uqoffers.com Open in urlscan Pro
172.67.170.254 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hqcm.me/9afonv
Effective URL:
https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0...
Submission: On September 22 via manual (September 22nd 2021, 11:43:46 am UTC) from UA — Scanned from DE

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 66 HTTP transactions. The main IP is 172.67.170.254, located in United States and belongs to CLOUDFLARENET, US. The main domain is uqoffers.com.
TLS certificate: Issued by R3 on September 1st 2021. Valid for: 3 months.

This is the only time uqoffers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.212.129.251 185.212.129.251	200313 (INTERNET-IT) (INTERNET-IT)
1 1	104.21.90.96 104.21.90.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.79.89 104.21.79.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	172.67.170.254 172.67.170.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
2	151.101.65.26 151.101.65.26	54113 (FASTLY) (FASTLY)
3	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
66	7

1 185.212.129.251 (Seychelles) 1 redirects

ASN200313 (INTERNET-IT, SC)
PTR: artemklarkson.ptr1.ru

hqcm.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.90.96 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

numbotk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.79.89 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

troobftp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 172.67.170.254 (United States)

ASN13335 (CLOUDFLARENET, US)

uqoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.26 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o445185.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	uqoffers.com uqoffers.com	1017 KB
3	gstatic.com www.gstatic.com	293 KB
3	google.com www.google.com	21 KB
2	polyfill.io polyfill.io	755 B
1	sentry.io o445185.ingest.sentry.io	283 B
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	troobftp.com 1 redirects troobftp.com	1 KB
1	numbotk.com 1 redirects numbotk.com	1 KB
1	hqcm.me 1 redirects hqcm.me	260 B
66	9

	Domain	Requested by
56	uqoffers.com	uqoffers.com
3	www.gstatic.com	www.google.com
3	www.google.com	uqoffers.com www.gstatic.com
2	polyfill.io	uqoffers.com
1	o445185.ingest.sentry.io	uqoffers.com
1	cdnjs.cloudflare.com	uqoffers.com
1	troobftp.com	1 redirects
1	numbotk.com	1 redirects
1	hqcm.me	1 redirects
66	9

This site contains no links.

Subject Issuer	Validity	Valid
*.uqoffers.com R3	`2021-09-01` - `2021-11-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.ingest.sentry.io R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Frame ID: 66F87BFC06C76DD94B9EC6FEF43CE230
Requests: 63 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly91cW9mZmVycy5jb206NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=vmzxk5rgmu1y
Frame ID: D1801C39A8FC77E2232808AE5C79D5EC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

More than half of parents want to Ban homework – Flame Rumor

Page URL History Show full URLs

http://hqcm.me/9afonv HTTP 302
http://numbotk.com/api/v3/offer/41?affiliate_id=34&url_id=48 HTTP 302
https://troobftp.com/api/v1/leads-workflow/funnel/1/34?tp_hash=cbe1344e4fae084a294dc28055113c17&t... HTTP 302
https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJk... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

66
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

1333 kB
Transfer

2957 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hqcm.me/9afonv HTTP 302
http://numbotk.com/api/v3/offer/41?affiliate_id=34&url_id=48 HTTP 302
https://troobftp.com/api/v1/leads-workflow/funnel/1/34?tp_hash=cbe1344e4fae084a294dc28055113c17&tp_offer_id=41&tp_affiliate_id=34&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5= HTTP 302
https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
uqoffers.com/mirror/
Redirect Chain

http://hqcm.me/9afonv
http://numbotk.com/api/v3/offer/41?affiliate_id=34&url_id=48
https://troobftp.com/api/v1/leads-workflow/funnel/1/34?tp_hash=cbe1344e4fae084a294dc28055113c17&tp_offer_id=41&tp_affiliate_id=34&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=&tp_aff_sub3=...
https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D

63 KB
11 KB

436ms
124ms

Document
text/html

172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98a0be436ec50f106084c4eb8e2d39a2dd08d041edeebba00029088265e55a4c

Request headers

:method: GET
:authority: uqoffers.com
:scheme: https
:path: /mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 22 Sep 2021 11:43:40 GMT
content-type: text/html
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzzqLEg1tKI4yATk1VNnV%2BtBONQS6%2FWHmmT1CJIeeGrAVjXPaF8qmn93uN%2B3B%2FzuRQDVORPZaDke8%2BvDzThcGiUAYXVE2%2F5Ex0Z05LXPTFr%2BB7prfi2rLCAD5P8iIsM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 692b46e82e5b4119-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Wed, 22 Sep 2021 11:43:40 GMT
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials,Authorization,sentry-trace
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials
cache-control: private, must-revalidate
expires: -1
location: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
pragma: no-cache
set-cookie: laravel_session=eyJpdiI6IlVnTGV5VWJ6eStuSVl2MU53dmg0dWc9PSIsInZhbHVlIjoiUVVJdkR6UVwvYVwvVmxKUjR4WnFYeG05SVY1OUt4TE1KRUl1ZzJtYVlMOUREcEljSFAxV2RnK1hJSUdzMStjeHNIdWhCMk55cFVRWVlEU2g0QjVNWm5Zdz09IiwibWFjIjoiY2UzOWUxOGRkMDljMjhlODc2NTU0ZjhiNDFlYzE5NjBkZmQxYjQxMDMyZGViYjc3Y2RmYmNmOTkyNTllMTcwNyJ9; path=/; HttpOnly
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUR2KC6%2F1HeaB%2Fb2Wn2B89do%2FFqbvqzLvipFVbHi%2FQzKTOWHwRxh%2BL9KaJJxYMRkDkLoetqFSTBHMEEXi7hb3dCefZIHceziRvkAOME%2FRdNlOQ0RVvg8omFB8rTFFKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 692b46e47892410d-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sentry.min.js Show response
uqoffers.com/static/funnels-sdk/v6/dist/assets/vendor/ 94 KB
30 KB 130ms
128ms Script
application/javascript 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6150752db531183dee8aa964cc8bca035e2688be412515c8a6a1566e3d059dad

Request headers

:path: /static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Sep 2021 13:52:17 GMT
server: cloudflare
etag: W/"612f8591-17684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Bn7QsXBSBEjYwYslpGAapxL76C4Hj1KAWmxxRoTYLEHVvJzlngwN1sJfKSakRE8St6YXvMVgVMte%2Fh7jBQVcmwx%2BqyFq7Sp3nKBFKF14rR3%2BtS7PAHiTB5QtZuIpUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 692b46e91f1c4119-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 947 B
1 KB 59ms
23ms Script
text/javascript 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=f1tRecaptchaCallback&render=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc

Requested by

Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

7ee18c9ae3a6758e0d4334e0c67b13b5ceb999a6af1dad72fcc6c8f1bbc369a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 610
x-xss-protection: 1; mode=block
expires: Wed, 22 Sep 2021 11:43:41 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
588 B 29ms
9ms Script
text/javascript 151.101.65.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js

Requested by

Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uqoffers.com/
Origin: https://uqoffers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 688613
detected-user-agent: Chrome/93.0.4577
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Tue, 14 Sep 2021 11:57:11 GMT
date: Wed, 22 Sep 2021 11:43:40 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/93.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
uqoffers.com/mirror/index_files/ 687 KB
101 KB 33ms
32ms Stylesheet
text/css 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/index_files/style.css
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bded4b7db5f93ebdb6ac3dd042b631c37be33ca76770e0546ce86a0f4f30e66

Request headers

:path: /mirror/index_files/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56953
cf-polished: origSize=837470
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: W/"61376000-cc75e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRsb1Mpci9iospY1EzBfe%2BcY6QM%2FkU%2FbixcPcvBrXF85Eod3szVSKppTXGtXGCMzIqhb%2BM1x%2BgEF3JbjuFT06cGuqDMb9TRuwju9hNIfJ8rglHAjmoXtSsMFVR0hqaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 692b46e91f1e4119-PRG
expires: Tue, 28 Sep 2021 19:54:27 GMT

GET
H2 200 jquery.min.js Show response
uqoffers.com/mirror/index_files/ 156 KB
40 KB 133ms
132ms Script
application/javascript 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/index_files/jquery.min.js
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a529bfa7bb8c081736251214e21565a497087ee3576dcd9a08757f983c97f0ec

Request headers

:path: /mirror/index_files/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: W/"61376000-26e2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Gc57VrSt4UAhmm%2FNYqdKtY4KlvnveZt3hVzlcE21A%2B2%2Ft2FEoKJM4grNK0sd6zbVcXzJvbspl3eJzGuN7qiuD0vlDYKq3HWMfDZjjWq1KVSxUWf8eCw4gSZi%2FTpLzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 692b46e91f224119-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H2 200 css
uqoffers.com/mirror/index_files/ 4 KB
4 KB 56ms
55ms Stylesheet
application/octet-stream 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/index_files/css
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adcc8a13d554b65180512dfe06e5d247c6584f2706971e7ea0496449a63ba76

Request headers

:path: /mirror/index_files/css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:40 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-101e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHWQ7O0VXp96cqsU1ysBiR%2FxtJP7fTpqQk%2FqIzmvPcjWsDkEFFVbcyWaCPcnj3iHibE6VN0BMuuRS5wrc9VLPSsUR5OAsomkbXp6iTsVTAPrgD%2BZ%2F5bUnCMdkqPX79M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 692b46e91f1f4119-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4126

GET
H3 200 main.min.js Show response
uqoffers.com/static/funnels-sdk/v6/dist/assets/js/ 331 KB
85 KB 287ms
287ms Script
application/javascript 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/js/main.min.js?v=6.1.1
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 581d2a3e48f4e038b14959cd68832c63e83ee90800d9987c36de80eabe90ec42

Request headers

:path: /static/funnels-sdk/v6/dist/assets/js/main.min.js?v=6.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Sep 2021 13:52:17 GMT
server: cloudflare
etag: W/"612f8591-52db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82fG7VQM5tc4knmCPo0hCsRoGsPaZq8C7UxhMfcsldcVgc6GY7eEHwLWzq0EAN4GyKmUzEQoqtoKLHcMz1CB199ks3dDC39x3shHzycmUfnuHM32gPqRHd3MsKhJ7Io%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 692b46ea1de2f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H2 200 main.min.css
uqoffers.com/static/funnels-sdk/v6/dist/assets/css/ 36 KB
7 KB 116ms
115ms Stylesheet
text/css 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1e5a6b2997cc9949169581fa1690ed0cc6a52b527ebfd459aa1206edbebd09

Request headers

:path: /static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Sep 2021 13:52:17 GMT
server: cloudflare
etag: W/"612f8591-915a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TXd2awG6stRcO0USp%2FJB3OIbiRzUOc5SuphXiHF%2BMK4Oi4DLvDsC2dMeSm%2Bs6bQr9hFZU8LLb%2BnyBVLjz9m5ZCYB7jXnzKjKWgACYtaZBOd8qX%2BOi9CODQvBExKbq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 692b46e91f204119-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H2 200 custom.css
uqoffers.com/mirror/index_files/ 2 KB
1 KB 24ms
23ms Stylesheet
text/css 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/index_files/custom.css
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b6cc29c1a3f5a556dffcbe055228202a122db668db2f5393d0dc1c2eab0805

Request headers

:path: /mirror/index_files/custom.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56953
cf-polished: origSize=2840
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: W/"61376000-b18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqkSgp0usSCDGTXjfvWhBWxS28aR%2FA1GrwA1Jmwvl561c4SRK2AsQGlrBQJE6t6CBI8pqj7VvzJdhEhf4VRsG%2FrUZh2aq6mKVnqh3x0L6cA5EXp2IBTHIYVOt8YJKuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 692b46e91f214119-PRG
expires: Tue, 28 Sep 2021 19:54:27 GMT

GET
H3 200 invisible.js Show response
uqoffers.com/cdn-cgi/challenge-platform/h/b/scripts/ 44 KB
16 KB 54ms
54ms Script
text/javascript 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a89fd5f3e363d769bb1c458b7379e1cf4d742706e3edc0b37f3a023c3d7e17d

Request headers

:path: /cdn-cgi/challenge-platform/h/b/scripts/invisible.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc1Qi%2BBCa%2BCLS2HQ1kYJLXm7ux90bA2Lh5xZTzdl4OzKmx%2BxvtdfDO1iY%2Fh1DMY1VsPFVLvfhUhUEcgMcxDsRa%2BN7mnkIPR5AaugjBPAvQbDgVTWRHPaqHErXuUeRF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 692b46ea1de3f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 dhfy.JPG
uqoffers.com/mirror/index_files/ 72 KB
73 KB 297ms
297ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/dhfy.JPG
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 433a247ece365c262009204c8efd842555e7b0d153b9acc0db66019ccaab363b

Request headers

:path: /mirror/index_files/dhfy.JPG
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74180
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-121c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVOuZcT19zMGuwU2Mnj%2FqM%2FBJJzDPjUuWMN34PqoSzoCDL1OQNcR8ekP1KskJCGfC7Seqcn4cIEftQ9LA0kh5YHsojpdPqSq8nNKFxzrv6yskx%2BvBdKY22ZDPirAkGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea1deaf9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 fwryt.JPG
uqoffers.com/mirror/index_files/ 75 KB
76 KB 288ms
287ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/fwryt.JPG
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d9212425bfae243482aa7b576858e1df8dd6a57435c31ae880e64ff32d8fec8

Request headers

:path: /mirror/index_files/fwryt.JPG
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77220
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-12da4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6waDOKhFFo3I5Kfs0kgQRCTdbjoSRRI9mN1Zgg33s8kMyGUJ0lz2tuJgUZaVIcumQi%2FkOXkT37jyGuBgEBAVQLeGcFeUSNsvDXTL1Be5JmOYDnlKyVA39rt1Y0yaks%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2dedf9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 rgdrh.JPG
uqoffers.com/mirror/index_files/ 76 KB
76 KB 285ms
282ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/rgdrh.JPG
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b23d9b5a2837bab2dc89a0b9b1036361e20173f1527ea3c0c56b9d50709da5

Request headers

:path: /mirror/index_files/rgdrh.JPG
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77691
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-12f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhtgVZL4DLF1Wt2MWKQFuEveVqUq8hFJHMiywZkZO6aH3nTHJy9UlR%2F7LpdLVXAawnfWuZ%2FGsrI18s9Bsgq%2BYCFV0STwsnaTZLgBCUUdh0N9Ev3csg3bM2xnczsBznM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2df1f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 bit-gbp.jpg
uqoffers.com/mirror/index_files/ 77 KB
78 KB 294ms
291ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/bit-gbp.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9545173a543892c58b1edcc0aa4ad144e962641aa6e96392cbdf4b3b850cece9

Request headers

:path: /mirror/index_files/bit-gbp.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 79084
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-134ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxPdxPEyi2aJlv9FmzBQqZ%2BfazgrOAktWK5udMFy6gzklEAaJ%2FuMhKNDx9NXBBcq2VqNyUyrzbZyUgVim0VmFSYBn8UVUcpmQAuq3ZHjtGk3ZvC7L4eaz0glVOig8LQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2df3f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 bitgo.png
uqoffers.com/mirror/index_files/ 3 KB
3 KB 246ms
244ms Image
image/png 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/bitgo.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b45af467027a09a6c13dcb6fb989d125acd7d96e639bbaca7521d874ae3bd0b1

Request headers

:path: /mirror/index_files/bitgo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2773
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-ad5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0ZuXZmSTOUCYnh2W%2BcSXF4uVEIYzJ8kGV2Gti4we3YO6vfQewghT6LNoKoqpUevuLb4dZ%2Fcs4K1PQ7X61b3OgJZoNvK3laIJz%2Fnv9GkTL%2FmuD6S%2BifCrxizkjYuw5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2df4f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 norton.png
uqoffers.com/mirror/index_files/ 3 KB
3 KB 245ms
242ms Image
image/png 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/norton.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d549dca5636db862aedc5eba7adf669fa5b8e792d5de57d6783f68bfd4a333

Request headers

:path: /mirror/index_files/norton.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2640
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-a50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krh1gfyS8HIcEZealTsjIgYJIQuLI78Drw9X6%2FEi0uiF9RtmyFnBLXvbwbsKjSjFdyqsH0ana3lMkHG50Kl3cu84%2BO%2BwTtzYPmGA%2B6cnZX%2Fanq0EruuMDfad4E4kA5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2df5f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 secure-trading.png
uqoffers.com/mirror/index_files/ 2 KB
3 KB 255ms
252ms Image
image/png 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/secure-trading.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb976f4d9afa2e5539aaa0ef270f9bccb2d7c55f9a2641fac9f9d3f4183f8b53

Request headers

:path: /mirror/index_files/secure-trading.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2516
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-9d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijHYi2JvIp%2F0d2uyfFeMt8YXOvTJkYI5Qmi2%2BDSROKnJo6LPMG8qfmXGW4XttyrGCeWzCYNCWUGuOsrFTOsgNx8JkP%2BuauztbZnoCvjzZT3PDXFe%2BoN9uHUkaGTye8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2df6f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 mcafee.png
uqoffers.com/mirror/index_files/ 3 KB
3 KB 39ms
37ms Image
image/png 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/mcafee.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b2ce7e5c4af52316ad8c348cb88a325ce2d1dfc47b857d3b4d065536d23b9be

Request headers

:path: /mirror/index_files/mcafee.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2650
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-a5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmnDogR%2Bv31qFtQMcVaPf6eRdFMbquHJGNxsGBJ9SSCn7Q2%2Fg%2FZ0525PZJEMljX1hAqmR2vJj6E51YrmHS%2BDj9uhtOfNl%2FFFtxzArysOlTBN322xTF8e3CcB53P4ZHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2df7f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 index.css
uqoffers.com/mirror/index_files/ 14 KB
4 KB 22ms
22ms Stylesheet
text/css 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/index_files/index.css
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f2fa9fb42053f5225c6bd8f0252a03bc4cf2e83bb6512b6a1963dff0a269f3

Request headers

:path: /mirror/index_files/index.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56953
cf-polished: origSize=18065
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: W/"61376000-4691"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsdiPoC5DWD%2BA1S4rInP1CPcOaFjlVPLyR2z6wOCgpQYJUlLYdFJMPmDgx7Agx%2FR1UVWYG7kHBH0ErkT%2BnH%2BflIBp1mI92PngV3D7ShCUaPWmSdeSG3oJhETpXCwiNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 692b46e9edc3f9e2-PRG
expires: Tue, 28 Sep 2021 19:54:28 GMT

GET
H3 200 bittrader-step2.png
uqoffers.com/mirror/index_files/ 50 KB
51 KB 301ms
299ms Image
image/png 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/bittrader-step2.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 325e817f118ec406765c27bca13fb22b7a0d1dcc5dac0606708b3cd093efbd6b

Request headers

:path: /mirror/index_files/bittrader-step2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51667
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-c9d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfpEDjnsmjNKUDVrujXd2BMk1%2FxG07%2BoKmwHp9Y6OXsSIzRs54MICu6QnEgPmw67YdVz7TUqkLxRtsWNiEmRK84UOd8XGltK%2FytasvpmDPjFL61fLlq7MmsTxAtS2DQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2dfaf9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 odA9sNLrE86.jpg
uqoffers.com/mirror/index_files/ 1 KB
2 KB 260ms
258ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/odA9sNLrE86.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Request headers

:path: /mirror/index_files/odA9sNLrE86.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1131
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-46b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jshfsYVIcKe2kPp9wNh%2B9X7bjB51fAlHJhoF9xwhxz6ClzY9%2Bd2s2CPC6I4MtAGyuaRHJa7cpyRMuj5RB9lyuehvene0Y3LhP9V0s%2BWOqrsMgH%2FSxCtCBAASEyBWuXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2dfbf9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 sdfsd.jpeg
uqoffers.com/mirror/index_files/ 9 KB
10 KB 247ms
245ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/sdfsd.jpeg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bf149ea16e0f6bb90952fe79ad5e0ec3891e4e3bc2d1337406d36cd41b2ef5a

Request headers

:path: /mirror/index_files/sdfsd.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9485
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-250d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjH%2Fo0uHxBhawoBJjCKaFdo8Yp1sYvG%2BhXx25pdIupbv8Q4Ymd3gTpfkhGAmHkRwRcsbsiAR5BOhE2bhj%2FjVkzbAH9pRmWgWF7teNUtn2pJjEVtmQVZD97d7hYhFQo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2dfcf9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 14222287_1065953200155875_6514575430883754204_n.jpg
uqoffers.com/mirror/index_files/ 3 KB
4 KB 242ms
239ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/14222287_1065953200155875_6514575430883754204_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2133dfd0e49c565f4154796def6212690d25226979cf6fe8fb9da943f7148db9

Request headers

:path: /mirror/index_files/14222287_1065953200155875_6514575430883754204_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3519
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-dbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xz7VZuwYMQP1atpjYqV3wopfLH1v%2BC%2FU0f0LXlKW5AMWMHJ4sKX3xkr8FffhgaXWLfFmaszhYIffRpJB9P0egpua2bRDUzeA3ukJlwUKPpWW5qkzmFBDtGxwWpRRRaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2dfdf9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 18119267_10155363709609924_958378663814436125_n.jpg
uqoffers.com/mirror/index_files/ 5 KB
6 KB 261ms
258ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/18119267_10155363709609924_958378663814436125_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a932f384beec3b73bd9d1b88c2ae941e1403b8e78766b23ff853352dce6b5900

Request headers

:path: /mirror/index_files/18119267_10155363709609924_958378663814436125_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5587
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-15d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2F4Yf%2FYNdrJT4yIop731cjVxsruZS1HN0fRtd4WHrxEnx4pQ10gdFq4qwdSkg%2B9UfcELpWb5Dp1lP8H2MbGRLfwDpmfOScgHV8tSW80Gu0PWBNVqT7HPgCnZOL5TwI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2dfef9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 17265090_10158355004655716_6815458511175803011_n.jpg
uqoffers.com/mirror/index_files/ 4 KB
5 KB 261ms
258ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/17265090_10158355004655716_6815458511175803011_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f4c6c31e2f76d443645063cda651e8fc2eca1139c973802e6fca959df3cc80

Request headers

:path: /mirror/index_files/17265090_10158355004655716_6815458511175803011_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4407
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1137"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5OXT4JYUQBhZKmzsoUUTJx%2BUeJI%2F8gCLC92%2BMX2PvSdhGVS4xW2vttT4yYBpqtWc%2FDw9oYqbx5OHfRNOvg5Y5wJWPgrrw9AT5CXK4gMXUdVputZmhTu%2FB1NUmvM7yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2dfff9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 12669670_10207353042137627_8224718532595991020_n.jpg
uqoffers.com/mirror/index_files/ 7 KB
7 KB 261ms
259ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/12669670_10207353042137627_8224718532595991020_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe45ee114d8d35ffe978af646ef381d959d1b2f664e6482d0a4ce77e82aab52

Request headers

:path: /mirror/index_files/12669670_10207353042137627_8224718532595991020_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6888
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1ae8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRjG0MJUup4%2FFP7CyjJaEhqebh18pk7P2QxxHGGTCiPhT8oFUXJKYfMo8k0upkITtCcLgMWlrq8%2Bk77JxWswpr7tc69jy61ePmkIZqZwRGsg3j6AVqcwDUAdw%2FH5kwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e01f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 18423978_10210643158807484_4625467277978165616_n.jpg
uqoffers.com/mirror/index_files/ 7 KB
7 KB 255ms
252ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/18423978_10210643158807484_4625467277978165616_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1099f9f7104a7a6ab217dceb4008a336d3640fc34602645a180d4593f9c01db8

Request headers

:path: /mirror/index_files/18423978_10210643158807484_4625467277978165616_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6896
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1af0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eA72ZCuNMQIeD4AgZ24Lz37WCUDPk4z%2BP9eqFLCfE1xpUgRO3fWRTy0xgHFwzspW2C2RpL70HXIT1x7KNHNG1oHYYf0yztMQrU3dJL8WuJ%2F9N4zVkhytN49%2FsKVrK38%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e02f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 13631522_1146706165402703_3256702316997043506_n.jpg
uqoffers.com/mirror/index_files/ 7 KB
8 KB 247ms
245ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/13631522_1146706165402703_3256702316997043506_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9d110b4592d446bdfbac7b0ed11f540ef7b358d120fae362e3ac7076ab3873

Request headers

:path: /mirror/index_files/13631522_1146706165402703_3256702316997043506_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7571
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1d93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Wc6JnySr5G7UKT6XwxsgqxztrMvwJCbEV%2F1%2BMxi8h5p%2FNKPmFUSK3CQ2q4f6m%2FbfkpLZ2hEAYFk4gmbnfxaoP3c9ZBvVYw2dSNffvuUT9WOi1eii%2FariXjHo3pgeAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e03f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 16174412_10211484033439027_3968979027246986980_n.jpg
uqoffers.com/mirror/index_files/ 7 KB
8 KB 266ms
264ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/16174412_10211484033439027_3968979027246986980_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972060c8d603cc5f0a10245ab0c6b0791987f932274a6508f47062b8a04d3deb

Request headers

:path: /mirror/index_files/16174412_10211484033439027_3968979027246986980_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7522
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1d62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGIdnFeAPbhDySjEENc5KZ3oYI%2BJlzhNRZ9f2YM9vZxTr6wylGRzpwGJyeNX6mzoTbqA1RI%2BkLEtrO2lYUi4u%2Ffj5XWFH2XfA9SBlzqfI4ZcncqgjvT6cyChE166IGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e04f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 16406523_1345882538809440_8201065904356080273_n.jpg
uqoffers.com/mirror/index_files/ 4 KB
5 KB 267ms
264ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/16406523_1345882538809440_8201065904356080273_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0080c6a3c7ae014102268cbe27c5a9c230d3b59b665e53637473f214ab4c61e3

Request headers

:path: /mirror/index_files/16406523_1345882538809440_8201065904356080273_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4436
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AF9J6FxSY4o7eYKdhiX3wiE8c%2FFY2mZ49I9O7NGojwYPLZJS6vYaj08lBkopZv3VjYe9%2BshgaCD4nSh0lv4aOF%2BogRDeUOjN9tZt26e4QtobXLwtu5d%2FDosyfzMP4Co%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e07f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 540562_430147157013818_32273000_n.jpg
uqoffers.com/mirror/index_files/ 6 KB
7 KB 256ms
254ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/540562_430147157013818_32273000_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c8309fd3817b1d1372b1abcd36591f30d405e3e66105ca19073b0993e4eca57

Request headers

:path: /mirror/index_files/540562_430147157013818_32273000_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6183
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1827"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVfD6Imj8B13e6NMMGArixiZgKCstyOjxoSfib%2FCehFPuu%2BYveRp9Xmi3CKA%2BM8kft9kf%2FcnPluaCukdlt8KB4GFxuITI1nMuXr%2BxzdJJe%2FF0AIx2Aq8Q24r7vmq28E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e08f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 26254_100854763287133_3441493_n.jpg
uqoffers.com/mirror/index_files/ 8 KB
9 KB 257ms
255ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/26254_100854763287133_3441493_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec245e73a504f55c92bd7742caf23361fdb4991bc9618bb6a04a19aa2e9d2637

Request headers

:path: /mirror/index_files/26254_100854763287133_3441493_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8135
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1fc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQysTyAGk%2Bo87KRYwD0zi2mgOOUgGlMRpWeWQA4BZBOklhDpniPhG%2F2wc8q27XhDBpK3yzAwAAh6yWPYdSSeHArM%2BfhUdmWxxpZAk5bHmM2W4gDINFtk9ShYdqTMavk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e09f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 c11.jpg
uqoffers.com/mirror/index_files/ 1008 B
2 KB 268ms
266ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/c11.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08e45c4e07231dd63ceeacb0ab3c7bbb8d86d9228087e668f847ddaa6be6e256

Request headers

:path: /mirror/index_files/c11.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1008
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-3f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNIxfKjYCfzeLMHsrRn3pVWFCezwYL4LcFZXJC0TMkZU6W8fcnMSIWZGthvt83SnNzdTe8%2FNOP7OTHSrd%2FhVL5jIZ5vm8H%2B7pWxPsJSeAtLXVR31aLLJUSkydIvcDH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e0af9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 18222397_10156169859605550_2186676355225458227_n.jpg
uqoffers.com/mirror/index_files/ 6 KB
7 KB 256ms
254ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/18222397_10156169859605550_2186676355225458227_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6215e56dc9647487fc504c95bec6c653f7f2fa614c4c62149e88d5e2d606110

Request headers

:path: /mirror/index_files/18222397_10156169859605550_2186676355225458227_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6417
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-1911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsmS%2BRerJCpGfxjmj%2FkfMM7wbWvojS2POoIGBeYzKV7i%2Bw1qpdFDOHtuQi4HROzrS%2FddOnzS8QCtx3zqHjy51kyl9IwU46SjlWbyH10MGKlX4V3MvG05o0w%2BFA8rKsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e0bf9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 16807461_10211764664812826_5680036435541740063_n.jpg
uqoffers.com/mirror/index_files/ 6 KB
7 KB 269ms
267ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/16807461_10211764664812826_5680036435541740063_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a4c21d8817f30f39265641c865833bec7a7aa3f9a94a9b40577f351ba07ec1

Request headers

:path: /mirror/index_files/16807461_10211764664812826_5680036435541740063_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6357
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-18d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUqpQXf3ClALMNtSoK%2BJpFh%2B3g8ml5QVB2CJ88F%2B6PXBwQ1Wg2hWrHYARieEMmqW5IuJdZ7GrXAYIC8yvs52raioXLt9P3CDK7Vwli%2B95knzUTs0E2LPb53ZoSHWRhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e0ff9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 11880513_10153182441573635_6391766102196689121_n.jpg
uqoffers.com/mirror/index_files/ 5 KB
6 KB 56ms
54ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/11880513_10153182441573635_6391766102196689121_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee38441ef9c471c2488d253ee2d7898b7e8fa78de7f944500d545f483285cd7

Request headers

:path: /mirror/index_files/11880513_10153182441573635_6391766102196689121_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5482
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-156a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubvDG4koA9f%2Flrqv1Vl8LFCUDrrO9hvOp9qiYAEVbiajPkhHVh4Vhcnd%2FP53VsiSMiY%2FACWf%2FGS%2BbX%2FA0d2cmBWd9SkdMXT%2FeMbDKgK8w0tv%2BLMcsqKs0o40xajAGpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e10f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 c9.jpg
uqoffers.com/mirror/index_files/ 1 KB
2 KB 269ms
267ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/c9.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e620b573d7cb8701b0ed12b9dfca9dc2e7a646faa706d8a09bd3cc1e8c6ba25a

Request headers

:path: /mirror/index_files/c9.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1100
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-44c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5xPypU%2FYm%2FLrhyUNWJvOBP6nZp0tHdiLd%2B83cthj3Ws%2BACpWpl%2F2vseZpJTYQoIi8OTdbk%2BocdRGOHQSH9FTGt2muWsA%2FCNmWODCyVoDSM%2FmTWSW6znhKv7zdJi0PU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e18f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 13417709_10156999054495156_89965319140675792_n.jpg
uqoffers.com/mirror/index_files/ 4 KB
4 KB 271ms
269ms Image
image/jpeg 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/13417709_10156999054495156_89965319140675792_n.jpg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 973373859d28d6c3abc165ba2f901db2408c4f418064e73d04c998ad7ce504dc

Request headers

:path: /mirror/index_files/13417709_10156999054495156_89965319140675792_n.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3842
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-f02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5f0EizlyBKDQAQH6amgPfNDNvudPRd67VEnPB1FpNN78AfjkQ7iVVnZEL7qk7kDP6Un2qvOBm1aaxhhttZKadOUPBlF%2BDu3zOjJDlIfwNIq%2BPWiuIbd8ZUfTRLumcHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e19f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 200 sidebar.png
uqoffers.com/mirror/index_files/ 159 KB
159 KB 302ms
300ms Image
image/png 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/index_files/sidebar.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 759a75f78365ae447a91dc9a5349a6eefd25093184637f261269bff5b96434aa

Request headers

:path: /mirror/index_files/sidebar.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 162392
last-modified: Tue, 07 Sep 2021 12:50:08 GMT
server: cloudflare
etag: "61376000-27a58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKkatif6pbpWX9TtrEpQrPKNqrckyKJGbQBRJJsfDkbUsOa9uzemYVse%2FSw04TLvGDEEjbqfqyYrV6n7s4BpDpdHbpYRtMeFXQ5q2jowf1lknSfrpJ5WdA1QNB5RjxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea2e1af9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 53ms
15ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=f1tRecaptchaCallback&render=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uqoffers.com/
Origin: https://uqoffers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 22 Sep 2022 11:33:45 GMT

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 101 B
167 B 11ms
9ms Other
text/javascript 151.101.65.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js

Requested by

Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uqoffers.com/
Origin: https://uqoffers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 688613
detected-user-agent: Chrome/93.0.4577
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Tue, 14 Sep 2021 11:57:11 GMT
date: Wed, 22 Sep 2021 11:43:41 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/93.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/css/ 33 KB
2 KB 34ms
18ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/css/flag-icon.min.css

Requested by

Host: uqoffers.com
URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fe6690c98e11b16b97dfc9092e4efc228b8027b4518165ae235214a97658633

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1270619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1478
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5d-8398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KV7TPUx4pk9C%2F5hnjCLiOlHh74ZcDPHaruFg9QyC0bej0uqqmKW5Faxia%2FF5R0gjc4x5ska0JpdGvYx027X7PB1OtyN0HEnmgao9C9W5YOl1ulVdnNWopt7Pn45lxBXoC91Q53Z%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 692b46ea3c6d5b38-FRA
expires: Mon, 12 Sep 2022 11:43:41 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a24c2fa67a1b131e597c59792028b201ae850f8760364172471a001ad9504c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 404 icon-fb.png
uqoffers.com/mirror/images/ 145 B
145 B 224ms
223ms Image
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/images/icon-fb.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

:path: /mirror/images/icon-fb.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index_files/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=An%2F3oklxHxzgIHx4qMamdEb1%2BZyQAKx11hnGcAVagjuPLDMrOPxHwAQK4jr2b5WGr7NfUGFWfGEdQ2U1BasRHppGshw%2BYdOnbQuVafDNaGntXuWBg64I6UQx9N2JiUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e5bf9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 icon-tw.png
uqoffers.com/mirror/images/ 145 B
145 B 224ms
223ms Image
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/images/icon-tw.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

:path: /mirror/images/icon-tw.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index_files/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huaOo6dqTByz4nVs6NicnU3hGyKC2EBZDCZ1m%2BslmbkJRyWhh9GRsXkuXNT5iaJNuoRpypd2A0SbYkfD%2BMxYuUk6E%2FMpKCq%2FpVgyLe5lywIGuZXRswx1Yt7dBf%2F8Kfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e5df9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 icon-pi.png
uqoffers.com/mirror/images/ 145 B
145 B 224ms
224ms Image
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/images/icon-pi.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

:path: /mirror/images/icon-pi.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index_files/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98GbzJZn8i2lBjCB%2Fuv7pchWeoBF39tUtUoXC5hDlp23IUPfDz2clIM9Mmj8HcyH9OZfZKw2TZ3%2FQyJzXWbYzm622wTe%2BGmuagNFksOx91lb4HwJ3ShUbXq00qktCwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e5ef9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 icon-gr.png
uqoffers.com/mirror/images/ 145 B
145 B 259ms
258ms Image
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/images/icon-gr.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

:path: /mirror/images/icon-gr.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index_files/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRG9IaOT01TzZ3mcSqQH3X8W0bi%2FT69VGsvO8Cik0ysDYwTEzx8HxHHN6d4MwNv5JRlxNLc8SOc7HiCGMuL2ufCxBDQozob6jIXa8nRd64gxf7jZX0NGxXl6CeMCNr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e60f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 icon-mirror.svg
uqoffers.com/mirror/fonts/ 145 B
145 B 78ms
78ms Image
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/fonts/icon-mirror.svg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

:path: /mirror/fonts/icon-mirror.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index_files/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VSAQ5roldsFe5dhRYKUrzcd1HCtaKLmnPTMUMBD4SMB%2FyO1fFpX7M8XzIqCOm8XRicQot%2BCoh4XF10xXLIvcwi6xbXhdQNZo6EKaYNLNg30dS3%2F%2B4gsXQ7Ush6HMCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e61f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 loader.gif
uqoffers.com/static/funnels-sdk/v6/dist/assets/img/ 4 KB
5 KB 224ms
223ms Image
image/gif 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/img/loader.gif
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac2100174aafb386d65d2b961453a04e5fb0bcfa4fe8b98341822d237fe9d3e1

Request headers

:path: /static/funnels-sdk/v6/dist/assets/img/loader.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4093
last-modified: Wed, 01 Sep 2021 13:52:17 GMT
server: cloudflare
etag: "612f8591-ffd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmKQUs66hc1tQPyX7rVHRixFmoOaCNvDYxZcoqcYPQwS5WrADFeBQbEeQkm4Xk7C4kiXcM3rxENClDI02%2FxFconRYH%2Fl8SDsDyeQUiJgMbMKSIXX4qjG3jsiBd0sjns%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ea7e63f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

GET
H3 404 ipso.svg
uqoffers.com/mirror/fonts/ 145 B
145 B 219ms
219ms Image
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/fonts/ipso.svg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

:path: /mirror/fonts/ipso.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index_files/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRROTl7NcRPyBV2InkVMPq8H%2F7c5Vx6zNzYc7GlAwdBuihHnepUZGqDVD0KlBKgFRq8FcRnHr9WDn%2BInFUUZTT5B8f%2FJtiY0a1%2BjAHXyV4CKcCHmv4J97VPyhhCOgUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e69f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 trust-project.svg
uqoffers.com/mirror/fonts/ 145 B
145 B 219ms
219ms Image
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/mirror/fonts/trust-project.svg
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

:path: /mirror/fonts/trust-project.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index_files/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PcpTq55yzwAdzr3OKEcl0KUY%2F87rTTHkwYxUmHWZZsYjOK1ZfxeNDIXEqAWtEr4%2F%2BDqMW4Xxlq2Bfco01tGQNsBMtpzdCDYGdnVwfjylLZo5dp0PSwX618UmyTfVmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e6bf9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 opensans-semibold-webfont.woff2
uqoffers.com/mirror/fonts/ 0
0 219ms
219ms Font
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/fonts/opensans-semibold-webfont.woff2
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /mirror/fonts/opensans-semibold-webfont.woff2
pragma: no-cache
origin: https://uqoffers.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://uqoffers.com/mirror/index_files/style.css
Origin: https://uqoffers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbMIqLu4nlcjOdvr6hkdOnMYAsI2GhQyFmOyrJqyK1zU%2BgIpPSZBeO8Tr7GcOJH7XJxVp6cG7HIHVpbPx0xc4Fzo7p2hXrIOwDtpy5Oo7S1Tm26WAFmWD%2Bl9XXFgDHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e6ef9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 opensans-regular-webfont.woff2
uqoffers.com/mirror/fonts/ 0
0 219ms
218ms Font
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/fonts/opensans-regular-webfont.woff2
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /mirror/fonts/opensans-regular-webfont.woff2
pragma: no-cache
origin: https://uqoffers.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://uqoffers.com/mirror/index_files/style.css
Origin: https://uqoffers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbYhxsPLH4K7YCayf2R5Z6rKb3pIKOfJeJbMH5t4KPFtRu%2BL5gHpA4wLuGaisxuyZv%2FfN3FN167yiSexpz3mwSyimNR6gkZVzp%2Bny9qguEbO5PwgfBNnWeJj9FWgY%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e70f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 opensans-bold-webfont.woff2
uqoffers.com/mirror/fonts/ 0
0 252ms
251ms Font
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/fonts/opensans-bold-webfont.woff2
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /mirror/fonts/opensans-bold-webfont.woff2
pragma: no-cache
origin: https://uqoffers.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://uqoffers.com/mirror/index_files/style.css
Origin: https://uqoffers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gR%2BRMNVVg211Zk595vzR20q3KY1ZmzHBvZfSuB3WpIuzRZpLdbrAfUrIBmE%2BwgpClL6fBMGCfXXtIUFANnI%2Fs5bwSx3BCC1aOPWy4lT%2FyHZwl9aRkxUD28z%2Balitxjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e72f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 opensans-condbold-webfont.woff2
uqoffers.com/mirror/fonts/ 0
0 252ms
251ms Font
text/html 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/mirror/fonts/opensans-condbold-webfont.woff2
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index_files/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /mirror/fonts/opensans-condbold-webfont.woff2
pragma: no-cache
origin: https://uqoffers.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index_files/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://uqoffers.com/mirror/index_files/style.css
Origin: https://uqoffers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zHqE0Z6%2F0NbD4EPrqsPrvI7WtKF2kP2Qs2%2BDIxRVrCt%2FEnJFnFczIA8l7HM%2FRAofZ7ZQ7jhs7bddQEFf6djuph6zCyWbX%2F3pI1miQdwAUt7h5EgcudgqbeB%2BfkqKpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 692b46ea7e73f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 pica.js
uqoffers.com/cdn-cgi/challenge-platform/h/b/scripts/ 21 KB
8 KB 51ms
50ms Other
text/javascript 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 203b45db83c26370b0e06d8dcdd565c7b9b2f49a78c564c5a984141ba074ea73

Request headers

:path: /cdn-cgi/challenge-platform/h/b/scripts/pica.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3pSKOec%2FIfwT8IotHtbJ%2FCJVgacc5FPg7ceKOKlcOnPIDF9BL8VHBLq6ODPVw7K2nuVhBdo2QYRKrR2%2F3ZZ5bKkFez0VuG%2BJYLZtson62fjqECQ1%2BrPuSQ02EKVDFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 692b46eaceb9f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D180 39 KB
19 KB 46ms
30ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly91cW9mZmVycy5jb206NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=vmzxk5rgmu1y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

b6208ed1255688ce6897c4d44bf6c5521fd8a7dcf29ff21850567820ab36ca85

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bVWWIQV30GDppCMK3mXF0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly91cW9mZmVycy5jb206NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=vmzxk5rgmu1y
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uqoffers.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 22 Sep 2021 11:43:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-bVWWIQV30GDppCMK3mXF0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19933
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame D180 52 KB
25 KB 21ms
7ms Stylesheet
text/css 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly91cW9mZmVycy5jb206NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=vmzxk5rgmu1y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 10:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 22 Sep 2022 10:12:38 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame D180 342 KB
134 KB 25ms
11ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 22 Sep 2022 11:33:45 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D180 102 B
134 B 16ms
16ms Other
text/javascript 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL

Requested by

Host: uqoffers.com
URL: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc&co=aHR0cHM6Ly91cW9mZmVycy5jb206NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=vmzxk5rgmu1y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 22 Sep 2021 11:43:41 GMT

GET
H3 200 en.json Show response
uqoffers.com/static/funnels-sdk/v6/dist/assets/i18n/ 3 KB
2 KB 43ms
42ms XHR
application/json 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/i18n/en.json?v=6.1.1
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cbd504829345f2d25367e471539195a798eb96cc0fa3e345a87486c07900ce8

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
authorization: 35e521d09a8159bb
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
:path: /static/funnels-sdk/v6/dist/assets/i18n/en.json?v=6.1.1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
sentry-trace: 11a5248d9a3246b89261b2d9ae3622c6-b47ca2fb3b228d2e-1
:method: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Authorization: 35e521d09a8159bb
sentry-trace: 11a5248d9a3246b89261b2d9ae3622c6-b47ca2fb3b228d2e-1

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Sep 2021 13:52:17 GMT
server: cloudflare
etag: W/"612f8591-a87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wbc8j2F0LI51ZQWz%2BvJ9RVciuiEhNpr09ZFlEs3rtapLCnhbIs3Z8YIbVT04kCDK75S4%2FRQXlwouqq5AeU8%2Fuv3ti7PlzMh7gTxHZkFGIXtXs5mzo26nHsMK4HIn6Z4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 692b46ecc87ff9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 geo Show response
uqoffers.com/api/v1/leads-workflow/info/ 344 B
1 KB 189ms
189ms XHR
application/json 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/api/v1/leads-workflow/info/geo?e=0&ld_id=iwhltd-ld
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a41baf14e10db32b1d1efc910318121da93078ddf19565bb37828b73cd57f145

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
authorization: 35e521d09a8159bb
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
:path: /api/v1/leads-workflow/info/geo?e=0&ld_id=iwhltd-ld
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
sentry-trace: 11a5248d9a3246b89261b2d9ae3622c6-b05ee93f53f8b2a8-1
:method: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Authorization: 35e521d09a8159bb
sentry-trace: 11a5248d9a3246b89261b2d9ae3622c6-b05ee93f53f8b2a8-1

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"01bdfa784bb9ca5425de352bd2c89931"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9La9SjoYIjlg4gHLAkxOUnaGvX3YcD6qq%2FfSRWFKrADnOX8iOIhWtSYTURbw3lgypbj4LbuIg0ySGO8bzj77UdX0NhwdU5krwF9dNoUxE5LwIVjoVWnLpqZFrXEPR7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials
cache-control: private, must-revalidate
access-control-allow-credentials: true
set-cookie: laravel_session=eyJpdiI6IlJxUmFONkQxOCt3OVhJUlA4dG85UkE9PSIsInZhbHVlIjoiTTFDaGlNMDZBN2R0bm9QU1FZb0tSellYcWZCaXYyUXpjMzBBOTRZZHlISVI3Y3Y2T1BYTGFtTjh3UVk1ZHQzd3A5bEEzRjNaYWxhRVwvRFwvdGNKRm1vUT09IiwibWFjIjoiODgyZWE2YTYxZmM0MDQzOWQxMzZmZDIzZGQ2MzI0YzJlZGVmODRhYjFhYmNiMjlkNGQ0MjliMGVkMDNlZWYzNiJ9; path=/; HttpOnly
cf-ray: 692b46ecc881f9e2-PRG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials,Authorization,sentry-trace
expires: -1

GET
H3 200 onStateEnter Show response
uqoffers.com/api/v1/leads-workflow/forms/ 790 B
1 KB 397ms
396ms XHR
application/json 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/api/v1/leads-workflow/forms/onStateEnter?e=0&ld_id=iwhltd-ld&id=64784&referer=https%3A%2F%2Fuqoffers.com%2Fmirror%2Findex.html
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7f37f49993a1aa849ae9aacaf6b320d02d31987b5bc929a61709be5f406419d

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
authorization: 35e521d09a8159bb
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
:path: /api/v1/leads-workflow/forms/onStateEnter?e=0&ld_id=iwhltd-ld&id=64784&referer=https%3A%2F%2Fuqoffers.com%2Fmirror%2Findex.html
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Authorization: 35e521d09a8159bb

Response headers

date: Wed, 22 Sep 2021 11:43:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
server: cloudflare
etag: W/"161865348c260f69408f8cdb7ca2f9e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyuKOVdpn8O9o7DXcuo0RkPvSoLOecl9qLOZ%2F24aros8zGCjMvDdpB1kXnA5BYocemL4GnV4UJ4Qtr7C5keK3gVeQqFuoC1b6Kvms7ZjLODaxH5FGzyXfefij5%2FMKok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials
cache-control: private, must-revalidate
access-control-allow-credentials: true
set-cookie: laravel_session=eyJpdiI6InBpZEUwNWNNWGc1SHZKRTRQZCs4RHc9PSIsInZhbHVlIjoiWlE4ckFka1dTNTJxcXFTY041Ylk3ME02blk1eUYxUFwvUHpHZjRtbVUxUUZCVFcwT1llMUZGWHN4QmwxajNLQmF1SGdCUHc0UENJYm12TXdUWWM0TlV3PT0iLCJtYWMiOiIyNjNmNDBhNzNiNjgyMmZhMjYwYjFhZDY2MTFlMGVhMDM1Y2I1YjQ0OTZkMmExZTFhZjE1YmM5M2YxZWY4ZWIwIn0%3D; path=/; HttpOnly
cf-ray: 692b46ecd883f9e2-PRG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials,Authorization,sentry-trace
expires: -1

POST
H3 200 result Show response
uqoffers.com/cdn-cgi/challenge-platform/h/b/cv/ 2 B
753 B 107ms
106ms XHR
text/plain 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uqoffers.com/cdn-cgi/challenge-platform/h/b/cv/result?req_id=692b46e82e5b4119
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-fetch-mode: cors
origin: https://uqoffers.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: laravel_session=eyJpdiI6IlJxUmFONkQxOCt3OVhJUlA4dG85UkE9PSIsInZhbHVlIjoiTTFDaGlNMDZBN2R0bm9QU1FZb0tSellYcWZCaXYyUXpjMzBBOTRZZHlISVI3Y3Y2T1BYTGFtTjh3UVk1ZHQzd3A5bEEzRjNaYWxhRVwvRFwvdGNKRm1vUT09IiwibWFjIjoiODgyZWE2YTYxZmM0MDQzOWQxMzZmZDIzZGQ2MzI0YzJlZGVmODRhYjFhYmNiMjlkNGQ0MjliMGVkMDNlZWYzNiJ9
content-length: 14691
:path: /cdn-cgi/challenge-platform/h/b/cv/result?req_id=692b46e82e5b4119
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: uqoffers.com
referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
:scheme: https
sec-fetch-site: same-origin
sentry-trace: 11a5248d9a3246b89261b2d9ae3622c6-80fbbe50d7ef8553-1
:method: POST
Referer: https://uqoffers.com/mirror/index.html?d=eyJpZCI6NjQ3ODQsInNlY3JldCI6IjM1ZTUyMWQwOWE4MTU5YmIiLCJkb21haW4iOiJ0cm9vYmZ0cC5jb20iLCJhcGkiOiJpd2hsdGQtbGQifQ%3D%3D
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sentry-trace: 11a5248d9a3246b89261b2d9ae3622c6-80fbbe50d7ef8553-1
Content-Type: application/json

Response headers

date: Wed, 22 Sep 2021 11:43:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrDTqBQI61GZ9bv5KAyt1fqemX%2BgkHwpffXQQhzd9OcZbyouvHxtx%2FkFJOvLGw28FyxPZXcbWEFNr4eR2TFgJieT6f2xLjIjjpGM231YMp4KiQ%2FymGEKbvqulxOfFHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
set-cookie: __cf_bm=V_8Ort_z.AJMNkHnVpFZz65XPTwQstN4OfOft0IhZOc-1632311021-0-AQOSi7cX/5ja3qNLwZz4UqXiFAkp53NBuw52/MPRYz64jk/HJnWwF0iMj4NFTSQOf3dUbReArl0AphHUKHQaUh6Fkv4WtwvPIb0ATrGfeUFUIoNxR5Ehy9QEqMedusaqfg==; path=/; expires=Wed, 22-Sep-21 12:13:41 GMT; domain=.uqoffers.com; HttpOnly; Secure; SameSite=None
cf-ray: 692b46eeeb0cf9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

GET
H3 200 flags.png
uqoffers.com/static/funnels-sdk/v6/dist/assets/img/ 69 KB
70 KB 70ms
69ms Image
image/png 172.67.170.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/img/flags.png
Requested by: Host: uqoffers.com
URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

:path: /static/funnels-sdk/v6/dist/assets/img/flags.png
pragma: no-cache
cookie: laravel_session=eyJpdiI6InBpZEUwNWNNWGc1SHZKRTRQZCs4RHc9PSIsInZhbHVlIjoiWlE4ckFka1dTNTJxcXFTY041Ylk3ME02blk1eUYxUFwvUHpHZjRtbVUxUUZCVFcwT1llMUZGWHN4QmwxajNLQmF1SGdCUHc0UENJYm12TXdUWWM0TlV3PT0iLCJtYWMiOiIyNjNmNDBhNzNiNjgyMmZhMjYwYjFhZDY2MTFlMGVhMDM1Y2I1YjQ0OTZkMmExZTFhZjE1YmM5M2YxZWY4ZWIwIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: uqoffers.com
referer: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:43:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70857
last-modified: Wed, 01 Sep 2021 13:52:17 GMT
server: cloudflare
etag: "612f8591-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FB3pIxEGQEo3d%2BtmqFEwGGI9fFX6sAzOKgYajiTA7hKhFDYgSFuDD8zPGJpj8G%2ByGFO52rxp%2F6nAg%2Fo1Kk3xg0fUHx2sCFxA2i4vYIqFeejreXzeMQgEjAIIG%2B7PR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 692b46ef5b77f9e2-PRG
expires: Wed, 29 Sep 2021 11:43:41 GMT

POST
H2 200 / Show response
o445185.ingest.sentry.io/api/5421136/envelope/ 41 B
283 B 56ms
15ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o445185.ingest.sentry.io/api/5421136/envelope/?sentry_key=a37bd96361a84a13aec68cc8fc230f3c&sentry_version=7

Requested by

Host: uqoffers.com
URL: https://uqoffers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f80aa0ce1a79952eefc8917e2cc8548604b304f12931d736f7b4a885988f05a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://uqoffers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Sep 2021 11:43:43 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://uqoffers.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
troobftp.com/	1969-12-31 23:59:59	Name: laravel_session Value: eyJpdiI6IlVnTGV5VWJ6eStuSVl2MU53dmg0dWc9PSIsInZhbHVlIjoiUVVJdkR6UVwvYVwvVmxKUjR4WnFYeG05SVY1OUt4TE1KRUl1ZzJtYVlMOUREcEljSFAxV2RnK1hJSUdzMStjeHNIdWhCMk55cFVRWVlEU2g0QjVNWm5Zdz09IiwibWFjIjoiY2UzOWUxOGRkMDljMjhlODc2NTU0ZjhiNDFlYzE5NjBkZmQxYjQxMDMyZGViYjc3Y2RmYmNmOTkyNTllMTcwNyJ9
uqoffers.com/	1969-12-31 23:59:59	Name: laravel_session Value: eyJpdiI6InBpZEUwNWNNWGc1SHZKRTRQZCs4RHc9PSIsInZhbHVlIjoiWlE4ckFka1dTNTJxcXFTY041Ylk3ME02blk1eUYxUFwvUHpHZjRtbVUxUUZCVFcwT1llMUZGWHN4QmwxajNLQmF1SGdCUHc0UENJYm12TXdUWWM0TlV3PT0iLCJtYWMiOiIyNjNmNDBhNzNiNjgyMmZhMjYwYjFhZDY2MTFlMGVhMDM1Y2I1YjQ0OTZkMmExZTFhZjE1YmM5M2YxZWY4ZWIwIn0%3D
.uqoffers.com/	1970-01-19 21:25:12	Name: __cf_bm Value: V_8Ort_z.AJMNkHnVpFZz65XPTwQstN4OfOft0IhZOc-1632311021-0-AQOSi7cX/5ja3qNLwZz4UqXiFAkp53NBuw52/MPRYz64jk/HJnWwF0iMj4NFTSQOf3dUbReArl0AphHUKHQaUh6Fkv4WtwvPIb0ATrGfeUFUIoNxR5Ehy9QEqMedusaqfg==

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://uqoffers.com/mirror/fonts/icon-mirror.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/images/icon-fb.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/images/icon-tw.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/images/icon-pi.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/fonts/ipso.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/fonts/trust-project.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/fonts/opensans-semibold-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/fonts/opensans-regular-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/images/icon-gr.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/fonts/opensans-bold-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://uqoffers.com/mirror/fonts/opensans-condbold-webfont.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
deprecation	warning	URL: https://uqoffers.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
hqcm.me
numbotk.com
o445185.ingest.sentry.io
polyfill.io
troobftp.com
uqoffers.com
www.google.com
www.gstatic.com
104.16.19.94
104.21.79.89
104.21.90.96
142.250.181.228
142.250.186.99
151.101.65.26
172.67.170.254
185.212.129.251
34.120.195.249
0080c6a3c7ae014102268cbe27c5a9c230d3b59b665e53637473f214ab4c61e3
07a4c21d8817f30f39265641c865833bec7a7aa3f9a94a9b40577f351ba07ec1
08e45c4e07231dd63ceeacb0ab3c7bbb8d86d9228087e668f847ddaa6be6e256
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0b2ce7e5c4af52316ad8c348cb88a325ce2d1dfc47b857d3b4d065536d23b9be
0fe6690c98e11b16b97dfc9092e4efc228b8027b4518165ae235214a97658633
1099f9f7104a7a6ab217dceb4008a336d3640fc34602645a180d4593f9c01db8
1bf149ea16e0f6bb90952fe79ad5e0ec3891e4e3bc2d1337406d36cd41b2ef5a
203b45db83c26370b0e06d8dcdd565c7b9b2f49a78c564c5a984141ba074ea73
2133dfd0e49c565f4154796def6212690d25226979cf6fe8fb9da943f7148db9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a24c2fa67a1b131e597c59792028b201ae850f8760364172471a001ad9504c4
2cbd504829345f2d25367e471539195a798eb96cc0fa3e345a87486c07900ce8
325e817f118ec406765c27bca13fb22b7a0d1dcc5dac0606708b3cd093efbd6b
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3ee38441ef9c471c2488d253ee2d7898b7e8fa78de7f944500d545f483285cd7
433a247ece365c262009204c8efd842555e7b0d153b9acc0db66019ccaab363b
4a89fd5f3e363d769bb1c458b7379e1cf4d742706e3edc0b37f3a023c3d7e17d
4c8309fd3817b1d1372b1abcd36591f30d405e3e66105ca19073b0993e4eca57
4d9212425bfae243482aa7b576858e1df8dd6a57435c31ae880e64ff32d8fec8
56b23d9b5a2837bab2dc89a0b9b1036361e20173f1527ea3c0c56b9d50709da5
581d2a3e48f4e038b14959cd68832c63e83ee90800d9987c36de80eabe90ec42
58b6cc29c1a3f5a556dffcbe055228202a122db668db2f5393d0dc1c2eab0805
5bded4b7db5f93ebdb6ac3dd042b631c37be33ca76770e0546ce86a0f4f30e66
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6150752db531183dee8aa964cc8bca035e2688be412515c8a6a1566e3d059dad
6c1e5a6b2997cc9949169581fa1690ed0cc6a52b527ebfd459aa1206edbebd09
759a75f78365ae447a91dc9a5349a6eefd25093184637f261269bff5b96434aa
7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4
7ee18c9ae3a6758e0d4334e0c67b13b5ceb999a6af1dad72fcc6c8f1bbc369a7
8b9d110b4592d446bdfbac7b0ed11f540ef7b358d120fae362e3ac7076ab3873
9545173a543892c58b1edcc0aa4ad144e962641aa6e96392cbdf4b3b850cece9
972060c8d603cc5f0a10245ab0c6b0791987f932274a6508f47062b8a04d3deb
973373859d28d6c3abc165ba2f901db2408c4f418064e73d04c998ad7ce504dc
98a0be436ec50f106084c4eb8e2d39a2dd08d041edeebba00029088265e55a4c
9adcc8a13d554b65180512dfe06e5d247c6584f2706971e7ea0496449a63ba76
a41baf14e10db32b1d1efc910318121da93078ddf19565bb37828b73cd57f145
a529bfa7bb8c081736251214e21565a497087ee3576dcd9a08757f983c97f0ec
a7f37f49993a1aa849ae9aacaf6b320d02d31987b5bc929a61709be5f406419d
a932f384beec3b73bd9d1b88c2ae941e1403b8e78766b23ff853352dce6b5900
ac2100174aafb386d65d2b961453a04e5fb0bcfa4fe8b98341822d237fe9d3e1
b45af467027a09a6c13dcb6fb989d125acd7d96e639bbaca7521d874ae3bd0b1
b6208ed1255688ce6897c4d44bf6c5521fd8a7dcf29ff21850567820ab36ca85
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
d2f4c6c31e2f76d443645063cda651e8fc2eca1139c973802e6fca959df3cc80
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
dbe45ee114d8d35ffe978af646ef381d959d1b2f664e6482d0a4ce77e82aab52
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
e620b573d7cb8701b0ed12b9dfca9dc2e7a646faa706d8a09bd3cc1e8c6ba25a
e8d549dca5636db862aedc5eba7adf669fa5b8e792d5de57d6783f68bfd4a333
eb976f4d9afa2e5539aaa0ef270f9bccb2d7c55f9a2641fac9f9d3f4183f8b53
ec245e73a504f55c92bd7742caf23361fdb4991bc9618bb6a04a19aa2e9d2637
f0f2fa9fb42053f5225c6bd8f0252a03bc4cf2e83bb6512b6a1963dff0a269f3
f6215e56dc9647487fc504c95bec6c653f7f2fa614c4c62149e88d5e2d606110
f80aa0ce1a79952eefc8917e2cc8548604b304f12931d736f7b4a885988f05a5

uqoffers.com Open in urlscan Pro 172.67.170.254 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

0 %IPv6

9 Domains

9 Subdomains

7 IPs

3 Countries

1333 kBTransfer

2957 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uqoffers.com Open in urlscan Pro
172.67.170.254 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

1333 kB
Transfer

2957 kB
Size

3
Cookies

66 HTTP transactions
1 data transactions