urlscan.io logo urlscan.io
SecurityTrails logo

offers-unsubscribe.com Open in urlscan Pro
2606:2800:11f:1cb7:261b:1f9c:2074:3c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://contain.dreaminrep.buzz/iu=AhYvs3Xvfz7.fbhf7s3sY/ilz237z7Y-ss7/3scjnyzXZDEGivHjl3vAGfUHG2MHG2THjusR85sHi/37bOzOhYh3DEanD...
Effective URL: https://offers-unsubscribe.com/
Submission: On February 24 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 6 countries across 14 domains to perform 35 HTTP transactions. The main IP is 2606:2800:11f:1cb7:261b:1f9c:2074:3c, located in United States and belongs to EDGECAST, US. The main domain is offers-unsubscribe.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 8th 2022. Valid for: a year.
This is the only time offers-unsubscribe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    200.229.21.61 (United States)

ASN49999 (BANDWIDTHTECH-AS, GB)
PTR: contain.dreaminrep.buzz
contain.dreaminrep.buzz
3    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
offers-unsubscribe.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:20::681a:1f7 (United States)

ASN13335 (CLOUDFLARENET, US)
formrequests.com
5    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)
s.yimg.com
3    2a02:e980:29::3d (United States)

ASN19551 (INCAPSULA, US)
consumertransferservice.com
1    2a00:1450:4025:402::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.140.161.81 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.161.140.34.bc.googleusercontent.com
direct-thumb-service.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
630 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
25 KB
3 consumertransferservice.com
consumertransferservice.com — Cisco Umbrella Rank: 321360
1 KB
3 formrequests.com
formrequests.com — Cisco Umbrella Rank: 763705
34 KB
3 offers-unsubscribe.com
offers-unsubscribe.com
66 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 466
7 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6149
408 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1186
633 B
1 direct-thumb-service.com
direct-thumb-service.com — Cisco Umbrella Rank: 344005
890 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
353 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
69 KB
1 dreaminrep.buzz
contain.dreaminrep.buzz
291 B
35 14
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com offers-unsubscribe.com
www.gstatic.com
www.google.com
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 consumertransferservice.com formrequests.com
offers-unsubscribe.com
3 formrequests.com offers-unsubscribe.com
formrequests.com
3 offers-unsubscribe.com offers-unsubscribe.com
2 s.yimg.com offers-unsubscribe.com
s.yimg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com offers-unsubscribe.com
formrequests.com
1 www.google.de offers-unsubscribe.com
1 sp.analytics.yahoo.com offers-unsubscribe.com
1 direct-thumb-service.com formrequests.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com offers-unsubscribe.com
1 contain.dreaminrep.buzz 1 redirects
35 15

This site contains no links.

Subject Issuer Validity Valid
www.offers-unsubscribe.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-08 -
2023-04-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-30 -
2023-07-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-19 -
2023-03-08		 2 months crt.sh
*.consumertransferservice.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-06 -
2023-10-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.direct-thumb-service.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-25 -
2023-03-25		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-03 -
2023-06-28		 6 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://offers-unsubscribe.com/
Frame ID: 7AEB1C19BFE5D629981E2908E870159E
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM&co=aHR0cHM6Ly9vZmZlcnMtdW5zdWJzY3JpYmUuY29tOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=54snqsvr09gc
Frame ID: D75D1D4DCE2D24F072F96E60AE201EDD
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM
Frame ID: FF20FE36F4F15A2E7B2113B7405FC9D3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Unsubscribe

Page URL History Show full URLs

  1. http://contain.dreaminrep.buzz/iu=AhYvs3Xvfz7.fbhf7s3sY/ilz237z7Y-ss7/3scjnyzXZDEGivHjl3vAGfUHG2MHG2THjusR8... HTTP 302
    https://offers-unsubscribe.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

35
Requests

100 %
HTTPS

80 %
IPv6

14
Domains

15
Subdomains

15
IPs

6
Countries

856 kB
Transfer

1966 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://contain.dreaminrep.buzz/iu=AhYvs3Xvfz7.fbhf7s3sY/ilz237z7Y-ss7/3scjnyzXZDEGivHjl3vAGfUHG2MHG2THjusR85sHi/37bOzOhYh3DEanDEq43yv7yy HTTP 302
    https://offers-unsubscribe.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offers-unsubscribe.com/
Redirect Chain
  • http://contain.dreaminrep.buzz/iu=AhYvs3Xvfz7.fbhf7s3sY/ilz237z7Y-ss7/3scjnyzXZDEGivHjl3vAGfUHG2MHG2THjusR85sHi/37bOzOhYh3DEanDEq43yv7yy
  • https://offers-unsubscribe.com/
14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7968) / ASP.NET
Resource Hash
977f43c9cfe89b63cf98ed26f16864307bd2d203238f4c28ce46aef48aa1642a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
347974
content-length
14097
content-type
text/html
date
Fri, 24 Feb 2023 15:28:31 GMT
etag
"0778eb12430d91:0"
last-modified
Tue, 24 Jan 2023 18:50:14 GMT
server
ECAcc (nya/7968)
x-cache
HIT
x-powered-by
ASP.NET

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Feb 2023 15:28:31 GMT
Location
https://offers-unsubscribe.com/
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,500,700,800|Montserrat:400,500,600,700&display=swap
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a576360918099aeb33b4089aa0ee479244d7dc500fce934348cd62b94b3c394a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 15:28:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Feb 2023 15:28:32 GMT
index.css
offers-unsubscribe.com/css/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offers-unsubscribe.com/css/index.css
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/1C60) / ASP.NET
Resource Hash
465d7ede8ce5eb075474044fff2508067f2a85bc6f46347fe5f8e434e81d3ce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:28:31 GMT
last-modified
Tue, 24 Jan 2023 18:50:14 GMT
server
ECAcc (nya/1C60)
age
267151
etag
"0778eb12430d91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
text/css
accept-ranges
bytes
content-length
12185
hit.core.js
formrequests.com/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://formrequests.com/hit.core.js
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1bc708d9cfd51e6461950b8ffd76596bcb0fb3ccbc94d08bd8f986ee0b36575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 23 Feb 2023 12:30:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63f75c7f-9ddf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BF5noGVQHc4OdpyqGRJsu3Yz85DZbN39VhmTZ10DMzRycrHQGPXSQufe1Xso7Pi3PUO7FvM9p8gwvO4oN2bl6yA75iA7E0pEzvTEf7Q1O4PSoQjv010GJc4r8wM36NFx0arY6%2B1PuZpJvr476k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cf-ray
79e93b484d459bd0-FRA
ccpa-app.js
formrequests.com/ccpa/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://formrequests.com/ccpa/ccpa-app.js
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d27dd41afda0eabf5f9cae37a9d2dfac36f7dcc6650981a03bda4c3ac9c83df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 23 Feb 2023 12:30:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63f75c4e-13082"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyx3LHR7QUGRjzWbDU72ytdObmVe%2FNp4PItoNnWleXb8WntNUr7%2BlGc1vmXZ70hsgGreeeZ5X95YhupmcXgGW%2FK6MAI5LJvuyf5jXpn22JNAmd4oTAcjGaqOUCVcS8bgluboUftQgdmIJJhnkCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cf-ray
79e93b484d469bd0-FRA
common.js
offers-unsubscribe.com/js/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers-unsubscribe.com/js/common.js
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/7998) / ASP.NET
Resource Hash
38b299946ea3b68e08fe017a4d77120e3be210128e032bea4eb87d53f429d0ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:28:31 GMT
last-modified
Tue, 24 Jan 2023 18:50:16 GMT
server
ECAcc (nya/7998)
age
267151
etag
"0a4bfb22430d91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
40460
api.js
www.google.com/recaptcha/ 		850 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
1; mode=block
expires
Fri, 24 Feb 2023 15:28:32 GMT
gtm.js
www.googletagmanager.com/ 		197 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TNP7LR
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09c6ffe37afd366e5bf652b9f737679695a9cad5070a383e47013b9c3cc3c1b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69977
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Feb 2023 15:28:32 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,700,800|Montserrat:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers-unsubscribe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 01:03:59 GMT
x-content-type-options
nosniff
age
138273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 01:03:59 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,700,800|Montserrat:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers-unsubscribe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 12:23:04 GMT
x-content-type-options
nosniff
age
97528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 12:23:04 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,500,700,800|Montserrat:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers-unsubscribe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 20:35:57 GMT
x-content-type-options
nosniff
age
240755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:35:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNP7LR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 14:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4422
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 24 Feb 2023 16:14:50 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:23:12 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
KF7QE8HMWAFP0GS4
age
321
x-amz-server-side-encryption
AES256
x-amz-id-2
ffPLuhAsbVmev1C8dPZtGo/GELa42EjTzC63NQ99Dahw8Iwsqa+qDAol8lfk4k+4hZA64QOLXCHdT6v+fbzROkZWlkHq0XmQNi5F74dsv90=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
/
consumertransferservice.com/hit/ 		102 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consumertransferservice.com/hit/?clienturl=https%3A//offers-unsubscribe.com/&rnd=0.29583115905989965&responsetype=json&o=0&ReferrerURL=&c=1
Requested by
Host: formrequests.com
URL: https://formrequests.com/hit.core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:29::3d , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
18cd76c00a40265f081f1d6791c6312f62f8b80028a8b0eb67a1e9632082a874

Request headers

mb-info-type
true
Referer
https://offers-unsubscribe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
gzip
x-cdn
Imperva
vary
Origin
content-type
application/json
access-control-allow-origin
https://offers-unsubscribe.com
x-iinfo
11-66713294-66602778 pNYN RT(1677252512431 347) q(0 0 0 -1) r(1 1) U24
access-control-allow-credentials
true
/
consumertransferservice.com/hit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consumertransferservice.com/hit/?clienturl=https%3A//offers-unsubscribe.com/&rnd=0.29583115905989965&responsetype=json&o=0&ReferrerURL=&c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:29::3d , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,mb-info-type
Access-Control-Request-Method
GET
Origin
https://offers-unsubscribe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,mb-info-type
access-control-allow-methods
GET
access-control-allow-origin
https://offers-unsubscribe.com
date
Fri, 24 Feb 2023 15:28:31 GMT
vary
Origin
x-cdn
Imperva
x-iinfo
11-66713294-66320962 pNNN RT(1677252512431 134) q(0 0 0 1) r(1 1) U24
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1714959738&t=pageview&_s=1&dl=https%3A%2F%2Foffers-unsubscribe.com%2F&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1833852443&gjid=1474823609&cid=1368942261.1677252512&tid=UA-85818623-2&_gid=177700689.1677252512&_r=1&_slc=1&gtm=45He32m0n71TNP7LR&cd2=1677252512239.zr648lzci&cd3=2023-02-24T15%3A28%3A32.239%2B00%3A00&cd8=offers-unsubscribe.com&z=1422941699
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offers-unsubscribe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 15:28:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers-unsubscribe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
10063681.json
s.yimg.com/wi/config/ 		2 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10063681.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:12:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
S4P8EBE07PS1C4FY
age
966
content-length
22
x-amz-id-2
x2YLJ+kjWd4OABz7dBaUrpHPiQ+TbvBm4uVy0ZAlFg7clfwVEIhRldpmv+EG/B0KyZtdD3g9RmU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-85818623-2&cid=1368942261.1677252512&jid=1833852443&gjid=1474823609&_gid=177700689.1677252512&_u=YEBAAAAAAAAAAC~&z=1123018224
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offers-unsubscribe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 24 Feb 2023 15:28:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offers-unsubscribe.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
calculate
direct-thumb-service.com/ 		44 B
890 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct-thumb-service.com/calculate?fp=b1435535f12f13f446376cf05dc6e4c4
Requested by
Host: formrequests.com
URL: https://formrequests.com/hit.core.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.140.161.81 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.161.140.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
00afd55e73b825e4264390cb3b82073e5f765acc6b1c8e1db06383c12165692a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 15:28:33 GMT
Content-Encoding
gzip
Server
nginx
X-CDN
Imperva
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://offers-unsubscribe.com
X-Iinfo
5-25470547-25470548 NNYN CT(149 298 0) RT(1677252512386 6) q(0 0 5 -1) r(7 7) U24
Access-Control-Allow-Credentials
true
Connection
keep-alive
ccpa-app.css
formrequests.com/ccpa/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://formrequests.com/ccpa/ccpa-app.css
Requested by
Host: formrequests.com
URL: https://formrequests.com/ccpa/ccpa-app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e9193832ce79eae43af3afd8579b3f6139382c02b3a70e4431df137210d3b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Feb 2023 12:30:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2588
etag
W/"63f75c4e-3bde"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6mEoQHLmkmMzAHRgKwV7fqtRcNUQN6ZY1jaK812EXjjSRc569nI8%2Ff6X6rSINT0fRVCncbio73UgKRHglOLSzHESQa7Vp%2F4PFyeRgA1t8pcXMkJS2mz0mZMclVn9yWyzS7RkHxGrvTuWnRTO7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cf-ray
79e93b4bab3a9bd0-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 		408 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers-unsubscribe.com/
Origin
https://offers-unsubscribe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 12:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Feb 2024 12:39:33 GMT
/
consumertransferservice.com/getstate/ 		13 B
512 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consumertransferservice.com/getstate/?checkForCA=true
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/js/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:e980:29::3d , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f3f13a010d5f72e8023e4685adf0e58fc511e7bc9db482695ecf8d6e99e22a49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
x-iinfo
11-66713294-66602778 pNYN RT(1677252512431 135) q(0 0 0 4) r(1 1) U24
date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
gzip
detected-ip
2a01:4a0:1338:92::3
x-cdn
Imperva
content-type
application/json; charset=utf-8
css
fonts.googleapis.com/ 		6 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Requested by
Host: formrequests.com
URL: https://formrequests.com/ccpa/ccpa-app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://formrequests.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Feb 2023 15:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 14:38:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Feb 2023 15:28:32 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2024%20Feb%202023%2015%3A28%3A32%20GMT&n=0&b=Unsubscribe&.yp=10063681&f=https%3A%2F%2Foffers-unsubscribe.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 15:28:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 24 Feb 2023 15:28:32 GMT
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85818623-2&cid=1368942261.1677252512&jid=1833852443&_u=YEBAAAAAAAAAAC~&z=1300146352
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 15:28:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-85818623-2&cid=1368942261.1677252512&jid=1833852443&_u=YEBAAAAAAAAAAC~&z=1300146352
Requested by
Host: offers-unsubscribe.com
URL: https://offers-unsubscribe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offers-unsubscribe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 15:28:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame D75D 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM&co=aHR0cHM6Ly9vZmZlcnMtdW5zdWJzY3JpYmUuY29tOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=54snqsvr09gc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
99c23efe2ec789224438e5b93444ee374ed47e2b2e9cb8b03cc6e49b77070b8a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0ElNhQDAteQXZsrqr1AI3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offers-unsubscribe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23233
content-security-policy
script-src 'report-sample' 'nonce-0ElNhQDAteQXZsrqr1AI3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 15:28:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame D75D 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM&co=aHR0cHM6Ly9vZmZlcnMtdW5zdWJzY3JpYmUuY29tOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=54snqsvr09gc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 17:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 17:15:24 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame D75D 		408 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM&co=aHR0cHM6Ly9vZmZlcnMtdW5zdWJzY3JpYmUuY29tOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=54snqsvr09gc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 12:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Feb 2024 12:39:33 GMT
truncated
/ Frame D75D 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D75D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D75D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 08:02:07 GMT
x-content-type-options
nosniff
age
372386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 27 Feb 2023 08:02:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D75D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM&co=aHR0cHM6Ly9vZmZlcnMtdW5zdWJzY3JpYmUuY29tOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=54snqsvr09gc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 20:22:37 GMT
x-content-type-options
nosniff
age
68756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 20:22:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D75D 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM&co=aHR0cHM6Ly9vZmZlcnMtdW5zdWJzY3JpYmUuY29tOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=54snqsvr09gc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM&co=aHR0cHM6Ly9vZmZlcnMtdW5zdWJzY3JpYmUuY29tOjQ0Mw..&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&cb=54snqsvr09gc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 15:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 24 Feb 2023 15:28:33 GMT
bframe
www.google.com/recaptcha/api2/ Frame FF20 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
14991d95a58d5b113fb3413b74e85154b22d016d21e34e0763bec262b23fc5c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ba76bfykovzOhnXU3bC2_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offers-unsubscribe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-ba76bfykovzOhnXU3bC2_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 15:28:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame FF20 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 17:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 17:15:24 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame FF20 		408 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LenboUfAAAAAAotMBQ24wWZy897KK9az8I82GBM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 12:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Feb 2024 12:39:33 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| dataLayer object| lmpost object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| dotq object| __jsf__Cnsmrvrfy function| hitregistersuccess boolean| hitcorejsalreadyfired boolean| __jsf__initFp object| gaplugins object| gaGlobal object| gaData object| YAHOO boolean| __ccpa_init__ object| __ccpa__ object| regeneratorRuntime object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_159379 boolean| hitregistered function| validateUnsubscribePhoneCaptcha

8 Cookies

Domain/Path Name / Value
.offers-unsubscribe.com/ Name: _gcl_au
Value: 1.1.551753013.1677252512
offers-unsubscribe.com/ Name: lm_campid
Value: 1
.offers-unsubscribe.com/ Name: _ga
Value: GA1.2.1368942261.1677252512
.offers-unsubscribe.com/ Name: _gid
Value: GA1.2.177700689.1677252512
.offers-unsubscribe.com/ Name: _gat_UA-85818623-2
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBKDX-GMCEB7lQl635UN3uuHPvB-7u_gFEgEBAQEp-mMCZAAAAAAA_eMAAA&S=AQAAAtBzfVueprs7s_5xZqZO5vI
offers-unsubscribe.com/ Name: hit
Value: uid=4d11b943-189a-4d00-9fb9-4a0856a8203e
offers-unsubscribe.com/ Name: campaignuid
Value: 25262dbe-e138-43df-af68-3390a085ee83

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consumertransferservice.com
contain.dreaminrep.buzz
direct-thumb-service.com
fonts.googleapis.com
fonts.gstatic.com
formrequests.com
offers-unsubscribe.com
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
200.229.21.61
212.82.100.181
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:1f7
2a00:1288:f03d:1fa::4000
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200a
2a00:1450:400d:806::2003
2a00:1450:400d:80d::2003
2a00:1450:4025:402::9c
2a02:e980:29::3d
34.140.161.81
00afd55e73b825e4264390cb3b82073e5f765acc6b1c8e1db06383c12165692a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09c6ffe37afd366e5bf652b9f737679695a9cad5070a383e47013b9c3cc3c1b5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
14991d95a58d5b113fb3413b74e85154b22d016d21e34e0763bec262b23fc5c1
18cd76c00a40265f081f1d6791c6312f62f8b80028a8b0eb67a1e9632082a874
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
38b299946ea3b68e08fe017a4d77120e3be210128e032bea4eb87d53f429d0ed
3d27dd41afda0eabf5f9cae37a9d2dfac36f7dcc6650981a03bda4c3ac9c83df
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
465d7ede8ce5eb075474044fff2508067f2a85bc6f46347fe5f8e434e81d3ce4
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
977f43c9cfe89b63cf98ed26f16864307bd2d203238f4c28ce46aef48aa1642a
99c23efe2ec789224438e5b93444ee374ed47e2b2e9cb8b03cc6e49b77070b8a
a576360918099aeb33b4089aa0ee479244d7dc500fce934348cd62b94b3c394a
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d1bc708d9cfd51e6461950b8ffd76596bcb0fb3ccbc94d08bd8f986ee0b36575
d1e9193832ce79eae43af3afd8579b3f6139382c02b3a70e4431df137210d3b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f13a010d5f72e8023e4685adf0e58fc511e7bc9db482695ecf8d6e99e22a49