=292110005
Non-Authoritative-Reason
HSTS
4f39f1dd-eca3-48d3-a1f1-c5973b1fa1f2.gif
logs-01.loggly.com/inputs/ 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs-01.loggly.com/inputs/4f39f1dd-eca3-48d3-a1f1-c5973b1fa1f2.gif?member=127&domain=paypal-support.de&adBlock=true
Requested by
Host: paypal-support.de
URL: http://paypal-support.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.90.52.15 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-90-52-15.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Aug 2019 16:05:31 GMT
Server
nginx/1.12.1
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length
43
Content-Type
image/gif
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Requested by
Host: trafficclub-nde.netdna-ssl.com
URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 29 Aug 2019 00:00:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
144296
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30089
X-XSS-Protection
0
Expires
Fri, 28 Aug 2020 00:00:35 GMT
rtb.php
track.traffic.club/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://track.traffic.club/rtb.php?hash=e04b2ca08ccde67ed5d0c2ddad3fb452&mid=177&f=177&request=rtb&keyword=%20&domain=paypal-support.de
Requested by
Host: trafficclub-nde.netdna-ssl.com
URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js
Protocol
HTTP/1.1
Security
, ,
Server
138.201.252.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
proxy.traffic.club
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://paypal-support.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 16:05:35 GMT
Content-Encoding
none
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/html; charset=utf8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
1798
X-XSS-Protection
1; mode=block
proceed.php
track.tkbo.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.tkbo.com/proceed.php?domain=paypal-support.de&hash=44446ffdd7e0e9575bac66c813054605&u=eyJkb21haW4iOiJwYXlwYWwtc3VwcG9ydC5kZSIsImRvbWFpbl9pZCI6IjExMzEyODAzIiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIxNzciLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiI5NiIsInRhcmdldCI6Imh0dHA6XC9cL2ZvcndyZG5vdy5jb21cL2FTXC9mZWVkY2xpY2s/cz10bXh2ZmJhZFdsbVdvSjhUQ1QzbzZrV3V0NlU0Z1RTbkVLckVTSFhDWk9XNWFLZXBZa1ZvS3JVQzZoV0llVGdhNklrQ2JnN3NLRXVZRE1tM3ZTVUdjRDFsQ3A4cTVvRTdvNHFhTndyYm9nSzRSeUJVaHZjTHJaX1AwS0Y3WUJYTWZfTGdCSEtaQTJLcHppd3dZZFdBbHRVbnNnY09UNE5oR2VkbzBqRXdxdFdremFqVWR4a1ZUdEdtMUJNSGhQMm9lcDJjdHdPa0dFb2R4dUJZblBBTlJOdlJWTE5SQ19rd3ItcU5oZEw2NG5xeF9VT2Y0U0hsZ3hhZmhLYjZhWVFEbTZBbk9MUERGczhYWHpyWTl2S2lNbFVTdjRwRVRSbS1QZF96ZnFzQ1R0RFNUdkdBNmI2UjY1SFRKaE9hRm5xYmJOcjJ6Wi0xZWhiMnB5WmpxZ3BheUczeWxMdzN0cHVmWXZnTk5YLW9qQTAxVkdaOUdOMnFvb2kxS1dtaVZuWkxsT2o5Rm4waW8zMU16Tk5SbWVaR2ZlOF94N0FSdDhUajJNTHhjRF9GdFhCMUE0Slh5Y3k4SElQblQzcGF1YmRET3l2d3NyUGQxWDFSeVpHMVlfR0xTY3poWUtydDIxQnpzNFZtWFJoaG9PWFNMT2dCUW5jazFLbDJLSFBhN0gzUVNrRWNwc1RaNHdOSFFKcHN5eFY3bTRNUlhmcWM5dVpMOHZPNk9EVktYMTlYS1NMcmhYdnVqeFFaVGI2bmdUWlNwdEhJUktuam5GMWlROEFlTTJxYVlWR1ZXeXNlV1d3SzZjN29pRFRweERhUU9keS1LdGJjZC0tWXFza1hpbVJDTDdvZXFFbVFMS2JxOUlhWTZMWXhJWldNZExoVlotYjVYckNTaUFpWEJsbXJwZjNIZF9Na1NPcnhNY0lNeEdaOERkNmtoZ3cxeGl3dG5WdTl3aklQOVQtZURScVp2dXBHdnpxeHVkZUlGS0NFLVNGOWd1UDFNb1Q0OUZSQnA3UWV1bVJMNV9VTXdUV2xYVFlUUTZ3c0FyMjNvLW5qNGt3RzBXc19mQ3RudE14dW9UdXF1MWVwRlpnY20yZWFnelczNl81cjRVanBiZE1LVjFqYnpYWGxxa1ZfWWg1dk1MbXJ3cmpwR3JaQTFJOGFQT3l4cVplRkYwVm1KTHh2bm1GZU5Iek5PdlhZMW5zcUtfUzJoTEFueHd6ZmpoV0lncEhHM2JlUURlY1RITG9oMERRYVNFVElHUGVVX09NWWJ0M2k5XzAwNnlUeFFyX09YQjJkNnBJT2UwbU1KWGRORXZEaGRKMGlaVzJEMlZBdzdHWGtsSzgyZEEiLCJpcF9hZGRyZXNzIjoiMTg1LjE2OS4yNTUuNTIiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDUifQ==
Requested by
Host: trafficclub-nde.netdna-ssl.com
URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.0.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.0.76.144.clients.your-server.de
Software
nginx / PHP/5.3.10-1ubuntu3.25
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
track.tkbo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://paypal-support.de/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://paypal-support.de/

Response headers

Server
nginx
Date
Fri, 30 Aug 2019 16:05:36 GMT
Content-Type
text/html; charset=utf8
Content-Length
1864
Connection
keep-alive
X-Powered-By
PHP/5.3.10-1ubuntu3.25
Cache-Control
no-cache, must-revalidate
Content-Encoding
none
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
beam.php
track.tkbo.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.tkbo.com/beam.php?target=aHR0cDovL2ZvcndyZG5vdy5jb20vYVMvZmVlZGNsaWNrP3M9dG14dmZiYWRXbG1Xb0o4VENUM282a1d1dDZVNGdUU25FS3JFU0hYQ1pPVzVhS2VwWWtWb0tyVUM2aFdJZVRnYTZJa0NiZzdzS0V1WURNbTN2U1VHY0QxbENwOHE1b0U3bzRxYU53cmJvZ0s0UnlCVWh2Y0xyWl9QMEtGN1lCWE1mX0xnQkhLWkEyS3B6aXd3WWRXQWx0VW5zZ2NPVDROaEdlZG8wakV3cXRXa3phalVkeGtWVHRHbTFCTUhoUDJvZXAyY3R3T2tHRW9keHVCWW5QQU5STnZSVkxOUkNfa3dyLXFOaGRMNjRucXhfVU9mNFNIbGd4YWZoS2I2YVlRRG02QW5PTFBERnM4WFh6clk5dktpTWxVU3Y0cEVUUm0tUGRfemZxc0NUdERTVHZHQTZiNlI2NUhUSmhPYUZucWJiTnIyelotMWVoYjJweVpqcWdwYXlHM3lsTHczdHB1Zll2Z05OWC1vakEwMVZHWjlHTjJxb29pMUtXbWlWblpMbE9qOUZuMGlvMzFNek5OUm1lWkdmZThfeDdBUnQ4VGoyTUx4Y0RfRnRYQjFBNEpYeWN5OEhJUG5UM3BhdWJkRE95dndzclBkMVgxUnlaRzFZX0dMU2N6aFlLcnQyMUJ6czRWbVhSaGhvT1hTTE9nQlFuY2sxS2wyS0hQYTdIM1FTa0VjcHNUWjR3TkhRSnBzeXhWN200TVJYZnFjOXVaTDh2TzZPRFZLWDE5WEtTTHJoWHZ1anhRWlRiNm5nVFpTcHRISVJLbmpuRjFpUThBZU0ycWFZVkdWV3lzZVdXd0s2YzdvaURUcHhEYVFPZHktS3RiY2QtLVlxc2tYaW1SQ0w3b2VxRW1RTEticTlJYVk2TFl4SVpXTWRMaFZaLWI1WHJDU2lBaVhCbG1ycGYzSGRfTWtTT3J4TWNJTXhHWjhEZDZraGd3MXhpd3RuVnU5d2pJUDlULWVEUnFadnVwR3Z6cXh1ZGVJRktDRS1TRjlndVAxTW9UNDlGUkJwN1FldW1STDVfVU13VFdsWFRZVFE2d3NBcjIzby1uajRrd0cwV3NfZkN0bnRNeHVvVHVxdTFlcEZaZ2NtMmVhZ3pXMzZfNXI0VWpwYmRNS1YxamJ6WFhscWtWX1loNXZNTG1yd3JqcEdyWkExSThhUE95eHFaZUZGMFZtSkx4dm5tRmVOSHpOT3ZYWTFuc3FLX1MyaExBbnh3emZqaFdJZ3BIRzNiZVFEZWNUSExvaDBEUWFTRVRJR1BlVV9PTVlidDNpOV8wMDZ5VHhRcl9PWEIyZDZwSU9lMG1NSlhkTkV2RGhkSjBpWlcyRDJWQXc3R1hrbEs4MmRB&hash=0fc96cb268460547fb25a044829aa884
Requested by
Host: track.tkbo.com
URL: https://track.tkbo.com/proceed.php?domain=paypal-support.de&hash=44446ffdd7e0e9575bac66c813054605&u=eyJkb21haW4iOiJwYXlwYWwtc3VwcG9ydC5kZSIsImRvbWFpbl9pZCI6IjExMzEyODAzIiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIxNzciLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiI5NiIsInRhcmdldCI6Imh0dHA6XC9cL2ZvcndyZG5vdy5jb21cL2FTXC9mZWVkY2xpY2s/cz10bXh2ZmJhZFdsbVdvSjhUQ1QzbzZrV3V0NlU0Z1RTbkVLckVTSFhDWk9XNWFLZXBZa1ZvS3JVQzZoV0llVGdhNklrQ2JnN3NLRXVZRE1tM3ZTVUdjRDFsQ3A4cTVvRTdvNHFhTndyYm9nSzRSeUJVaHZjTHJaX1AwS0Y3WUJYTWZfTGdCSEtaQTJLcHppd3dZZFdBbHRVbnNnY09UNE5oR2VkbzBqRXdxdFdremFqVWR4a1ZUdEdtMUJNSGhQMm9lcDJjdHdPa0dFb2R4dUJZblBBTlJOdlJWTE5SQ19rd3ItcU5oZEw2NG5xeF9VT2Y0U0hsZ3hhZmhLYjZhWVFEbTZBbk9MUERGczhYWHpyWTl2S2lNbFVTdjRwRVRSbS1QZF96ZnFzQ1R0RFNUdkdBNmI2UjY1SFRKaE9hRm5xYmJOcjJ6Wi0xZWhiMnB5WmpxZ3BheUczeWxMdzN0cHVmWXZnTk5YLW9qQTAxVkdaOUdOMnFvb2kxS1dtaVZuWkxsT2o5Rm4waW8zMU16Tk5SbWVaR2ZlOF94N0FSdDhUajJNTHhjRF9GdFhCMUE0Slh5Y3k4SElQblQzcGF1YmRET3l2d3NyUGQxWDFSeVpHMVlfR0xTY3poWUtydDIxQnpzNFZtWFJoaG9PWFNMT2dCUW5jazFLbDJLSFBhN0gzUVNrRWNwc1RaNHdOSFFKcHN5eFY3bTRNUlhmcWM5dVpMOHZPNk9EVktYMTlYS1NMcmhYdnVqeFFaVGI2bmdUWlNwdEhJUktuam5GMWlROEFlTTJxYVlWR1ZXeXNlV1d3SzZjN29pRFRweERhUU9keS1LdGJjZC0tWXFza1hpbVJDTDdvZXFFbVFMS2JxOUlhWTZMWXhJWldNZExoVlotYjVYckNTaUFpWEJsbXJwZjNIZF9Na1NPcnhNY0lNeEdaOERkNmtoZ3cxeGl3dG5WdTl3aklQOVQtZURScVp2dXBHdnpxeHVkZUlGS0NFLVNGOWd1UDFNb1Q0OUZSQnA3UWV1bVJMNV9VTXdUV2xYVFlUUTZ3c0FyMjNvLW5qNGt3RzBXc19mQ3RudE14dW9UdXF1MWVwRlpnY20yZWFnelczNl81cjRVanBiZE1LVjFqYnpYWGxxa1ZfWWg1dk1MbXJ3cmpwR3JaQTFJOGFQT3l4cVplRkYwVm1KTHh2bm1GZU5Iek5PdlhZMW5zcUtfUzJoTEFueHd6ZmpoV0lncEhHM2JlUURlY1RITG9oMERRYVNFVElHUGVVX09NWWJ0M2k5XzAwNnlUeFFyX09YQjJkNnBJT2UwbU1KWGRORXZEaGRKMGlaVzJEMlZBdzdHWGtsSzgyZEEiLCJpcF9hZGRyZXNzIjoiMTg1LjE2OS4yNTUuNTIiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDUifQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.0.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.0.76.144.clients.your-server.de
Software
nginx / PHP/5.3.10-1ubuntu3.25
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
track.tkbo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Server
nginx
Date
Fri, 30 Aug 2019 16:05:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.10-1ubuntu3.25
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Primary Request main3.html
www.givemethisoffer.com/wim/static/wi/
Redirect Chain
  • http://forwrdnow.com/aS/feedclick?s=tmxvfbadWlmWoJ8TCT3o6kWut6U4gTSnEKrESHXCZOW5aKepYkVoKrUC6hWIeTga6IkCbg7sKEuYDMm3vSUGcD1lCp8q5oE7o4qaNwrbogK4RyBUhvcLrZ_P0KF7YBXMf_LgBHKZA2KpziwwYdWAltUnsgcOT4NhG...
  • http://7lyonline.com/app/feedclick?p=AXBLUlzsVqH3z7jqt6hV0C0yVB7rjxb4pPuU9JlASw0CDAht0ByMJcNnA02fFaz8lWn4KNhVEXmJoSstDxnED5wAADH3lhZg2AtjukE22YE-4owZblFg94ApcIOl7tNuiO-qreMhlW7uxVAmflQVrcIBkcm7NlOa...
  • http://www.givemeapplink.com/wim/wi/mpsr.php?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++sh...
  • https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+onl...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Requested by
Host: track.tkbo.com
URL: https://track.tkbo.com/beam.php?target=aHR0cDovL2ZvcndyZG5vdy5jb20vYVMvZmVlZGNsaWNrP3M9dG14dmZiYWRXbG1Xb0o4VENUM282a1d1dDZVNGdUU25FS3JFU0hYQ1pPVzVhS2VwWWtWb0tyVUM2aFdJZVRnYTZJa0NiZzdzS0V1WURNbTN2U1VHY0QxbENwOHE1b0U3bzRxYU53cmJvZ0s0UnlCVWh2Y0xyWl9QMEtGN1lCWE1mX0xnQkhLWkEyS3B6aXd3WWRXQWx0VW5zZ2NPVDROaEdlZG8wakV3cXRXa3phalVkeGtWVHRHbTFCTUhoUDJvZXAyY3R3T2tHRW9keHVCWW5QQU5STnZSVkxOUkNfa3dyLXFOaGRMNjRucXhfVU9mNFNIbGd4YWZoS2I2YVlRRG02QW5PTFBERnM4WFh6clk5dktpTWxVU3Y0cEVUUm0tUGRfemZxc0NUdERTVHZHQTZiNlI2NUhUSmhPYUZucWJiTnIyelotMWVoYjJweVpqcWdwYXlHM3lsTHczdHB1Zll2Z05OWC1vakEwMVZHWjlHTjJxb29pMUtXbWlWblpMbE9qOUZuMGlvMzFNek5OUm1lWkdmZThfeDdBUnQ4VGoyTUx4Y0RfRnRYQjFBNEpYeWN5OEhJUG5UM3BhdWJkRE95dndzclBkMVgxUnlaRzFZX0dMU2N6aFlLcnQyMUJ6czRWbVhSaGhvT1hTTE9nQlFuY2sxS2wyS0hQYTdIM1FTa0VjcHNUWjR3TkhRSnBzeXhWN200TVJYZnFjOXVaTDh2TzZPRFZLWDE5WEtTTHJoWHZ1anhRWlRiNm5nVFpTcHRISVJLbmpuRjFpUThBZU0ycWFZVkdWV3lzZVdXd0s2YzdvaURUcHhEYVFPZHktS3RiY2QtLVlxc2tYaW1SQ0w3b2VxRW1RTEticTlJYVk2TFl4SVpXTWRMaFZaLWI1WHJDU2lBaVhCbG1ycGYzSGRfTWtTT3J4TWNJTXhHWjhEZDZraGd3MXhpd3RuVnU5d2pJUDlULWVEUnFadnVwR3Z6cXh1ZGVJRktDRS1TRjlndVAxTW9UNDlGUkJwN1FldW1STDVfVU13VFdsWFRZVFE2d3NBcjIzby1uajRrd0cwV3NfZkN0bnRNeHVvVHVxdTFlcEZaZ2NtMmVhZ3pXMzZfNXI0VWpwYmRNS1YxamJ6WFhscWtWX1loNXZNTG1yd3JqcEdyWkExSThhUE95eHFaZUZGMFZtSkx4dm5tRmVOSHpOT3ZYWTFuc3FLX1MyaExBbnh3emZqaFdJZ3BIRzNiZVFEZWNUSExvaDBEUWFTRVRJR1BlVV9PTVlidDNpOV8wMDZ5VHhRcl9PWEIyZDZwSU9lMG1NSlhkTkV2RGhkSjBpWlcyRDJWQXc3R1hrbEs4MmRB&hash=0fc96cb268460547fb25a044829aa884
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd49602a2c5ded6201460e623a338079e8a0079035a910f747fd812a0566a9b

Request headers

:method
GET
:authority
www.givemethisoffer.com
:scheme
https
:path
/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 30 Aug 2019 16:05:37 GMT
content-type
text/html
set-cookie
__cfduid=d0056c698663400492eae4df09c663c1c1567181137; expires=Sat, 29-Aug-20 16:05:37 GMT; path=/; domain=.givemethisoffer.com; HttpOnly
last-modified
Thu, 29 Aug 2019 11:40:38 GMT
vary
Accept-Encoding
expires
Fri, 30 Aug 2019 17:05:37 GMT
cache-control
max-age=3600
access-control-allow-origin
*
via
1.1 google
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50e801dd1f44bf0f-FRA
content-encoding
br

Redirect headers

Date
Fri, 30 Aug 2019 16:05:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dcb673729a7962f4ac47982a447946fb61567181137; expires=Sat, 29-Aug-20 16:05:37 GMT; path=/; domain=.givemeapplink.com; HttpOnly
X-Powered-By
PHP/5.6.40
Location
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Via
1.1 google
Server
cloudflare
CF-RAY
50e801dc580dcb9c-VIE
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 16:05:37 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1567181137.dop053.fr8.shc,1567181137.dop053.fr8.t,1567181137.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
api.js
www.google.com/recaptcha/ 		796 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
ac6b6b49a148def0d80eec58fb794e5fa76c9e51645c897e5da1018c689f97c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
478
x-xss-protection
1; mode=block
expires
Fri, 30 Aug 2019 16:05:37 GMT
bundle.min.js
browser.sentry-cdn.com/4.3.2/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/4.3.2/bundle.min.js
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Fastly /
Resource Hash
1b5aee94843076932d9cfa527f447f41306acdf650abf4e02527731e8119a639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Origin
https://www.givemethisoffer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
content-encoding
gzip
last-modified
Fri, 16 Nov 2018 15:29:19 GMT
server
Fastly
age
11146957
etag
"822e7271fe55bfac69f10bbd728a60c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
access-control-allow-origin
*
content-length
21433
expires
Wed, 22 Apr 2020 15:43:01 GMT
bundle.js
www.givemethisoffer.com/wim/static/dist/ 		107 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/dist/bundle.js
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce86c4e45f706d518225a7e2d718fe8dfc150483545f1de16fca34b9ee3a7505

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:37 GMT
via
1.1 google
cf-cache-status
HIT
age
1119
status
200
content-encoding
br
last-modified
Thu, 29 Aug 2019 13:27:44 GMT
server
cloudflare
etag
W/"5d67d2d0-1ac02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
50e801dd5fc0bf0f-FRA
expires
Fri, 30 Aug 2019 20:05:37 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1565591531251/ 		263 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1565591531251/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e37175c872fc53f06ace33890986b1983980812d7130f497a9f0125e78188b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 03:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Aug 2019 17:15:00 GMT
server
sffe
age
476514
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
93780
x-xss-protection
0
expires
Mon, 24 Aug 2020 03:43:43 GMT
index.html
www.givemethisoffer.com/wim/static/components/unsupported/1/ 		2 KB
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/components/unsupported/1/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aed1ee8053dfd771139d6293875ce1e0e9e7af51af0a93ec5ec4f0d509f8090

Request headers

Accept
*/*
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cf-ray
50e801e49c2cbf0f-FRA
date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Fri, 30 Aug 2019 17:05:38 GMT
anchor
www.google.com/recaptcha/api2/ Frame 62A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms&co=aHR0cHM6Ly93d3cuZ2l2ZW1ldGhpc29mZmVyLmNvbTo0NDM.&hl=en&v=v1565591531251&size=invisible&cb=dv5qldbce9ps
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1565591531251/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lX4hBUaaS34Sgh2XTn/mqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfbyHgUAAAAAKq8KeoyMO8vG-lfE5RYk8OOClms&co=aHR0cHM6Ly93d3cuZ2l2ZW1ldGhpc29mZmVyLmNvbTo0NDM.&hl=en&v=v1565591531251&size=invisible&cb=dv5qldbce9ps
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 30 Aug 2019 16:05:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-lX4hBUaaS34Sgh2XTn/mqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9179
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
index.html
www.givemethisoffer.com/wim/static/lps/safe/23.5/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/lps/safe/23.5/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d35d7638e6c04392c6022b87d714ff29f054bf0a050da63d0d4ddfc6d82e01

Request headers

Accept
*/*
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cf-ray
50e801e4ac42bf0f-FRA
date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
last-modified
Thu, 29 Aug 2019 11:40:38 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Fri, 30 Aug 2019 17:05:38 GMT
wa
www.cherami-cloud.com/report/ 		2 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cherami-cloud.com/report/wa?ctag=8301_fid71_lp23.5_wit1567181139&clickid=75207427281&yid=d5pr&vertical=privateSearch&step=0&res=1600X1200&dkw=paypal-support.de&extType=dm&action=inc&inc=false
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c403 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
server
cloudflare
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
50e801e50cf7c290-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length
2
slickModal.min.css
www.givemethisoffer.com/wim/static/assets/slick-modal/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/assets/slick-modal/slickModal.min.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3475f0f670a303d4746c51e9c6f4a6c3d0f44c6ba3d30c5195ea9eb38333c56a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
50e801e4cc7cbf0f-FRA
date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
status
200
etag
W/"5d67b9b5-4bde"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
content-encoding
br
expires
Fri, 30 Aug 2019 20:05:38 GMT
slickModal.min.js
www.givemethisoffer.com/wim/static/assets/slick-modal/ 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/assets/slick-modal/slickModal.min.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae32741ea1b43fb7ecc130ab025e51d89bfde3e1fbc74fd813e2b3f5406a6fdc

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cf-ray
50e801e4dc88bf0f-FRA
date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
status
200
etag
W/"5d67b9b5-31a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
content-encoding
br
expires
Fri, 30 Aug 2019 20:05:38 GMT
icon
fonts.googleapis.com/ 		574 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 30 Aug 2019 16:05:38 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 30 Aug 2019 16:05:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 30 Aug 2019 16:05:38 GMT
materialize.min.css
cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/ 		128 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a225638dde45ba8b7d7ff7e0c07e480418ec380ed30dd71f48ae48d84674cccc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11814792
content-security-policy-report-only
default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=50e801e56df3cbb8
status
200
served-in-seconds
0.004
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:22:59 GMT
server
cloudflare
etag
W/"5afd49f3-20198"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
50e801e56df3cbb8-VIE
expires
Wed, 19 Aug 2020 16:05:38 GMT
style.css
www.givemethisoffer.com/wim/static/lps/safe/23.5/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/lps/safe/23.5/css/style.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc35409e65fcd501c39ade74172da5cdbb574d4fc72fa925b92ff15460de31aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1117
status
200
content-encoding
br
last-modified
Thu, 29 Aug 2019 11:40:38 GMT
server
cloudflare
etag
W/"5d67b9b6-20e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
50e801e52d27bf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
register.js
www.givemethisoffer.com/wim/static/wi/ 		404 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/wi/register.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6300ac49cbe108f6d830a2844c27aa2198f539f05747d6e6f4a96c8fb96cb089

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1117
status
200
content-encoding
br
last-modified
Thu, 29 Aug 2019 11:40:38 GMT
server
cloudflare
etag
W/"5d67b9b6-194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
50e801e52d2abf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
index.html
www.givemethisoffer.com/wim/static/components/retry/9.11/ 		3 KB
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/components/retry/9.11/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d86b085059ec948a552431c30923465f9fb1627df496a9705ec69ffc514f6e

Request headers

Accept
*/*
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cf-ray
50e801e54d5dbf0f-FRA
date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Fri, 30 Aug 2019 17:05:38 GMT
index.html
www.givemethisoffer.com/wim/static/components/info/2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/components/info/2/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52a71f00a5255842d4a231bd34bfcb68c40b862705df396c54c5f750ee50902

Request headers

Accept
*/*
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cf-ray
50e801e54d5fbf0f-FRA
date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Fri, 30 Aug 2019 17:05:38 GMT
index.html
www.givemethisoffer.com/wim/static/components/lp-modal/3.1.0/ 		3 KB
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/components/lp-modal/3.1.0/index.html
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c8e7c1f70364e1f6f13afbb93be6ca3bceec407141acf040eaee7d4aee5f33

Request headers

Accept
*/*
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cf-ray
50e801e54d61bf0f-FRA
date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
expires
Fri, 30 Aug 2019 17:05:38 GMT
flow.js
www.givemethisoffer.com/wim/static/components/flows/5.2.1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/components/flows/5.2.1/flow.js?_=1567181137549
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51e4361133f3b95f1ca39027c083ba2a13099f379511112f2534364218fd62a

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cf-ray
50e801e55d64bf0f-FRA
date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
status
200
etag
W/"5d67b9b5-d56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
content-encoding
br
expires
Fri, 30 Aug 2019 20:05:38 GMT
install.php
search.saferesultonline.net/wim/static/wi/ Frame D1A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://search.saferesultonline.net/wim/static/wi/install.php?cid=8301_fid71_lp23.5_wit1567181139&yid=d5pr&clickid=75207427281&vert=privateSearch&days=180&extid=oohgljecdmahbdiafheoabbeplbiopkp&npage=skip&bnp=1&icon=img&res=1200x1600&step=0&extType=dm&endpointUrl=https%3A%2F%2Fwww.safelyonline.info
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9928 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

:method
GET
:authority
search.saferesultonline.net
:scheme
https
:path
/wim/static/wi/install.php?cid=8301_fid71_lp23.5_wit1567181139&yid=d5pr&clickid=75207427281&vert=privateSearch&days=180&extid=oohgljecdmahbdiafheoabbeplbiopkp&npage=skip&bnp=1&icon=img&res=1200x1600&step=0&extType=dm&endpointUrl=https%3A%2F%2Fwww.safelyonline.info
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D

Response headers

status
200
date
Fri, 30 Aug 2019 16:05:38 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=de536ab34893a36ab2495eb5c6264ca3c1567181138; expires=Sat, 29-Aug-20 16:05:38 GMT; path=/; domain=.saferesultonline.net; HttpOnly d5pr_cid=8301_fid71_lp23.5_wit1567181139; Max-Age=31536000; Domain=.saferesultonline.net; Path=/; Expires=Sat, 29 Aug 2020 16:05:38 GMT d5pr_extid=oohgljecdmahbdiafheoabbeplbiopkp; Max-Age=31536000; Domain=.saferesultonline.net; Path=/; Expires=Sat, 29 Aug 2020 16:05:38 GMT d5pr_clickid=75207427281; Max-Age=31536000; Domain=.saferesultonline.net; Path=/; Expires=Sat, 29 Aug 2020 16:05:38 GMT d5pr_vert=privateSearch; Max-Age=31536000; Domain=.saferesultonline.net; Path=/; Expires=Sat, 29 Aug 2020 16:05:38 GMT d5pr_cid=8301_fid71_lp23.5_wit1567181139; Max-Age=31536000; Domain=.saferesultonline.net; Path=/; Expires=Sat, 29 Aug 2020 16:05:38 GMT d5pr_npage=skip; Max-Age=31536000; Domain=.saferesultonline.net; Path=/; Expires=Sat, 29 Aug 2020 16:05:38 GMT
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-credentials
true
via
1.1 google
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
50e801e5dececba8-VIE
content-encoding
br
lobibox.min.js
www.givemethisoffer.com/wim/static/assets/lobibox/js/ 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/assets/lobibox/js/lobibox.min.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e52d880ad386d41d01d9ab19cc7231c8a00dcad489fbfd5ca67890085476b80

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1117
status
200
content-encoding
br
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
W/"5d67b9b5-65d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
50e801e58db3bf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
lobibox.min.css
www.givemethisoffer.com/wim/static/assets/lobibox/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/assets/lobibox/css/lobibox.min.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba940a0f632a3567aa7493e66f016f845f58f3faff42bea7940df2e9fff5efd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1167
status
200
content-encoding
br
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
W/"5d67b9b5-5cbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
50e801e5ce1bbf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
gotit.png
www.givemethisoffer.com/wim/static/components/retry/9.11/ 		788 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.givemethisoffer.com/wim/static/components/retry/9.11/gotit.png
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87277cd3b66707bd00744d4d8854dff25d0ea4f0135bacfc9fe8a99f61bd4c5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1113
status
200
content-length
788
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
"5d67b9b5-314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
50e801e5de30bf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
sharp_arrow.png
www.givemethisoffer.com/wim/static/components/retry/9.11/ 		955 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.givemethisoffer.com/wim/static/components/retry/9.11/sharp_arrow.png
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75aec78e1c8839909fa31a17673ff852181789261a8b9275b5e07d1ccc046d3e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1113
status
200
content-length
955
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
"5d67b9b5-3bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
50e801e5de31bf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
cookie_notice_1.css
www.givemethisoffer.com/wim/static/components/lp-modal/3.1.0/src/demos/css/ 		755 B
349 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/components/lp-modal/3.1.0/src/demos/css/cookie_notice_1.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f7617d20b81be86e5571546bae2a48b125c6593cae06f9b983c7ec121882dd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1116
status
200
content-encoding
br
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
W/"5d67b9b5-2f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
50e801e5de38bf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
slickmodal.min.css
www.givemethisoffer.com/wim/static/components/lp-modal/3.1.0/src/plugin/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/components/lp-modal/3.1.0/src/plugin/css/slickmodal.min.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2d44541c7f753c8620605811d025fb6a04df7592a12e6bcdc33d9c870fc53a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1115
status
200
content-encoding
br
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
W/"5d67b9b5-4ad6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
50e801e5de3abf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
jquery.slickmodal.min.js
www.givemethisoffer.com/wim/static/components/lp-modal/3.1.0/src/plugin/js/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/static/components/lp-modal/3.1.0/src/plugin/js/jquery.slickmodal.min.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a563b33b9cb31a9571de6c919f767afb5895da847c93f6ca08147bc770a762

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1167
status
200
content-encoding
br
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
W/"5d67b9b5-3fae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
50e801e5fe64bf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
bg.png
www.givemethisoffer.com/wim/static/components/retry/9.11/ 		855 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.givemethisoffer.com/wim/static/components/retry/9.11/bg.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6809b3ca7f88410a099828041023012b49993acce6fcc47cbdf9bb8bd9b633

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
766
status
200
content-length
855
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
"5d67b9b5-357"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
50e801e61eb4bf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
info.png
www.givemethisoffer.com/wim/static/components/info/2/ 		655 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.givemethisoffer.com/wim/static/components/info/2/info.png
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d9d30ea1887c21d5ea8a2edbbdddb3c837604dbb8e3d1e1cc13bdf100482d9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1113
status
200
content-length
655
last-modified
Thu, 29 Aug 2019 11:40:37 GMT
server
cloudflare
etag
"5d67b9b5-28f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
50e801e62ebcbf0f-FRA
expires
Fri, 30 Aug 2019 20:05:38 GMT
css
fonts.googleapis.com/ 		9 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600,700,400,300
Requested by
Host: www.givemethisoffer.com
URL: https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 30 Aug 2019 16:05:38 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 30 Aug 2019 16:05:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 30 Aug 2019 16:05:38 GMT
Roboto-Bold.woff2
cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/Roboto-Bold.woff2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1565591531251/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b4584f80ee94497a7fc4157d534818ccad1a554536cf49167442f711bd3870
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css
Origin
https://www.givemethisoffer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:39 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
11814793
status
200
content-length
64800
served-in-seconds
0.008
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:22:59 GMT
server
cloudflare
etag
"5afd49f3-fd20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
50e801e6dbea598e-VIE
expires
Wed, 19 Aug 2020 16:05:39 GMT
Roboto-Light.woff2
cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/Roboto-Light.woff2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1565591531251/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
acec38d50a6f94a303ccecab62bd2814b6aa7753b15f55b053fd54a7d2fa1a4f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css
Origin
https://www.givemethisoffer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:39 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3157901
status
200
content-length
64268
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:22:59 GMT
server
cloudflare
etag
"5afd49f3-fb0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
50e801e6dbed598e-VIE
expires
Wed, 19 Aug 2020 16:05:39 GMT
Roboto-Regular.woff2
cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/fonts/roboto/Roboto-Regular.woff2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1565591531251/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdnjs.cloudflare.com/ajax/libs/materialize/0.99.0/css/materialize.min.css
Origin
https://www.givemethisoffer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:39 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
3157901
status
200
content-length
64832
served-in-seconds
0.009
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:59 GMT
server
cloudflare
etag
"5afd49b7-fd40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
50e801e6dbec598e-VIE
expires
Wed, 19 Aug 2020 16:05:39 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1565591531251/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:600,700,400,300
Origin
https://www.givemethisoffer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 24 Aug 2019 06:30:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
552894
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Sun, 23 Aug 2020 06:30:45 GMT
ccValid.php
www.givemethisoffer.com/wim/wi/ 		31 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/wi/ccValid.php?skip=false&ctag=8301_fid71_lp23.5_wit1567181139&clickid=75207427281&yid=d5pr&vertical=privateSearch&extType=dm&step=0&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
c8744428a12ba572d3b2ce96f29500638ce2035d0437c04be5feb9ca910c1717

Request headers

Accept
*/*
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cf-ray
50e801e87abcbf0f-FRA
date
Fri, 30 Aug 2019 16:05:39 GMT
via
1.1 google
server
cloudflare
status
200
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
content-encoding
br
wa
www.cherami-cloud.com/report/ 		2 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cherami-cloud.com/report/wa?ctag=8301_fid71_lp23.5_wit1567181139&clickid=75207427281&yid=d5pr&vertical=privateSearch&step=0&res=1600X1200&dkw=paypal-support.de&extType=dm&action=pageload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c403 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 16:05:39 GMT
via
1.1 google
server
cloudflare
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
50e801e8ad14c290-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length
2
rcp.php
www.givemethisoffer.com/wim/reports/ 		1 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.givemethisoffer.com/wim/reports/rcp.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a917 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept
*/*
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-ray
50e801e90bbabf0f-FRA
date
Fri, 30 Aug 2019 16:05:39 GMT
via
1.1 google
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
status
200
content-encoding
br
fr
7proof.com/app/ 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7proof.com/app/fr?type=l1&dp1=75207427281&score=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.82.9.96 Rockville, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.givemethisoffer.com/wim/static/wi/main3.html?tp=iw&cid=8301&v=23&gnum=6&clickid=75207427281&cachecode=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D&q=paypal+support+MT+online+shop++shopping+sites+Services+paypal-support.com++Industrial++e+selling+Business&dkw=paypal-support.de&g=GB&cc2=nPSs03KV85m7JgZ64Efdlw%3D%3D%3AZmVkY2JhOTg3NjU0MzIxMA%3D%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 30 Aug 2019 16:05:39 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| Sentry number| delayTime object| _reporter function| calcPopupWinSizeAndPos function| openPopupWindow function| openSideOffer function| inIframe function| inPop function| setLang function| translatePage function| getParameterByName function| addListener function| removeListener function| trigger function| browserName function| getStepsObject function| report function| getOfferManager function| getProduct function| getRequest function| getExtras function| getFunnel boolean| delayFinish boolean| delayFinishDontTimeout boolean| delayFinishLoader function| checkIfInstalled object| InstallMsg object| closure_lm_478037 object| Lobibox function| showRetry function| closeModal boolean| continued function| showHelp function| onFlowResult boolean| waitingForMessage

7 Cookies

Domain/Path Name / Value
.saferesultonline.net/ Name: d5pr_vert
Value: privateSearch
.givemethisoffer.com/ Name: __cfduid
Value: d037377c6b14b48c81d9497a2f07184ce1567181138
.saferesultonline.net/ Name: __cfduid
Value: de536ab34893a36ab2495eb5c6264ca3c1567181138
.saferesultonline.net/ Name: d5pr_clickid
Value: 75207427281
.saferesultonline.net/ Name: d5pr_npage
Value: skip
.saferesultonline.net/ Name: d5pr_extid
Value: oohgljecdmahbdiafheoabbeplbiopkp
.saferesultonline.net/ Name: d5pr_cid
Value: 8301_fid71_lp23.5_wit1567181139

4 Console Messages

Source Level URL
Text
console-api log URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js(Line 1)
Message:
[object Object]
console-api log URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js(Line 1)
Message:
1
console-api log URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js(Line 1)
Message:
1
console-api log URL: https://www.givemethisoffer.com/wim/static/dist/bundle.js(Line 1)
Message:
OfferManager: No chrome object

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7lyonline.com
7proof.com
ajax.googleapis.com
browser.sentry-cdn.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
forwrdnow.com
logs-01.loggly.com
paypal-support.de
search.saferesultonline.net
stackpath.bootstrapcdn.com
track.tkbo.com
track.traffic.club
trafficclub-nde.netdna-ssl.com
www.cherami-cloud.com
www.givemeapplink.com
www.givemethisoffer.com
www.google-analytics.com
www.google.com
www.gstatic.com
108.161.188.132
108.168.193.184
138.201.252.161
144.76.0.242
151.101.194.217
2001:4de0:ac18::1:a:1a
2001:4de0:ac19::1:b:2b
23.82.9.96
2606:4700:30::681b:9928
2606:4700:30::681f:5484
2606:4700::6813:c397
2606:4700:e4::ac40:a917
2606:4700:e6::ac40:c403
2a00:1450:4001:806::200a
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:825::2003
2a01:4f8:c2c:bc6c::1
52.90.52.15
02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365
03b4584f80ee94497a7fc4157d534818ccad1a554536cf49167442f711bd3870
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b5aee94843076932d9cfa527f447f41306acdf650abf4e02527731e8119a639
1ba940a0f632a3567aa7493e66f016f845f58f3faff42bea7940df2e9fff5efd
33171d159191d9aee7967996572a02b6fc2a2ffb231f0c9aa83b41efefc61893
3475f0f670a303d4746c51e9c6f4a6c3d0f44c6ba3d30c5195ea9eb38333c56a
373a0505368dab061278aa0b7243dc58fc165a25f8b0286d57f8835d06ab6e27
3e2ea470e6730906ac4026cab3e37b8395e94c02d485127a2bc1427d29e98e54
3fd1eba0416bda9c32dbf8f1716b8a18aa9f7769512850da3f332f08f2bec05a
40a563b33b9cb31a9571de6c919f767afb5895da847c93f6ca08147bc770a762
47f7617d20b81be86e5571546bae2a48b125c6593cae06f9b983c7ec121882dd
4e52d880ad386d41d01d9ab19cc7231c8a00dcad489fbfd5ca67890085476b80
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55d9d30ea1887c21d5ea8a2edbbdddb3c837604dbb8e3d1e1cc13bdf100482d9
5fd49602a2c5ded6201460e623a338079e8a0079035a910f747fd812a0566a9b
6300ac49cbe108f6d830a2844c27aa2198f539f05747d6e6f4a96c8fb96cb089
6a2d44541c7f753c8620605811d025fb6a04df7592a12e6bcdc33d9c870fc53a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75aec78e1c8839909fa31a17673ff852181789261a8b9275b5e07d1ccc046d3e
77101c7fed0d10c82b345d35cec48844c6ca3912b2a935a02bccc55591cc671e
7aed1ee8053dfd771139d6293875ce1e0e9e7af51af0a93ec5ec4f0d509f8090
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
a225638dde45ba8b7d7ff7e0c07e480418ec380ed30dd71f48ae48d84674cccc
ac6b6b49a148def0d80eec58fb794e5fa76c9e51645c897e5da1018c689f97c3
acec38d50a6f94a303ccecab62bd2814b6aa7753b15f55b053fd54a7d2fa1a4f
ae32741ea1b43fb7ecc130ab025e51d89bfde3e1fbc74fd813e2b3f5406a6fdc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b73f0dd9f8b1f342b89386a83b08eb8d6d9b9c534565a276d596ae6511e64740
b87277cd3b66707bd00744d4d8854dff25d0ea4f0135bacfc9fe8a99f61bd4c5
c158db0fc75f19ae2145aa49b2526b1ddbae6d2405ac37656e7d3886999ec2bb
c51e4361133f3b95f1ca39027c083ba2a13099f379511112f2534364218fd62a
c8744428a12ba572d3b2ce96f29500638ce2035d0437c04be5feb9ca910c1717
ce86c4e45f706d518225a7e2d718fe8dfc150483545f1de16fca34b9ee3a7505
d2d35d7638e6c04392c6022b87d714ff29f054bf0a050da63d0d4ddfc6d82e01
d52a71f00a5255842d4a231bd34bfcb68c40b862705df396c54c5f750ee50902
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc35409e65fcd501c39ade74172da5cdbb574d4fc72fa925b92ff15460de31aa
dc6809b3ca7f88410a099828041023012b49993acce6fcc47cbdf9bb8bd9b633
e0c8e7c1f70364e1f6f13afbb93be6ca3bceec407141acf040eaee7d4aee5f33
e2d86b085059ec948a552431c30923465f9fb1627df496a9705ec69ffc514f6e
e37175c872fc53f06ace33890986b1983980812d7130f497a9f0125e78188b7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855