urlscan.io logo urlscan.io
SecurityTrails logo

www.resqspecialoffer.com Open in urlscan Pro
192.240.182.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c...
Submission: On April 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 62 HTTP transactions. The main IP is 192.240.182.16, located in United States and belongs to NEXCESS-NET, US. The main domain is www.resqspecialoffer.com.
TLS certificate: Issued by R3 on March 15th 2024. Valid for: 3 months.
This is the only time www.resqspecialoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

39    192.240.182.16 (United States)

ASN36444 (NEXCESS-NET, US)
PTR: gpc058-fs1.us-midwest-1.nxcli.net
www.resqspecialoffer.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    96.16.109.182 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-109-182.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
4    95.101.143.83 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-143-83.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
3    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
Apex Domain
Subdomains		 Transfer
39 resqspecialoffer.com
www.resqspecialoffer.com
2 MB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 709
154 KB
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3032
tr.outbrain.com — Cisco Umbrella Rank: 2950
wave.outbrain.com — Cisco Umbrella Rank: 3025
10 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
76 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
432 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
250 KB
2 gstatic.com
fonts.gstatic.com
94 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
260 B
62 9
Domain Requested by
39 www.resqspecialoffer.com www.resqspecialoffer.com
4 analytics.tiktok.com www.resqspecialoffer.com
analytics.tiktok.com
4 connect.facebook.net www.resqspecialoffer.com
connect.facebook.net
3 www.facebook.com www.resqspecialoffer.com
3 www.googletagmanager.com www.resqspecialoffer.com
www.googletagmanager.com
2 tr.outbrain.com amplify.outbrain.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.resqspecialoffer.com
1 wave.outbrain.com amplify.outbrain.com
1 region1.google-analytics.com www.googletagmanager.com
1 amplify.outbrain.com www.resqspecialoffer.com
62 11

This site contains links to these domains. Also see Links.

Domain
pubmed.ncbi.nlm.nih.gov
Subject Issuer Validity Valid
resqspecialoffer.com
R3		 2024-03-15 -
2024-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-31 -
2024-04-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Frame ID: 8300D16B89DAD2E6A747ADD01FE68AD2
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nivå CBD

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

2239 kB
Transfer

3412 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.resqspecialoffer.com/sav2niva/desktop/ 		36 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
9df4d142924f9b0434e77e168da60e3af59572a96c48d0dd12a8cc49ad0c736d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Mon, 22 Apr 2024 22:49:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
utils.min.css
www.resqspecialoffer.com/sav2niva/desktop/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/css/utils.min.css
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
ab9c428fa0309387167e83ee41cf6d88eebe1f8c6a129947fde0c5b041cacc98

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:27 GMT
last-modified
Sun, 24 Mar 2024 00:58:12 GMT
server
Apache
etag
"1546-6145d8d254af5"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
text/css
accept-ranges
bytes
content-length
5446
bootstrap-4.3.1.min.css
www.resqspecialoffer.com/sav2niva/desktop/css/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/css/bootstrap-4.3.1.min.css
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
882f9a6a85743235cbd8889b82d92c70da49b469eb437c68c12a760023cd8e31

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:27 GMT
last-modified
Sun, 24 Mar 2024 00:58:04 GMT
server
Apache
etag
"26040-6145d8ca40113"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
text/css
accept-ranges
bytes
content-length
155712
style.min.css
www.resqspecialoffer.com/sav2niva/desktop/css/ 		52 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
10b38304603bd7fa9dedbb109642069ab8045ec9df4aec5642d6bbda72af38d4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:27 GMT
last-modified
Sun, 24 Mar 2024 00:58:10 GMT
server
Apache
etag
"d049-6145d8d012115"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
text/css
accept-ranges
bytes
content-length
53321
animate-3.7.0.css
www.resqspecialoffer.com/sav2niva/desktop/css/ 		70 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/css/animate-3.7.0.css
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:27 GMT
last-modified
Sun, 24 Mar 2024 00:58:04 GMT
server
Apache
etag
"11848-6145d8ca3da03"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
text/css
accept-ranges
bytes
content-length
71752
jquery.fancybox.css
www.resqspecialoffer.com/sav2niva/desktop/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/css/jquery.fancybox.css
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
f5fe3461099bee66d05f4c6e21a45e6989f1514a9302878bb5549eb2a4d2e370

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:27 GMT
last-modified
Sun, 24 Mar 2024 00:58:06 GMT
server
Apache
etag
"12ab-6145d8cbfb2f8"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
text/css
accept-ranges
bytes
content-length
4779
css2
fonts.googleapis.com/ 		5 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 22:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:30:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Apr 2024 22:49:27 GMT
css2
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 22:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:07:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Apr 2024 22:49:27 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6VZMG4285N
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74d7908018c178caf6ad534361c59c5e534c2fe0af52f0b2b13e46a07172092d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102733
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Apr 2024 22:49:28 GMT
pixel.gif
www.resqspecialoffer.com/sav2niva/desktop/images/ 		43 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/pixel.gif
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
46d11334d5de0f7347f38cc87fe4f65d9bfbae29d2fd722ce5952c238a46f077

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:27 GMT
last-modified
Sun, 24 Mar 2024 00:59:02 GMT
server
Apache
etag
"2b-6145d901e0277"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/gif
accept-ranges
bytes
content-length
43
logo.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/logo.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
d9372eec09fa987d74280ecace6f0dfec95a15c6317e05955bd2c35229970801

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:27 GMT
last-modified
Sun, 24 Mar 2024 00:58:50 GMT
server
Apache
etag
"16d5-6145d8f67603e"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
5845
content.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		189 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/content.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
08227734883c11c40481d2dc9ba6beb4ea7c259005b70e99ce04cda20e218b8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:32 GMT
server
Apache
etag
"2f2e4-6145d8e4d5889"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
193252
hdr2.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/hdr2.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
5f1ea396ce01dedb72da44c10daeb0f465444c9154facb1b78e4b380973e567e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:47 GMT
server
Apache
etag
"9821-6145d8f32427e"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
38945
gerry-w.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/gerry-w.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
f1cafcef48de21eebaaae39638f40de49e2acf702649c20c4f2b77f4765fb86b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:45 GMT
server
Apache
etag
"3c26-6145d8f12cfa8"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
15398
5stars.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/5stars.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
cd698b2216e14f88be84845f5e0dd46b972742a9b42adc12d6436fea9f041e83

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:26 GMT
server
Apache
etag
"696-6145d8df9ba23"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
1686
roxie.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/roxie.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
b25c02a92d31112ecd3f905e90ab4190ca7696122b13b81262d5267bcf6ee60a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:05 GMT
server
Apache
etag
"3ca1-6145d90451e41"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
15521
julie.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/julie.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
668abf2d32eb32172e3c54bd7ccbdcd9d59f7a900c40543ec2a69d120ba972ee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:50 GMT
server
Apache
etag
"7afe-6145d8f5fd68b"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
31486
susan.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/susan.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
1d9e65ccf33dca0c338b461dc650082c8c9881708c6c83592e2c55127a2db0c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:11 GMT
server
Apache
etag
"3a0e-6145d90a00009"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
14862
nancy-k.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/nancy-k.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
226cc692c242c8e9622a980edc89db586f334e647aebf097cba187f9d27966df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:51 GMT
server
Apache
etag
"36bc-6145d8f73b86b"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
14012
ted-e.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/ted-e.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
27b5bc209ce58ef4fb7f1f4e2c5ee26d72b25dcacdb87b4f5bf512e7acc4932a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:12 GMT
server
Apache
etag
"37ba-6145d90ae82e7"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
14266
60-day-money-back.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/60-day-money-back.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
fc0711283fe819378735a68c50771c875f98c116e53aba3210007fb75401cfae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:27 GMT
server
Apache
etag
"16247-6145d8e01d847"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
90695
beach-couple.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/beach-couple.png?v1.0
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
5966d46744a0abbae010f1e12ee640252d5bbf6c2164d91d1d16073dc98496c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:29 GMT
server
Apache
etag
"19396-6145d8e2a72e1"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
103318
product.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/product.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
a42b87bf8b5d29c24af4ce15c3e5ee3a57c26aea4716d4acee88e992af40d4ee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:04 GMT
server
Apache
etag
"11b15-6145d9033e411"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
72469
jquery-3.4.1.min.js
www.resqspecialoffer.com/sav2niva/desktop/js/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/js/jquery-3.4.1.min.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:26 GMT
server
Apache
etag
"15851-6145d9190bd5c"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
application/javascript
accept-ranges
bytes
content-length
88145
bootstrap.bundle.min.js
www.resqspecialoffer.com/sav2niva/desktop/js/ 		75 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/js/bootstrap.bundle.min.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
3126158d682bafa50bffd7907d0bcecadebf82cc5be9da70235cea3390db2c2b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:27 GMT
server
Apache
etag
"12a14-6145d9195225e"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
application/javascript
accept-ranges
bytes
content-length
76308
jquery.lazy.min.js
www.resqspecialoffer.com/sav2niva/desktop/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/js/jquery.lazy.min.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:28 GMT
server
Apache
etag
"139f-6145d91a195e4"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
application/javascript
accept-ranges
bytes
content-length
5023
jquery.fancybox.js
www.resqspecialoffer.com/sav2niva/desktop/js/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/js/jquery.fancybox.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
2acd5c593f99ed3f880053a8e2e09daa948ebff4c8615efa63055e0695756926

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:28 GMT
server
Apache
etag
"7b54-6145d91a199cc"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
application/javascript
accept-ranges
bytes
content-length
31572
jquery.mask.js
www.resqspecialoffer.com/sav2niva/desktop/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/js/jquery.mask.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:29 GMT
server
Apache
etag
"5a89-6145d91b306c3"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
application/javascript
accept-ranges
bytes
content-length
23177
toolbox.js
www.resqspecialoffer.com/sav2niva/desktop/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/js/toolbox.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
18f8a385aad7eae7c6f5d05730f28794ca48c5b6924ba921f5110fc7428ab013

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:29 GMT
server
Apache
etag
"2934-6145d91bc1ee7"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
application/javascript
accept-ranges
bytes
content-length
10548
popup.js
www.resqspecialoffer.com/sav2niva/desktop/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/js/popup.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
a40ce1185d69d64d912a8fb1a48d89c997d80cb78c9a8f11d49485202ff47e29

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:28 GMT
server
Apache
etag
"615-6145d91ae1139"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
application/javascript
accept-ranges
bytes
content-length
1557
exit-popup.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/exit-popup.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
f6900e2a5640ec9b21642042db0597bf05585b833e1a196e50fd2b3de4c7ed00

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:35 GMT
server
Apache
etag
"1b73a-6145d8e81a740"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
112442
warning-yellow.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		686 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/warning-yellow.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
e3ab8f8e91d4ac320e7a4872cb9e360e193fca52aa5993919692f4c2cc1f2540

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:18 GMT
server
Apache
etag
"2ae-6145d911687fe"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
686
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Apr 2024 22:49:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1294, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
EZaetUD7viqFisLB35FG3utaR+/TX1H4SJBXp4OkeMdw75mdyxwVLyb3A+pxAYvvAwzMgZBeYP5E/fNNSURPwA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W9XL7GDR
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b8a7cfdf4081cdc581d04f49557dc1afcfc49da16681cd4d6f5fc13fcdb21c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49757
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:18:33 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Apr 2024 22:49:28 GMT
pixel.gif
www.resqspecialoffer.com/sav2niva/desktop/images/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/pixel.gif
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
46d11334d5de0f7347f38cc87fe4f65d9bfbae29d2fd722ce5952c238a46f077

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:27 GMT
last-modified
Sun, 24 Mar 2024 00:59:02 GMT
server
Apache
etag
"2b-6145d901e0277"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/gif
accept-ranges
bytes
content-length
43
5stars.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/5stars.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
cd698b2216e14f88be84845f5e0dd46b972742a9b42adc12d6436fea9f041e83

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:26 GMT
server
Apache
etag
"696-6145d8df9ba23"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
1686
index-form-container-model.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/index-form-container-model.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
4a489e0ab8a733727b5432f4d1b6fa2c83f638f2c76671c77bacf56fae83ebb6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:48 GMT
server
Apache
etag
"12d1c-6145d8f4cc3b2"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
77084
right-arrow.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/right-arrow.png
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
c8f16cebdad0b081a9a5376f5ae40146a37d163b0722381d67a193d472b043e6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:59:04 GMT
server
Apache
etag
"1668-6145d90406736"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
5736
truncated
/ 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f382ffd271872cdef7cba74c23ef48f12011f94c1134299bec5723e8e3f88bc3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
Oswald-Medium.woff2
www.resqspecialoffer.com/sav2niva/desktop/css/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/css/Oswald-Medium.woff2
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
fccd1cf86c5987cc85ced2f0466747709300bbd7bc40db38953d064b81243b73

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Origin
https://www.resqspecialoffer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:09 GMT
server
Apache
accept-ranges
bytes
etag
"77bc-6145d8cf50b4f"
content-length
30652
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
Oswald-Bold.woff2
www.resqspecialoffer.com/sav2niva/desktop/css/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/css/Oswald-Bold.woff2
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
98526e39f5819c9c928fd9506a8e93bb8301dec82c86be7e6c3a4753bde0e246

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/css/style.min.css
Origin
https://www.resqspecialoffer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
last-modified
Sun, 24 Mar 2024 00:58:08 GMT
server
Apache
accept-ranges
bytes
etag
"3e7c-6145d8ce367a8"
content-length
15996
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.resqspecialoffer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 07:51:59 GMT
x-content-type-options
nosniff
age
572249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 07:51:59 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.resqspecialoffer.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
259412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 22:45:56 GMT
obtp.js
amplify.outbrain.com/cp/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.109.182 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-109-182.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fb1afc01c16fdad5719b09ee2f8e5d841b0cdb2a669bdabc8a6eec18cd72c018

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 22:49:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Mar 2024 10:17:18 GMT
Server
AkamaiNetStorage
ETag
"b8a546f55dab30983fc9bd403c53bc91:1710757218.439864"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8262
Expires
Mon, 22 Apr 2024 23:09:28 GMT
365760763899580
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/365760763899580?v=2.9.154&r=stable&domain=www.resqspecialoffer.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e66290bbda84d90bb85783318892b5221869635f23eadd12f8cfff3cc3d8ee55
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Apr 2024 22:49:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=64, mss=1294, tbw=63236, tp=-1, tpl=-1, uplat=56, ullat=0
pragma
public
x-fb-debug
UxqeT2GeJYqeHkMq0lzv4w0LRM0ih+bze6ZLgC0kjn+5oX2CfAi6Dipsd79uk37K+k2WBaRrfqLYdsyfczMHAw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLAE1BJC77UFQUH26PE0&lib=ttq
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.143.83 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-143-83.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0dcfe814f3e4aded8ea347e9220269cbb6340d154297ef601d955a3c682034d5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
26e40529.3c56a587
date
Mon, 22 Apr 2024 22:49:28 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240422224928D0FAB05BD4C5034BE811-45212ABF7AE6B737-00
x-cache
TCP_MISS from a95-101-143-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time
87,95.101.143.79
server-timing
cdn-cache; desc=MISS, edge; dur=80, origin; dur=7, inner; dur=4
content-length
1738
pragma
no-cache
server
nginx
x-tt-logid
20240422224928D0FAB05BD4C5034BE811
x-cache-remote
TCP_MISS from a23-220-107-72.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.220.107.72
x-tt-trace-host
0197e22c806cee752f4956cfbf07ffbda4a6530aff26cc525146c4ae62c368814e00ea31672e067c6f415bb57c1bc3c5a46b9db9d7e5412dadd38aead951853517622cf8be1c52a16a71a3a11f1ed75f7d25b52a1ad75e4adb8ecfed1267e54a0b93d05ad431009644dd123e8e12fed8f2
expires
Mon, 22 Apr 2024 22:49:28 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6VZMG4285N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9XL7GDR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c4b34808f3f10dc83d5a247dc3c37852fd4c714881749ea89d3510f735271a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102781
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Apr 2024 22:49:28 GMT
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6VZMG4285N&gtm=45je44h0v9102394332za200&_p=1713826168320&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=361739076.1713826169&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713826168&sct=1&seg=0&dl=https%3A%2F%2Fwww.resqspecialoffer.com%2Fsav2niva%2Fdesktop%2F%3Foffer_id%3D239%26aff_id%3D23119%26aff_sub2%3Dnivcg%26aff_sub3%3D0ad38de0f8e24464822f12c09a1c4095&dt=Niv%C3%A5%20CBD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2454
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VZMG4285N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 22 Apr 2024 22:49:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.resqspecialoffer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
369067210387895
connect.facebook.net/signals/config/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/369067210387895?v=2.9.154&r=stable&domain=www.resqspecialoffer.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
0f2ab2566414de5297c7bd55268ea92ba1ef8cb40e4bc4c01a7ffb83500f75c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Apr 2024 22:49:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=38, mss=1232, tbw=4310, tp=9, tpl=0, uplat=47, ullat=0
pragma
public
x-fb-debug
0yxfwFE9fUZq3+SeHdFDRUo7c7ldfnoMpzMngeUMAFGjdZ5GW6tt1vii3ZDfezOVYR4UMv8bBW5cn6/YVmmCSA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=365760763899580&ev=PageView&dl=https%3A%2F%2Fwww.resqspecialoffer.com%2Fsav2niva%2Fdesktop%2F%3Foffer_id%3D239%26aff_id%3D23119%26aff_sub2%3Dnivcg%26aff_sub3%3D0ad38de0f8e24464822f12c09a1c4095&rl=&if=false&ts=1713826168796&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713826168795.979657913&ler=empty&cdl=API_unavailable&it=1713826168590&coo=false&rqm=GET
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 Apr 2024 22:49:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
unifiedPixel
tr.outbrain.com/ 		53 B
442 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=0035547416100844886&referrer=&cht=gtm&marketerId=00e0897855779c92fa28f42e783806a5b5&name=Niva%20CBD%20Offer%20Page%20View&dl=https%3A%2F%2Fwww.resqspecialoffer.com%2Fsav2niva%2Fdesktop%2F%3Foffer_id%3D239%26aff_id%3D23119%26aff_sub2%3Dnivcg%26aff_sub3%3D0ad38de0f8e24464822f12c09a1c4095&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 22:49:29 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
image/gif;
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-TraceId
4356927e7875698af0ecb3a18417f8dd
Content-Length
54
cachedClickId
tr.outbrain.com/ 		35 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00e0897855779c92fa28f42e783806a5b5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 22:49:29 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
2c1231f642300d04259192c11811b3f4
Content-Length
39
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/javascript
00e0897855779c92fa28f42e783806a5b5
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00e0897855779c92fa28f42e783806a5b5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.109.182 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-109-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Mon, 22 Apr 2024 22:49:28 GMT
ob-sent-time
1713813630947
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
41208ad84e346ef0119ea490f8b5d8c3
Content-Length
22
Expires
Mon, 22 Apr 2024 22:50:28 GMT
1290311424932243
connect.facebook.net/signals/config/ 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1290311424932243?v=2.9.154&r=stable&domain=www.resqspecialoffer.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
dc100a909106d4acd320e9e5ff04675d1852a362441c0e1cf941655b91992a1c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Apr 2024 22:49:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=42, mss=1232, tbw=9366, tp=15, tpl=0, uplat=58, ullat=0
pragma
public
x-fb-debug
zAyVWmOCqp+ETLOuByXno2kpx37Nkfv5mClEqORmLWg/RrTMjYJQ2ZpudLGOWnvgO/oWTyGY1O2CYAinxce+Ig==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=369067210387895&ev=PageView&dl=https%3A%2F%2Fwww.resqspecialoffer.com%2Fsav2niva%2Fdesktop%2F%3Foffer_id%3D239%26aff_id%3D23119%26aff_sub2%3Dnivcg%26aff_sub3%3D0ad38de0f8e24464822f12c09a1c4095&rl=&if=false&ts=1713826168894&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713826168795.979657913&ler=empty&cdl=API_unavailable&it=1713826168590&coo=false&rqm=GET
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1294, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 Apr 2024 22:49:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1290311424932243&ev=PageView&dl=https%3A%2F%2Fwww.resqspecialoffer.com%2Fsav2niva%2Fdesktop%2F%3Foffer_id%3D239%26aff_id%3D23119%26aff_sub2%3Dnivcg%26aff_sub3%3D0ad38de0f8e24464822f12c09a1c4095&rl=&if=false&ts=1713826169002&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713826168795.979657913&ler=empty&cdl=API_unavailable&it=1713826168590&coo=false&rqm=GET
Requested by
Host: www.resqspecialoffer.com
URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=3177, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 Apr 2024 22:49:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
main.MTIyYzc3NzllMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		431 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLAE1BJC77UFQUH26PE0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.143.83 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-143-83.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
3c56a6fe
date
Mon, 22 Apr 2024 22:49:29 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240419041051840D676FEAAC74A8FE53
x-tt-trace-id
00-240419041051840D676FEAAC74A8FE53-7B74A6BA42F1AEFC-00
vary
Accept-Encoding
x-cache
TCP_HIT from a95-101-143-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010e9623b74f758cd0faf46607725c21e2afbd45fdda57fb795f8ef7187aeb0dea9c2a1800ea3e6a43932ea50b27f859a0aee69e57102d691d47579948466367069749bac578c07bd86b1b498ed524588465ee4443a80ee6dc58e3764a940bdfe9
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
116139
identify_c26a2.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c26a2.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.143.83 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-143-83.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
3c56a8d3
date
Mon, 22 Apr 2024 22:49:29 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240419041013A4BE78C0587D93B900BC
x-tt-trace-id
00-240419041013A4BE78C0587D93B900BC-2C8DA20A27EAC39D-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-101-143-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01533150360d076d9b8a4d7e7f527ffb1e913d9c640014946a2f6cb51dc9f251e9e729a8089c29b3e2895605bbbafaf154d4428c36f11ec3cf94af7bdc8d68a1d1100ff3cce254d7314e4e86dbbb81e2ec00975155d35d3fc30689dd18154278e3
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
37126
pixel
analytics.tiktok.com/api/v2/ 		0
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.143.83 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-143-83.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.resqspecialoffer.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
3c56a958
date
Mon, 22 Apr 2024 22:49:29 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240422224929BA7F9DDFAC26ED37F452-127131C7872C3924-00
x-cache
TCP_MISS from a95-101-143-79.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing
inner; dur=32, cdn-cache; desc=MISS, edge; dur=11, origin; dur=107
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240422224929BA7F9DDFAC26ED37F452
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
107,95.101.143.79
x-tt-trace-host
0197e22c806cee752f4956cfbf07ffbda4b56b1c8ea6e4ee014322e0dde5aef0bdff02381348df77a269afd55fc962d1fc00bd6510f73c12dee297cc421d6a10a2601fb864eebc711d3562371803e5aee3c39598a63f835bed98e11e01a74e074a
access-control-allow-headers
Authorization,*
expires
Mon, 22 Apr 2024 22:49:29 GMT
verify-icon.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/verify-icon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
4584e8e75bd2b346dbb220bf453dcb43a0c4965d97c1439cc35205a6154c3edc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:29 GMT
last-modified
Sun, 24 Mar 2024 00:59:18 GMT
server
Apache
etag
"2692-6145d9109f538"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
9874
security-icons-c1.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/security-icons-c1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
9cb1c64cc85a8d4b0d2f79d68abc981187cfbbe4067dda7af4f08da0a5139625

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:29 GMT
last-modified
Sun, 24 Mar 2024 00:59:07 GMT
server
Apache
etag
"2d7d-6145d9065e4ef"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
11645
featured-product.png
www.resqspecialoffer.com/sav2niva/desktop/images/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.resqspecialoffer.com/sav2niva/desktop/images/featured-product.png?v1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
f0fc5f35393d2f3fa6ff60d758179d9ca8288ae27b82661e1dd363abafb93b2f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:29 GMT
last-modified
Sun, 24 Mar 2024 00:58:39 GMT
server
Apache
etag
"3ad39-6145d8ebed76b"
x-hostname
gpc058-fs1.us-midwest-1.nxcli.net
content-type
image/png
accept-ranges
bytes
content-length
240953
favicon.ico
www.resqspecialoffer.com/ 		196 B
246 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.resqspecialoffer.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.240.182.16 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
gpc058-fs1.us-midwest-1.nxcli.net
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 22:49:29 GMT
server
Apache
content-length
196
content-type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer function| fbq function| _fbq function| $ function| jQuery object| bootstrap object| date object| shipdate object| options function| Countdown number| inventory number| inventoryTimer function| reduceInventory function| setCookie function| getCookie function| Popup boolean| discount_eligible function| leaveFromTop function| obApi object| google_tag_manager object| google_tag_data string| TiktokAnalyticsObject object| ttq function| onYouTubeIframeAPIReady object| gaGlobal function| apiObj object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks number| socialInterval

10 Cookies

Domain/Path Name / Value
www.resqspecialoffer.com/sav2niva/desktop Name: cookie_counter_starting_items
Value: 56
www.resqspecialoffer.com/sav2niva/desktop Name: cookie_counter_remaining_items
Value: 55
www.resqspecialoffer.com/ Name: PHPSESSID
Value: h79ohr60j51q5brfdiq1q77h82
.resqspecialoffer.com/ Name: _ga_6VZMG4285N
Value: GS1.1.1713826168.1.0.1713826168.0.0.0
.resqspecialoffer.com/ Name: _ga
Value: GA1.1.361739076.1713826169
.resqspecialoffer.com/ Name: _fbp
Value: fb.1.1713826168795.979657913
.tiktok.com/ Name: _ttp
Value: 2fTXiUOm7nJOhUCAbfiBj4Izr63
.resqspecialoffer.com/ Name: _tt_enable_cookie
Value: 1
.resqspecialoffer.com/ Name: _ttp
Value: bXxdmuZ6YMrrjx-CakaE_WZLp1u
www.resqspecialoffer.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1713826169409%7D

6 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/365760763899580?v=2.9.154&r=stable&domain=www.resqspecialoffer.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.resqspecialoffer.com/sav2niva/desktop/?offer_id=239&aff_id=23119&aff_sub2=nivcg&aff_sub3=0ad38de0f8e24464822f12c09a1c4095
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.resqspecialoffer.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.tiktok.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
tr.outbrain.com
wave.outbrain.com
www.facebook.com
www.googletagmanager.com
www.resqspecialoffer.com
157.240.252.13
192.240.182.16
2001:4860:4802:34::36
2a00:1450:4001:800::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:829::200a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
64.202.112.127
95.101.143.83
96.16.109.182
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
08227734883c11c40481d2dc9ba6beb4ea7c259005b70e99ce04cda20e218b8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0dcfe814f3e4aded8ea347e9220269cbb6340d154297ef601d955a3c682034d5
0f2ab2566414de5297c7bd55268ea92ba1ef8cb40e4bc4c01a7ffb83500f75c1
10b38304603bd7fa9dedbb109642069ab8045ec9df4aec5642d6bbda72af38d4
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
18f8a385aad7eae7c6f5d05730f28794ca48c5b6924ba921f5110fc7428ab013
19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d9e65ccf33dca0c338b461dc650082c8c9881708c6c83592e2c55127a2db0c2
226cc692c242c8e9622a980edc89db586f334e647aebf097cba187f9d27966df
27b5bc209ce58ef4fb7f1f4e2c5ee26d72b25dcacdb87b4f5bf512e7acc4932a
2acd5c593f99ed3f880053a8e2e09daa948ebff4c8615efa63055e0695756926
3126158d682bafa50bffd7907d0bcecadebf82cc5be9da70235cea3390db2c2b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4584e8e75bd2b346dbb220bf453dcb43a0c4965d97c1439cc35205a6154c3edc
46d11334d5de0f7347f38cc87fe4f65d9bfbae29d2fd722ce5952c238a46f077
4a489e0ab8a733727b5432f4d1b6fa2c83f638f2c76671c77bacf56fae83ebb6
4c4b34808f3f10dc83d5a247dc3c37852fd4c714881749ea89d3510f735271a1
5966d46744a0abbae010f1e12ee640252d5bbf6c2164d91d1d16073dc98496c2
5f1ea396ce01dedb72da44c10daeb0f465444c9154facb1b78e4b380973e567e
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
668abf2d32eb32172e3c54bd7ccbdcd9d59f7a900c40543ec2a69d120ba972ee
74d7908018c178caf6ad534361c59c5e534c2fe0af52f0b2b13e46a07172092d
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
882f9a6a85743235cbd8889b82d92c70da49b469eb437c68c12a760023cd8e31
8b8a7cfdf4081cdc581d04f49557dc1afcfc49da16681cd4d6f5fc13fcdb21c9
98526e39f5819c9c928fd9506a8e93bb8301dec82c86be7e6c3a4753bde0e246
9cb1c64cc85a8d4b0d2f79d68abc981187cfbbe4067dda7af4f08da0a5139625
9df4d142924f9b0434e77e168da60e3af59572a96c48d0dd12a8cc49ad0c736d
a40ce1185d69d64d912a8fb1a48d89c997d80cb78c9a8f11d49485202ff47e29
a42b87bf8b5d29c24af4ce15c3e5ee3a57c26aea4716d4acee88e992af40d4ee
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
ab9c428fa0309387167e83ee41cf6d88eebe1f8c6a129947fde0c5b041cacc98
b25c02a92d31112ecd3f905e90ab4190ca7696122b13b81262d5267bcf6ee60a
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
c8f16cebdad0b081a9a5376f5ae40146a37d163b0722381d67a193d472b043e6
cd698b2216e14f88be84845f5e0dd46b972742a9b42adc12d6436fea9f041e83
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
d9372eec09fa987d74280ecace6f0dfec95a15c6317e05955bd2c35229970801
dc100a909106d4acd320e9e5ff04675d1852a362441c0e1cf941655b91992a1c
e3ab8f8e91d4ac320e7a4872cb9e360e193fca52aa5993919692f4c2cc1f2540
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66290bbda84d90bb85783318892b5221869635f23eadd12f8cfff3cc3d8ee55
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
f0fc5f35393d2f3fa6ff60d758179d9ca8288ae27b82661e1dd363abafb93b2f
f1cafcef48de21eebaaae39638f40de49e2acf702649c20c4f2b77f4765fb86b
f382ffd271872cdef7cba74c23ef48f12011f94c1134299bec5723e8e3f88bc3
f5fe3461099bee66d05f4c6e21a45e6989f1514a9302878bb5549eb2a4d2e370
f6900e2a5640ec9b21642042db0597bf05585b833e1a196e50fd2b3de4c7ed00
fb1afc01c16fdad5719b09ee2f8e5d841b0cdb2a669bdabc8a6eec18cd72c018
fc0711283fe819378735a68c50771c875f98c116e53aba3210007fb75401cfae
fccd1cf86c5987cc85ced2f0466747709300bbd7bc40db38953d064b81243b73