offers.hopa.com Open in urlscan Pro
2.16.181.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://red.ideamakasiini.com/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVjZjc5MGEzYmNkNjJfMTI0Ijt9/amFndGFwLnZpbml0J...
Effective URL:
https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdk...
Submission: On February 19 via manual (February 19th 2020, 2:42:57 pm UTC) from PH

Summary HTTP 70 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 21 domains to perform 70 HTTP transactions. The main IP is 2.16.181.75, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is offers.hopa.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2019. Valid for: 2 years.

This is the only time offers.hopa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.135.140.177 5.135.140.177	16276 (OVH) (OVH)
1	178.255.74.54 178.255.74.54	20746 (ASN-IDC T...) (ASN-IDC T.NO.OM.I.NC)
2	34.241.215.75 34.241.215.75	16509 (AMAZON-02) (AMAZON-02)
30	2.16.181.75 2.16.181.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:f... 2600:1901:0:fcac::	15169 (GOOGLE) (GOOGLE)
2	23.0.36.169 23.0.36.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	188.42.160.46 188.42.160.46	35415 (WEBZILLA) (WEBZILLA)
1	13.35.253.60 13.35.253.60	16509 (AMAZON-02) (AMAZON-02)
6	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.216.106.69 52.216.106.69	16509 (AMAZON-02) (AMAZON-02)
2	34.232.223.196 34.232.223.196	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:eb:... 2a02:26f0:eb:1a3::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
70	23

1 5.135.140.177 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: e5-webmxt.emslip.com

red.ideamakasiini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.255.74.54 (Italy)

ASN20746 (ASN-IDC T.NO.OM.I.NC, IT)
PTR: borgomanero.espotter.net

affiliate.across.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.215.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-215-75.eu-west-1.compute.amazonaws.com

traffic.focuusing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2.16.181.75 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-181-75.deploy.static.akamaitechnologies.com

offers.hopa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:fcac:: (United States)

ASN15169 (GOOGLE, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.0.36.169 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-36-169.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
685b3918.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.160.46 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-60.fra6.r.cloudfront.net

86519160.adoric-om.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.106.69 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.223.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-223-196.compute-1.amazonaws.com

app.adoric-om.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:1a3::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	hopa.com offers.hopa.com	983 KB
8	ad-score.com js.ad-score.com data.ad-score.com	97 KB
4	facebook.com www.facebook.com	698 B
3	adoric-om.com 86519160.adoric-om.com app.adoric-om.com	35 KB
3	facebook.net connect.facebook.net	255 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	gstatic.com fonts.gstatic.com	26 KB
2	doubleclick.net stats.g.doubleclick.net	204 B
2	rtmark.net my.rtmark.net	2 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	50 KB
2	focuusing.com traffic.focuusing.com	2 KB
1	akstat.io 685b3918.akstat.io	202 B
1	nr-data.net bam.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	amazonaws.com s3.amazonaws.com	12 KB
1	criteo.com sslwidget.criteo.com	1 KB
1	criteo.net static.criteo.net	10 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
1	googleapis.com fonts.googleapis.com	850 B
1	across.it affiliate.across.it	983 B
1	ideamakasiini.com 1 redirects red.ideamakasiini.com	479 B
70	21

	Domain	Requested by
30	offers.hopa.com	traffic.focuusing.com offers.hopa.com
6	data.ad-score.com	js.ad-score.com offers.hopa.com
4	www.facebook.com	offers.hopa.com
3	connect.facebook.net	affiliate.across.it connect.facebook.net
3	www.google-analytics.com	2 redirects www.googletagmanager.com
3	fonts.gstatic.com	offers.hopa.com
2	app.adoric-om.com	86519160.adoric-om.com
2	stats.g.doubleclick.net	offers.hopa.com
2	my.rtmark.net	www.googletagmanager.com offers.hopa.com
2	js.ad-score.com	offers.hopa.com js.ad-score.com
2	traffic.focuusing.com	traffic.focuusing.com
1	685b3918.akstat.io	s.go-mpulse.net
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	offers.hopa.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s3.amazonaws.com	86519160.adoric-om.com
1	sslwidget.criteo.com	static.criteo.net
1	86519160.adoric-om.com	affiliate.across.it
1	static.criteo.net	www.googletagmanager.com
1	www.googletagmanager.com	offers.hopa.com
1	s.go-mpulse.net	offers.hopa.com
1	fonts.googleapis.com	offers.hopa.com
1	affiliate.across.it
1	red.ideamakasiini.com	1 redirects
70	24

This site contains links to these domains. Also see Links.

Domain
download.gamesrv1.com
info.hopa.com
secure.gamblingcommission.gov.uk
hopa.com

Subject Issuer	Validity	Valid
www.ediscom.it GlobalSign Organization Validation CA - SHA256 - G2	`2019-03-11` - `2021-03-11`	2 years	crt.sh
*.hopa.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-17` - `2021-11-16`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2019-09-02` - `2020-11-01`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2019-04-16` - `2020-06-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
my.rtmark.net Let's Encrypt Authority X3	`2019-12-09` - `2020-03-08`	3 months	crt.sh
adoric.com Amazon	`2019-04-17` - `2020-05-17`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Frame ID: 86AE6F091FD072C02F1B36F99BBF3D63
Requests: 69 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/PN86Z-VXR8H-CZYYG-TVAW7-F6PYF
Frame ID: C76EBB76571D1C8269E335BB3CE414EA
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000211
Frame ID: 61A94B4E1308AC210495D310253D0E9F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://traffic.focuusing.com/router?code=FM7BG3V&traffic_source=296833&afi=24917&ar=2576&gclid=dfyy1s3qe0... Page URL
http://traffic.focuusing.com/process?afi=24917&ar=2576&campaign=669884&destination=1424365&gclid=dfyy1s3q... Page URL
https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gcl... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

mod_dav (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i

mod_ssl (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /mod_ssl(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
headers server /\b(?:mod_)?DAV\b(?:\/([\d.]+))?/i
headers server /mod_ssl(?:\/([\d.]+))?/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/\/static.criteo.net\/js\/ld\/ld.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

70
Requests

96 %
HTTPS

43 %
IPv6

21
Domains

24
Subdomains

23
IPs

8
Countries

1530 kB
Transfer

3092 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://download.gamesrv1.com/Resources/External/bonusterms/tc_eng_EUR.html
Title: Wagering

Search URL Search Domain Scan URL

URL: https://info.hopa.com/BonusPolicy.aspx?lng=ENG&popup=1
Title: Bonus Policy

Search URL Search Domain Scan URL

URL: https://secure.gamblingcommission.gov.uk/gccustomweb/PublicRegister/PRSearch.aspx?ExternalAccountId=39483
Title: here

Search URL Search Domain Scan URL

URL: http://hopa.com/responsible-gaming
Title: Gambling can be addictive, please play responsibly

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://traffic.focuusing.com/router?code=FM7BG3V&traffic_source=296833&afi=24917&ar=2576&gclid=dfyy1s3qe0klnbxdkwnC272687396&gclid=dfyy1s3qe0klnbxdkwnC272687396 Page URL
http://traffic.focuusing.com/process?afi=24917&ar=2576&campaign=669884&destination=1424365&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&tid=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&traffic_source=296833&crfn=t15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c Page URL
https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://red.ideamakasiini.com/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVjZjc5MGEzYmNkNjJfMTI0Ijt9/amFndGFwLnZpbml0JTQwc3NhYi5jb20=/13770935/663258 HTTP 302
https://affiliate.across.it/v2/click/dfyy1s3qe0klnbxdkwn

Request Chain 51

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1696064530&t=pageview&_s=1&dl=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26popunder%3D%7Bpopunder%7D&dr=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24917%26ar%3D2576%26campaign%3D669884%26destination%3D1424365%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26tid%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26traffic_source%3D296833%26crfn%3Dt15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&ul=en-us&de=UTF-8&dt=Golden%20Wheel%20of%20Fortune&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAABAAAAg~&jid=1993165943&gjid=1489860757&cid=1077754004.1582123365&tid=UA-85369190-1&_gid=747366826.1582123365&_r=1&gtm=2wg250KD944MM&cd1=24917&cd2=2576&cd3=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&cd4=dfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396&cd5=69493&z=1051161661 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85369190-1&cid=1077754004.1582123365&jid=1993165943&_gid=747366826.1582123365&gjid=1489860757&_v=j81&z=1051161661

Request Chain 63

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1696064530&t=adtiming&_s=2&dl=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26popunder%3D%7Bpopunder%7D&dr=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24917%26ar%3D2576%26campaign%3D669884%26destination%3D1424365%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26tid%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26traffic_source%3D296833%26crfn%3Dt15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&ul=en-us&de=UTF-8&dt=Golden%20Wheel%20of%20Fortune&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1975&pdt=30&dns=35&rrt=6&srt=106&tcp=298&dit=663&clt=663&_gst=585&_gbt=841&_cst=515&_cbt=574&_u=aHDAAEABAAAAg~&jid=1438978750&gjid=1420100747&cid=1077754004.1582123365&tid=UA-85369190-1&_gid=747366826.1582123365&_r=1&gtm=2wg250KD944MM&cd1=24917&cd2=2576&cd3=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&cd4=dfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396&cd5=69493&z=1091386828 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85369190-1&cid=1077754004.1582123365&jid=1438978750&_gid=747366826.1582123365&gjid=1420100747&_v=j81&z=1091386828

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set dfyy1s3qe0klnbxdkwn
affiliate.across.it/v2/click/
Redirect Chain

http://red.ideamakasiini.com/click/YToxOntzOjM6InRhZyI7czozMDoiZGF0YV9zZW5kb3V0XzVjZjc5MGEzYmNkNjJfMTI0Ijt9/amFndGFwLnZpbml0JTQwc3NhYi5jb20=/13770935/663258
https://affiliate.across.it/v2/click/dfyy1s3qe0klnbxdkwn

0
983 B

207ms
55ms

Document
text/html

178.255.74.54
ASN-IDC T.NO.OM.I.NC

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.across.it/v2/click/dfyy1s3qe0klnbxdkwn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 178.255.74.54 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS: borgomanero.espotter.net
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13 / PHP/5.4.13
Resource Hash

Request headers

Host: affiliate.across.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 19 Feb 2020 14:42:38 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1c DAV/2 PHP/5.4.13
X-Powered-By: PHP/5.4.13
Set-Cookie: tr[dfyy1s3qe0klnbxdkwn]=1; expires=Wed, 19-Feb-2020 15:42:38 GMT; path=/; samesite=None; secure track[1886]=dfyy1s3qe0klnbxdkwnC272687396; expires=Thu, 20-Feb-2020 14:42:38 GMT; path=/; samesite=None; secure track[0]=dfyy1s3qe0klnbxdkwnC272687396; expires=Thu, 20-Feb-2020 14:42:38 GMT; path=/; samesite=None; secure
P3P: policyref="https://affiliate.across.it/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR NOR UNI COM NAV INT";
Refresh: 0; URL=http://traffic.focuusing.com/router?code=FM7BG3V&traffic_source=296833&afi=24917&ar=2576&gclid=dfyy1s3qe0klnbxdkwnC272687396&gclid=dfyy1s3qe0klnbxdkwnC272687396
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 20
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Wed, 19 Feb 2020 14:42:41 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.4-14+deb7u7
Set-Cookie: BMT__beverlymail__data_sendout_5cf790a3bcd62_124=1582123362__jagtap.vinit%40ssab.com; expires=Sat, 21-Mar-2020 14:42:42 GMT
Location: https://affiliate.across.it/v2/click/dfyy1s3qe0klnbxdkwn
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK Cookie set router Show response
traffic.focuusing.com/ 321 B
1019 B 2715ms
2444ms Document
text/html 34.241.215.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://traffic.focuusing.com/router?code=FM7BG3V&traffic_source=296833&afi=24917&ar=2576&gclid=dfyy1s3qe0klnbxdkwnC272687396&gclid=dfyy1s3qe0klnbxdkwnC272687396
Protocol: HTTP/1.1
Server: 34.241.215.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-215-75.eu-west-1.compute.amazonaws.com
Software: Mono-HTTPAPI/1.0 /
Resource Hash: da7a78a3218fab63ebb9a5c9241f6d2ad3ee55d663d964648d18ee5dd57fdaa5

Request headers

Host: traffic.focuusing.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-cache, must-revalidate
Cache-control: no-cache="set-cookie"
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Feb 2020 14:42:43 GMT
Expires: Thu, 11 Nov 1999 11:11:11 GMT
ORIG_REF: http://unknown.net/
Server: Mono-HTTPAPI/1.0
Set-Cookie: CRID=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c;Expires=Sun, 19-Apr-2020 14:42:43; FCRID=Q3VzdG9tZXI=:100709_QWR2ZXJ0aXNlcg==:66232_Q2FtcGFpZ24=:669884;Expires=Sun, 19-Apr-2020 14:42:43; AWSELB=77D91F6D08571353F1686779C47F77A540CBED705DA55B6BD6207F177433D0A52594319DF4CB94D7B6ED44142F2D787165DBEAC805F8B7A95FDC956F99681086306C57F02F;PATH=/;MAX-AGE=360
Content-Length: 321
Connection: keep-alive

GET
H/1.1 200
OK Cookie set process Show response
traffic.focuusing.com/ 250 B
756 B 49ms
48ms Document
text/html 34.241.215.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://traffic.focuusing.com/process?afi=24917&ar=2576&campaign=669884&destination=1424365&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&tid=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&traffic_source=296833&crfn=t15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c
Requested by: Host: traffic.focuusing.com
URL: http://traffic.focuusing.com/router?code=FM7BG3V&traffic_source=296833&afi=24917&ar=2576&gclid=dfyy1s3qe0klnbxdkwnC272687396&gclid=dfyy1s3qe0klnbxdkwnC272687396
Protocol: HTTP/1.1
Server: 34.241.215.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-215-75.eu-west-1.compute.amazonaws.com
Software: Mono-HTTPAPI/1.0 /
Resource Hash: a06b2f8f123b1f66cc0c4119192e333513d39ea9ca358288ba3ac3887bb4036b

Request headers

Host: traffic.focuusing.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://traffic.focuusing.com/router?code=FM7BG3V&traffic_source=296833&afi=24917&ar=2576&gclid=dfyy1s3qe0klnbxdkwnC272687396&gclid=dfyy1s3qe0klnbxdkwnC272687396
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: CRID=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c; FCRID=Q3VzdG9tZXI=:100709_QWR2ZXJ0aXNlcg==:66232_Q2FtcGFpZ24=:669884; AWSELB=77D91F6D08571353F1686779C47F77A540CBED705DA55B6BD6207F177433D0A52594319DF4CB94D7B6ED44142F2D787165DBEAC805F8B7A95FDC956F99681086306C57F02F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://traffic.focuusing.com/router?code=FM7BG3V&traffic_source=296833&afi=24917&ar=2576&gclid=dfyy1s3qe0klnbxdkwnC272687396&gclid=dfyy1s3qe0klnbxdkwnC272687396

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Feb 2020 14:42:43 GMT
Expires: Thu, 11 Nov 1999 11:11:11 GMT
ORIG_REF: http://traffic.focuusing.com/router?code=FM7BG3V&traffic_source=296833&afi=24917&ar=2576&gclid=dfyy1s3qe0klnbxdkwnC272687396&gclid=dfyy1s3qe0klnbxdkwnC272687396
Server: Mono-HTTPAPI/1.0
Set-Cookie: CRID=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c;Expires=Sun, 19-Apr-2020 14:42:43;
Content-Length: 250
Connection: keep-alive

GET
H2 200 Primary Request / Show response
offers.hopa.com/IE/GWOF/ 22 KB
8 KB 443ms
106ms Document
text/html 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}

Requested by

Host: traffic.focuusing.com
URL: http://traffic.focuusing.com/process?afi=24917&ar=2576&campaign=669884&destination=1424365&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&tid=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&traffic_source=296833&crfn=t15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

99186e3f482b4dd985184ab8095fef0783c5cef7ad2ede879f666677ecf2c730

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

:method: GET
:authority: offers.hopa.com
:scheme: https
:path: /IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://traffic.focuusing.com/process?afi=24917&ar=2576&campaign=669884&destination=1424365&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&tid=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&traffic_source=296833&crfn=t15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: http://traffic.focuusing.com/process?afi=24917&ar=2576&campaign=669884&destination=1424365&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&tid=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&traffic_source=296833&crfn=t15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c

Response headers

status: 200
server: Apache
content-encoding: gzip
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=16070400; includeSubDomains
x-akamai-transformed: 9 6808 0 pmb=mRUM,2
date: Wed, 19 Feb 2020 14:42:44 GMT
content-length: 8034
vary: Accept-Encoding
server-timing: cdn-cache; desc=MISS edge; dur=14 origin; dur=18

GET
H2 200 style.css
offers.hopa.com/generic-assets/wof/dist/style/ 26 KB
5 KB 38ms
38ms Stylesheet
text/css 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.hopa.com/generic-assets/wof/dist/style/style.css

Requested by

Host: offers.hopa.com
URL: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1d754bb9b28886580f1fc90feaefcb078e49677f64060cc461749e694ce7ac71

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
last-modified: Sun, 26 Nov 2017 08:55:32 GMT
server: Apache
etag: "68cd-55edef2c06900-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 4890

GET
H2 200 bg.jpg
offers.hopa.com/generic-assets/wof/assets/images/ 71 KB
72 KB 38ms
38ms Image
image/jpeg 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/bg.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

58b64ee655e9675b9c929033b9fff755cbaa9e5d1bdf93c09ad6ca87a223e486

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:58 GMT
server: Apache
etag: "11cee-55429e05ae980"
content-type: image/jpeg
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 72942

GET
H2 200 bg_close_eyes.jpg
offers.hopa.com/generic-assets/wof/assets/images/ 1 KB
2 KB 82ms
82ms Image
image/jpeg 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/bg_close_eyes.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3725472cffa27bbd2c0ee1242869c612fed8d610243992ecd97d7a80aa04d52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:56 GMT
server: Apache
etag: "599-55429e03c6500"
content-type: image/jpeg
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1433

GET
H2 200 lights-glow.png
offers.hopa.com/generic-assets/wof/assets/images/ 105 KB
106 KB 61ms
54ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/lights-glow.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

907cb937603341dcdb700423fd83a73d85aa1f65b96356ba2b37a60fa5114966

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:42:00 GMT
server: Apache
etag: "1a5d6-55429e0796e00"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 107990

GET
H2 200 circle.png
offers.hopa.com/generic-assets/wof/assets/images/ 28 KB
28 KB 122ms
115ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/circle.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e6d1c0f0d317ba616313802936d644d9e4c5efafbd7ab1ef21a46e868a7e8d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:58 GMT
server: Apache
etag: "6ef6-55429e05ae980"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 28406

GET
H2 200 wheel.png
offers.hopa.com/generic-assets/wof/assets/images/ 112 KB
112 KB 414ms
407ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/wheel.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4470fc836a34b8fa3932567ac16e87143e93ae0b6025967b7112960e84dbba55

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:42:04 GMT
server: Apache
etag: "1be41-55429e0b67700"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 114241

GET
H2 200 wheel_turning.png
offers.hopa.com/generic-assets/wof/assets/images/ 111 KB
111 KB 498ms
491ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/wheel_turning.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

beb7757c36133e5e2bbace9f195c206d2deb9a03162ce393e11efce2c3d6c4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:42:04 GMT
server: Apache
etag: "1ba31-55429e0b67700"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 113201

GET
H2 200 highlighted_100.png
offers.hopa.com/generic-assets/wof/assets/images/ 34 KB
35 KB 524ms
517ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/highlighted_100.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e8bd64455f4e943137bfb75e4d9fda0ea2daa22128e693a4a4ea6acb4c26177b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:58 GMT
server: Apache
etag: "88ff-55429e05ae980"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 35071

GET
H2 200 engnl.png
offers.hopa.com/generic-assets/wof/assets/images/spin_button/ 29 KB
29 KB 506ms
499ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/spin_button/engnl.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7f87c5d9d77a2951cf8d730caf419c0cde43be3395efe9cb4e8cd61ffc16c991

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:42:02 GMT
server: Apache
etag: "738e-55429e097f280"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 29582

GET
H2 200 arrow.png
offers.hopa.com/generic-assets/wof/assets/images/ 3 KB
3 KB 505ms
499ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/arrow.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c96ba3216e654b5b5744192455f1f8b0153b4e2bbefa94014ffdd5fb16d878e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:56 GMT
server: Apache
etag: "b4a-55429e03c6500"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 2890

GET
H2 200 a.png
offers.hopa.com/generic-assets/wof/assets/images/click_sign/ 60 KB
61 KB 531ms
525ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/click_sign/a.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7501941a419e13efa5628ca979ae4cfb30e6b43df57239f4bd9321412e8908b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:52 GMT
server: Apache
etag: "f0ea-55429dfff5c00"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 61674

GET
H2 200 b.png
offers.hopa.com/generic-assets/wof/assets/images/click_sign/ 61 KB
61 KB 548ms
542ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/click_sign/b.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b54368d107d9e76b0d36a0ef60f8200033196faa79feaa23a03ef85d4d687ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:56 GMT
server: Apache
etag: "f481-55429e03c6500"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 62593

GET
H2 200 m_a.png
offers.hopa.com/generic-assets/wof/assets/images/click_sign/ 48 KB
48 KB 571ms
565ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/click_sign/m_a.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0e2ca4e1158f81d83abdfe7a14073d182ed806342d0018ea1a250d6deb5ee0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:56 GMT
server: Apache
etag: "bf86-55429e03c6500"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 49030

GET
H2 200 m_b.png
offers.hopa.com/generic-assets/wof/assets/images/click_sign/ 47 KB
48 KB 636ms
630ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/click_sign/m_b.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eb9916d09e71e052fc763f0a14e0953a41579c999bbeac748cf01999826a3435

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:58 GMT
server: Apache
etag: "bdfa-55429e05ae980"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 48634

GET
H2 200 overlay.png
offers.hopa.com/generic-assets/wof/assets/images/ 77 KB
78 KB 665ms
659ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/overlay.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c7f06020ea8fba0ad3708a0321ab482d1b7930ec879d11f6d423b119e6430ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:42:00 GMT
server: Apache
etag: "1352d-55429e0796e00"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 79149

GET
H2 200 k1.png
offers.hopa.com/generic-assets/wof/assets/images/confetti/ 2 KB
2 KB 747ms
742ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/confetti/k1.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

25b11c9ac5fabd9309e8fae77620b2bd4da4d6c5ae419f7be0189d867c71fdf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:50 GMT
server: Apache
etag: "677-55429dfe0d780"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1655

GET
H2 200 k2.png
offers.hopa.com/generic-assets/wof/assets/images/confetti/ 1 KB
1 KB 748ms
742ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/confetti/k2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a6dac8042626e5bae65ee7498b3709b7c0196730be7ce031b554cbc530d850e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:50 GMT
server: Apache
etag: "4b6-55429dfe0d780"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1206

GET
H2 200 k3.png
offers.hopa.com/generic-assets/wof/assets/images/confetti/ 1 KB
1 KB 748ms
742ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/confetti/k3.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d6cfa1e391b852e078d0dfb87f34b855c5bfa8ba521e8ccbfab203fa0f593b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:52 GMT
server: Apache
etag: "4fa-55429dfff5c00"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1274

GET
H2 200 k4.png
offers.hopa.com/generic-assets/wof/assets/images/confetti/ 2 KB
2 KB 748ms
742ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/confetti/k4.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0c94c9b02a903b8cfcc9216b546b0527f45c7cff2be2f23cb13c49773b710f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:52 GMT
server: Apache
etag: "64f-55429dfff5c00"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1615

GET
H2 200 k5.png
offers.hopa.com/generic-assets/wof/assets/images/confetti/ 2 KB
2 KB 748ms
743ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/confetti/k5.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b7dbafb8f8e3356d5d9feb531c7e9a0f8d5fb503698d238721e487da03653d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:54 GMT
server: Apache
etag: "644-55429e01de080"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1604

GET
H2 200 k6.png
offers.hopa.com/generic-assets/wof/assets/images/confetti/ 1 KB
1 KB 748ms
743ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/confetti/k6.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

50817335b193b62b99cb7ec1f6cab34e4776036aa3bf364bd4f76b1f6ac94a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:54 GMT
server: Apache
etag: "403-55429e01de080"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1027

GET
H2 200 footer-payment-methods-ie.png
offers.hopa.com/generic-assets/wof/assets/images/footer/ 41 KB
42 KB 748ms
743ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/footer/footer-payment-methods-ie.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7f4bcfde0899b5f707ffb335b91bb79b0f167bc0f151cd3f4a97fd5ecd1437e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Wed, 02 Aug 2017 09:02:58 GMT
server: Apache
etag: "a51f-555c187be5480"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 42271

GET
H2 200 css
fonts.googleapis.com/ 5 KB
850 B 21ms
14ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Orbitron

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4ab348b22ac581e8f7c255b9b8491d1112ee0caddb8943ef0cc132e8d4838a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Feb 2020 14:42:44 GMT
server: ESF
date: Wed, 19 Feb 2020 14:42:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Feb 2020 14:42:44 GMT

GET
H2 200 script.min.js Show response
offers.hopa.com/generic-assets/wof/dist/scripts/ 130 KB
41 KB 55ms
48ms Script
application/javascript 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.hopa.com/generic-assets/wof/dist/scripts/script.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cacd462ac2a5ee49b77e8a257b4bfccdbf2116ed0875095c03a02fa4ad996303

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 09:51:33 GMT
server: Apache
etag: "209ac-5542fe0aa3340-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 41733

GET
H2 200 score.min.js Show response
js.ad-score.com/ 276 KB
94 KB 28ms
8ms Script
application/javascript 2600:1901:0:fcac::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000211
Requested by: Host: offers.hopa.com
URL: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1901:0:fcac:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e0ef1448c88db27307d42d6747d6bcc8b73a2ca7201af4bc05168d468923e2f7

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 07:53:22 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 07:53:22 GMT
age: 24562
access-control-allow-methods: GET
content-type: application/javascript
status: 200
alt-svc: clear
cache-control: public, max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
access-control-allow-origin: *
content-length: 96459
via: 1.1 google
expires: Thu, 20 Feb 2020 07:53:22 GMT

GET
H2 200 PN86Z-VXR8H-CZYYG-TVAW7-F6PYF Show response
s.go-mpulse.net/boomerang/ Frame C76E 202 KB
49 KB 1111ms
36ms Script
application/javascript 23.0.36.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/PN86Z-VXR8H-CZYYG-TVAW7-F6PYF
Requested by: Host: offers.hopa.com
URL: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.36.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-36-169.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 14:42:45 GMT
content-encoding: br
last-modified: Wed, 05 Feb 2020 02:56:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50141

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
25 KB 21ms
16ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KD944MM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20f6f2526d2d8f4add22dbe8bc2f1b4a735e56dc3eed7489a4303129d4b13b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 14:42:44 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25292
x-xss-protection: 0
last-modified: Wed, 19 Feb 2020 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Feb 2020 14:42:44 GMT

GET
H2 200 hopa_logo.png
offers.hopa.com/generic-assets/wof/assets/images/logos/ 9 KB
10 KB 499ms
497ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/logos/hopa_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3b3775a09a6dc991c2fff35e768fd73fad803e656c77656aba959a891b46e123

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/generic-assets/wof/dist/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:56 GMT
server: Apache
etag: "25e2-55429e03c6500"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 9698

GET
H2 200 engnl.png
offers.hopa.com/generic-assets/wof/assets/images/100spins/ 20 KB
21 KB 501ms
499ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/100spins/engnl.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1c450250b43884fdb10980d493414549e5669699789bea6b8292c9ecb0236369

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/generic-assets/wof/dist/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:48 GMT
server: Apache
etag: "5124-55429dfc25300"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=23
accept-ranges: bytes
content-length: 20772

GET
H2 200 overlay_btn.png
offers.hopa.com/generic-assets/wof/assets/images/ 6 KB
6 KB 498ms
496ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/overlay_btn.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b1872263d69bda56b5e2940895b17b8c255e6338e67265548bbcef9aaaf4a320

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/generic-assets/wof/dist/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:58 GMT
server: Apache
etag: "1662-55429e05ae980"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 5730

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Orbitron
Origin: https://offers.hopa.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 19:32:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1537790
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Sun, 31 Jan 2021 19:32:54 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Orbitron
Origin: https://offers.hopa.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1773047
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:11:57 GMT

GET
H2 200 yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nyGy6BoWg1fDAlp7lk.woff
fonts.gstatic.com/s/orbitron/v15/ 8 KB
9 KB 7ms
7ms Font
font/woff 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/orbitron/v15/yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nyGy6BoWg1fDAlp7lk.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095d7fcd8cc82788ce5b8691f7b6ed20414fadf5c8c7c3207e496751eac3f41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Orbitron
Origin: https://offers.hopa.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 20:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Feb 2020 00:08:37 GMT
server: sffe
age: 1188905
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8620
x-xss-protection: 0
expires: Thu, 04 Feb 2021 20:27:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD944MM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 552
date: Wed, 19 Feb 2020 14:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 19 Feb 2020 16:33:32 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 44ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD944MM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 14:42:44 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:00:50 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5df79c22-7533"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 20 Feb 2020 14:42:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: affiliate.across.it
URL: https://affiliate.across.it/v2/click/dfyy1s3qe0klnbxdkwn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: mXWK8YAGWI8ISxiI8nLPE5MG0MuuHbgGNidX6NaoToBjJoVMVyQgx2IML+zYOiUZUfaG4r3fuxZpJbIUEFRMsw==
x-fb-trip-id: 1850256238
date: Wed, 19 Feb 2020 14:42:44 GMT, Wed, 19 Feb 2020 14:42:44 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK p.js Show response
my.rtmark.net/ 709 B
1 KB 1135ms
21ms Script
text/javascript 188.42.160.46
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=58b5af2832492d653535743c972fdbcbc5f76b0521ea0ed7cd26145bec21e330

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD944MM

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.46 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

8c01768d4be8ac6d88038cc5d46423be5d199c87c4d1f07cecd03beded7f894d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 14:42:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 709

GET
H2 200 adoric.js Show response
86519160.adoric-om.com/ 119 KB
33 KB 261ms
136ms Script
text/javascript 13.35.253.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://86519160.adoric-om.com/adoric.js

Requested by

Host: affiliate.across.it
URL: https://affiliate.across.it/v2/click/dfyy1s3qe0klnbxdkwn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.60 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-60.fra6.r.cloudfront.net

Software

nginx /

Resource Hash

df30157694d7e04f84fa3f672559a315317fef7d34ea0346388c50303268583c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 14:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=15552000; includeSubDomains
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1db68-H2uJ4FcLXqp61AjTkAH0dhAoVVE"
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
x-amz-cf-id: d95w_Nkk8i99gG3ckH9m1TemiV_mPlluhsc_0oU6LVVNVzONDOsarQ==

GET
H2 200 dansk_logo.png
offers.hopa.com/generic-assets/wof/assets/images/logos/ 11 KB
11 KB 655ms
655ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/logos/dansk_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

90603f9fa771644375205a21f9414ed08b95cc0ca7dd1c4b50ce0943275db82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:52 GMT
server: Apache
etag: "2ce5-55429dfff5c00"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 11493

GET
H2 200 dk_logo.png
offers.hopa.com/generic-assets/wof/assets/images/logos/ 23 KB
23 KB 655ms
655ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/logos/dk_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b9e31d16411ea7c7808cebebe111e3e599b0d2a652e5212f7f380aaf0b54262c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:54 GMT
server: Apache
etag: "5bd5-55429e01de080"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 23509

GET
H2 200 gambling_comission.png
offers.hopa.com/generic-assets/wof/assets/images/logos/ 15 KB
15 KB 669ms
669ms Image
image/png 2.16.181.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.hopa.com/generic-assets/wof/assets/images/logos/gambling_comission.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.181.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-181-75.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6efeb63b89263e9c9997e35c11fa641e8fd95e6a996b5ad48e8246e21978b0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
last-modified: Thu, 13 Jul 2017 02:41:54 GMT
server: Apache
etag: "3b37-55429e01de080"
content-type: image/png
status: 200
date: Wed, 19 Feb 2020 14:42:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 15159

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 42 B
710 B 794ms
177ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=eeuFKlAgStNIcGXREQCsogBznFcQhyTZ-E0rFIsxubEzqNCMd33LOE07AOA==-E0/JPs1uY1riNA==&pm_ct=291802ea2861a0017469714a&pm_pl=1582123364654&pm_td=10&pid=1000211&en=1&callback=__pm_glbl_GPDzE0IUqIkpBAwbt5uxlN4M._gc1&v=78bdefd
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 7f3f01aec241b4327f934353828ffde7c6db9b333e7b34254e5073cf2649b51a

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 19 Feb 2020 14:42:45 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://offers.hopa.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 42

GET
BLOB 200
OK abe913b5-5590-41d8-ba30-0a821fadd4ed
https://offers.hopa.com/ 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://offers.hopa.com/abe913b5-5590-41d8-ba30-0a821fadd4ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
H2 200 x.html
js.ad-score.com/ Frame 61A9 0
0 115ms
114ms Document
text/html 2600:1901:0:fcac::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000211
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1901:0:fcac:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: js.ad-score.com
:scheme: https
:path: /x.html?pid=1000211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}

Response headers

status: 200
date: Wed, 19 Feb 2020 14:39:36 GMT
content-type: text/html; charset=utf-8
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:11:57 GMT
via: 1.1 google
cache-control: public, max-age=86400
content-length: 5153
age: 188
alt-svc: clear

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
271 B 633ms
123ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=eeuFKlAgStNIcGXREQCsogBznFcQhyTZ-E0rFIsxubEzqNCMd33LOE07AOA==-E0/JPs1uY1riNA==&pm_ct=291802ea2861a0017469714a&pm_pl=1582123364654&pm_td=171&pid=1000211&en=1&callback=__pm_glbl_GPDzE0IUqIkpBAwbt5uxlN4M._gc2&v=78bdefd
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://offers.hopa.com
Date: Wed, 19 Feb 2020 14:42:45 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 event Show response
sslwidget.criteo.com/ 1 KB
1 KB 1134ms
44ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=27655&v=5.5.0&p0=e%3Dce%26m%3D%255Bhttps%25253A%25252F%25252Foffers.hopa.com%25252FIE%25252FGWOF%25252F%25253Fafi%25253D24917%252526ar%25253D2576%252526mmi%25253D69493%252526par%25253D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%252526gclid%25253Ddfyy1s3qe0klnbxdkwnC272687396%25252Cdfyy1s3qe0klnbxdkwnC272687396%252526popunder%25253D%25257Bpopunder%25257D%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Ftraffic.focuusing.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=hopa.com&dtycbr=85283
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 8289d6128fdf7efb2907ca86935b29d65532572e22c20a46682d0db6f89a946c

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 14:42:45 GMT
content-encoding: gzip
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache
timing-allow-origin: *
content-length: 864
expires: 0

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1696064530&t=pageview&_s=1&dl=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiU...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85369190-1&cid=1077754004.1582123365&jid=1993165943&_gid=747366826.1582123365&gjid=1489860757&_v=j81&z=1051161661

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85369190-1&cid=1077754004.1582123365&jid=1993165943&_gid=747366826.1582123365&gjid=1489860757&_v=j81&z=1051161661

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 19 Feb 2020 14:42:44 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Feb 2020 14:42:44 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85369190-1&cid=1077754004.1582123365&jid=1993165943&_gid=747366826.1582123365&gjid=1489860757&_v=j81&z=1051161661
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1680136742252975 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1680136742252975?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

381f9b9c9273f94f934511dcee88fb042b3470fe9fbd0ea8040376ec39d096af

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114919
x-xss-protection: 0
pragma: public
x-fb-debug: hc7l2UGbzqKPw0iDluJNJJp21jRJNlfrIOp1UGYFWJ/BIQlb7DgKtW5g9lfOHipmiMGYSIVTzeW/D2Fxhs5iLg==
x-fb-trip-id: 1850256238
date: Wed, 19 Feb 2020 14:42:44 GMT, Wed, 19 Feb 2020 14:42:44 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 122565654915235 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/122565654915235?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2ba57d0f3ba908dbaebc081b2872d497d858bf3d5e8b8c4e2c937e2a3138ae1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114917
x-xss-protection: 0
pragma: public
x-fb-debug: +TpdcmRYK7x3GuAChXEV/NpuMIGfPnVuSsbB0fuINGUCd/9Ufq+B/ZIL4P+0x0J+4T06PCuSr3UTicxjud4fpw==
x-fb-trip-id: 1850256238
date: Wed, 19 Feb 2020 14:42:44 GMT, Wed, 19 Feb 2020 14:42:44 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1680136742252975&ev=PageView&dl=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26popunder%3D%7Bpopunder%7D&rl=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24917%26ar%3D2576%26campaign%3D669884%26destination%3D1424365%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26tid%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26traffic_source%3D296833%26crfn%3Dt15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&if=false&ts=1582123364910&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582123364909.529747091&it=1582123364866&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 14:42:44 GMT, Wed, 19 Feb 2020 14:42:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 19 Feb 2020 14:42:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=122565654915235&ev=PageView&dl=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26popunder%3D%7Bpopunder%7D&rl=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24917%26ar%3D2576%26campaign%3D669884%26destination%3D1424365%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26tid%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26traffic_source%3D296833%26crfn%3Dt15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&if=false&ts=1582123364937&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582123364909.529747091&it=1582123364866&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 14:42:44 GMT, Wed, 19 Feb 2020 14:42:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 19 Feb 2020 14:42:44 GMT

GET
H/1.1 200
OK adoric.v2.min.css
s3.amazonaws.com/adoric-static/ 162 KB
12 KB 505ms
136ms Stylesheet
text/css 52.216.106.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/adoric-static/adoric.v2.min.css
Requested by: Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.106.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fb7e82e38f222cf3a530ed8ebe4ebafb65e7e14ca135cf9bd8eb33f843f3a86d

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Wed, 19 Feb 2020 14:42:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Oct 2019 09:44:34 GMT
Server: AmazonS3
x-amz-request-id: 807D479D9CCC0C66
ETag: "a3e0d04f73f768c61d9d1fd7d8c5d7ea"
Content-Type: text/css
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 12270
x-amz-id-2: 9+e/u6aCgUAfdCcaeAmcTXlczX8liwsuIUosJ4leVn76joUXjetq4wG+h7cNZXlnJ+ZEB1Oimxk=

GET
H2 200 / Show response
app.adoric-om.com/v1/campaigns/ 3 KB
2 KB 543ms
158ms XHR
application/json 34.232.223.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/v1/campaigns/?user=ffae07bbfffe00e0a553f89120598c67&language=en&countryCode=0&browser=notIdentified&os=mac&href=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26popunder%3D%7Bpopunder%7D&device=desktop&currentShowsPerSession=0&partDay=A&newVisit=true&tz=-60&cIds=%5B%5D

Requested by

Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.223.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-223-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

237233242514b5698d7b0f4fe9d9b0a29c361a981fab21f75edd0f1377a5f86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 14:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"c22-bzqGjsZT0Ziw30ZDlEy3YCHeEpo"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H2 200 goals Show response
app.adoric-om.com/v1/analytics/ 36 B
567 B 131ms
131ms XHR
application/json 34.232.223.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/v1/analytics/goals?country=NL&language=en&userId=5b7ae536974042b600497844&planType=freeMonthly&planId=5b7ae536974042b600497845&domainId=5be97d88408ccfa900f6b677&isVisible=true&referrer=referral&pathname=%2Fprocess&hostname=traffic.focuusing.com&newVisitor=true&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&platform=Linux%20x86_64&os=mac&browser=notIdentified&device=desktop&withAdoric=true&controlGroup=true&showedLbs=%7B%7D&clientId=k6tfehf4uo2myr17vf&liftId=&sawLightbox=&goals=%5B%7B%22id%22%3A%225b7ae536974042b600497844%22%2C%22domainVisit%22%3Atrue%2C%22new%22%3Atrue%7D%5D&location=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26popunder%3D%7Bpopunder%7D

Requested by

Host: 86519160.adoric-om.com
URL: https://86519160.adoric-om.com/adoric.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.223.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-223-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

59cc75210f8feaa80435200814029bbd21aef8bd9ca51ddf42942db3a376b338

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 19 Feb 2020 14:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"24-B+xWnaOdrylOT5quzqgfWWzJ4UQ"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H/1.1 405
Method Not Allowed cors
data.ad-score.com/data/ 0
620 B 127ms
127ms Image
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.ad-score.com/data/cors?pid=1000211&tid=24917&l1=2576&utid=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&uip=85.159.237.67&ref=http://traffic.focuusing.com/processafi&ar=2576&campaign=669884&destination=1424365&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&traffic_source=296833&crfn=t15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&pub_domain=hopa.com&cb=5e4d4964685f1&sstr=U2NyaXB0IGVycm9yLiAgMCAw&v=78bdefd&s=er&url=aHR0cHM6Ly9vZmZlcnMuaG9wYS5jb20vSUUvR1dPRi8/YWZpPTI0OTE3JmFyPTI1NzYmbW1pPTY5NDkzJnBhcj01ZjUxMk4zU3M2Q3RpNnVXaVVDcWhIOU15ME02WTRjJmdjbGlkPWRmeXkxczNxZTBrbG5ieGRrd25DMjcyNjg3Mzk2LGRmeXkxczNxZTBrbG5ieGRrd25DMjcyNjg3Mzk2JnBvcHVuZGVyPXtwb3B1bmRlcn0=&pm_st=eeuFKlAgStNIcGXREQCsogBznFcQhyTZ-E0rFIsxubEzqNCMd33LOE07AOA==-E0/JPs1uY1riNA==&pm_ct=291802ea2861a0017469714a&pm_pl=1582123364654
Requested by: Host: offers.hopa.com
URL: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Wed, 19 Feb 2020 14:42:45 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame C76E 720 B
993 B 48ms
33ms XHR
application/json 2a02:26f0:eb:1a3::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=PN86Z-VXR8H-CZYYG-TVAW7-F6PYF&d=offers.hopa.com&t=5273745&v=1.667.0&if=&sl=0&si=4rpxdl6jmgt-q5ye78&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,LOGN&acao=&ak.ai=574670
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/PN86Z-VXR8H-CZYYG-TVAW7-F6PYF
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:1a3::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 77016968d804eb59fd5610f0e93a31d4e64081135c584b6f02e9defcfa4c4adf

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 19 Feb 2020 14:42:45 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 720
Content-Type: application/json

GET
H/1.1 200
OK img.gif
my.rtmark.net/ 43 B
707 B 54ms
54ms Image
image/gif 188.42.160.46
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=58b5af2832492d653535743c972fdbcbc5f76b0521ea0ed7cd26145bec21e330&ttl=&rurl=http://traffic.focuusing.com/process?afi=24917&ar=2576&campaign=669884&destination=1424365&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&tid=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&traffic_source=296833&crfn=t15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.46 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 19 Feb 2020 14:42:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 43

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 82ms
30ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: offers.hopa.com
URL: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 14:42:46 GMT
content-encoding: gzip
x-amz-request-id: 3F6B13CD94955BD2
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: owq7LTC2ddnOfWY1uKv5BtBpowDIkcMDm/PvX4TjjjLvjnZV9HT8nBCSuZA0UK8UjkDDMb8Gv+k=
x-served-by: cache-fra19164-FRA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1582123366.043262,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 570

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1696064530&t=adtiming&_s=2&dl=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiU...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85369190-1&cid=1077754004.1582123365&jid=1438978750&_gid=747366826.1582123365&gjid=1420100747&_v=j81&z=1091386828

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85369190-1&cid=1077754004.1582123365&jid=1438978750&_gid=747366826.1582123365&gjid=1420100747&_v=j81&z=1091386828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Wed, 19 Feb 2020 14:42:46 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Feb 2020 14:42:46 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85369190-1&cid=1077754004.1582123365&jid=1438978750&_gid=747366826.1582123365&gjid=1420100747&_v=j81&z=1091386828
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 6b892fae85 Show response
bam.nr-data.net/1/ 57 B
275 B 521ms
131ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6b892fae85?a=180203996&v=1167.2a4546b&to=ZFVSZ0tUXhFZWxIKVl0fZUFQGnknF38xLH8cWV5XXE0eElBI&rst=2064&ref=https://offers.hopa.com/IE/GWOF/&be=466&fe=1976&dc=664&perf=%7B%22timing%22:%7B%22of%22:1582123364002,%22n%22:0,%22f%22:6,%22dn%22:13,%22dne%22:48,%22c%22:48,%22s%22:67,%22ce%22:346,%22rq%22:346,%22rp%22:452,%22rpe%22:482,%22dl%22:454,%22di%22:663,%22ds%22:663,%22de%22:787,%22dc%22:1975,%22l%22:1975,%22le%22:1979%7D,%22navigation%22:%7B%7D%7D&fp=551&fcp=551&at=SBJREQNOTR8%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
271 B 128ms
128ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=eeuFKlAgStNIcGXREQCsogBznFcQhyTZ-E0rFIsxubEzqNCMd33LOE07AOA==-E0/JPs1uY1riNA==&pm_ct=291802ea2861a0017469714a&pm_pl=1582123364654&pm_td=1430&pid=1000211&en=1&callback=__pm_glbl_GPDzE0IUqIkpBAwbt5uxlN4M._gc3&v=78bdefd
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://offers.hopa.com
Date: Wed, 19 Feb 2020 14:42:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1680136742252975&ev=Microdata&dl=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26popunder%3D%7Bpopunder%7D&rl=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24917%26ar%3D2576%26campaign%3D669884%26destination%3D1424365%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26tid%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26traffic_source%3D296833%26crfn%3Dt15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&if=false&ts=1582123366415&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Golden%20Wheel%20of%20Fortune%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582123366414.1245961878&it=1582123364866&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 14:42:46 GMT, Wed, 19 Feb 2020 14:42:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 19 Feb 2020 14:42:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=122565654915235&ev=Microdata&dl=https%3A%2F%2Foffers.hopa.com%2FIE%2FGWOF%2F%3Fafi%3D24917%26ar%3D2576%26mmi%3D69493%26par%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26popunder%3D%7Bpopunder%7D&rl=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24917%26ar%3D2576%26campaign%3D669884%26destination%3D1424365%26gclid%3Ddfyy1s3qe0klnbxdkwnC272687396%2Cdfyy1s3qe0klnbxdkwnC272687396%26tid%3D5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c%26traffic_source%3D296833%26crfn%3Dt15f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&if=false&ts=1582123366439&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Golden%20Wheel%20of%20Fortune%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582123366414.1245961878&it=1582123364866&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 14:42:46 GMT, Wed, 19 Feb 2020 14:42:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 19 Feb 2020 14:42:46 GMT

POST
H2 204 /
685b3918.akstat.io/ 0
202 B 201ms
99ms Other
image/gif 23.0.36.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://685b3918.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/PN86Z-VXR8H-CZYYG-TVAW7-F6PYF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.0.36.169 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-0-36-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 19 Feb 2020 14:42:46 GMT
access-control-allow-origin: https://offers.hopa.com
content-type: image/gif
status: 204
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Wed, 19 Feb 2020 14:42:46 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
271 B 124ms
124ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=eeuFKlAgStNIcGXREQCsogBznFcQhyTZ-E0rFIsxubEzqNCMd33LOE07AOA==-E0/JPs1uY1riNA==&pm_ct=291802ea2861a0017469714a&pm_pl=1582123364654&pm_td=2125&pid=1000211&en=1&callback=__pm_glbl_GPDzE0IUqIkpBAwbt5uxlN4M._gc4&v=78bdefd
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://offers.hopa.com
Date: Wed, 19 Feb 2020 14:42:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
271 B 114ms
113ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=eeuFKlAgStNIcGXREQCsogBznFcQhyTZ-E0rFIsxubEzqNCMd33LOE07AOA==-E0/JPs1uY1riNA==&pm_ct=291802ea2861a0017469714a&pm_pl=1582123364654&pm_td=2224&pid=1000211&en=1&callback=__pm_glbl_GPDzE0IUqIkpBAwbt5uxlN4M._gc5&v=78bdefd
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://offers.hopa.com/IE/GWOF/?afi=24917&ar=2576&mmi=69493&par=5f512N3Ss6Cti6uWiUCqhH9My0M6Y4c&gclid=dfyy1s3qe0klnbxdkwnC272687396,dfyy1s3qe0klnbxdkwnC272687396&popunder={popunder}
Origin: https://offers.hopa.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://offers.hopa.com
Date: Wed, 19 Feb 2020 14:42:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hopa.com/	1970-01-19 07:38:48	Name: RT Value: "z=1&dm=hopa.com&si=183b85d9-c3d7-4cc7-ac2f-4a46ea400e5f&ss=k6tfegma&sl=1&tt=1iz&bcn=%2F%2F685b3918.akstat.io%2F&ld=1j0"

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://js.ad-score.com/score.min.js?pid=1000211(Line 179) Message: [object Text]
console-api	debug	URL: https://js.ad-score.com/score.min.js?pid=1000211(Line 154) Message:
console-api	error	URL: https://86519160.adoric-om.com/adoric.js(Line 1) Message: _Adoric_error: TypeError: Cannot read property 'setItem' of null
console-api	log	URL: https://offers.hopa.com/generic-assets/wof/dist/scripts/script.min.js(Line 14) Message: 0 1867

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

685b3918.akstat.io
86519160.adoric-om.com
affiliate.across.it
app.adoric-om.com
bam.nr-data.net
c.go-mpulse.net
connect.facebook.net
data.ad-score.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.ad-score.com
my.rtmark.net
offers.hopa.com
red.ideamakasiini.com
s.go-mpulse.net
s3.amazonaws.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
traffic.focuusing.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.35.253.60
130.211.115.4
151.101.14.110
162.247.242.20
178.250.0.163
178.255.74.54
188.42.160.46
2.16.181.75
23.0.36.169
2600:1901:0:fcac::
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81e::200a
2a00:1450:400c:c00::9b
2a02:2638:1::3
2a02:26f0:eb:1a3::11a6
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.232.223.196
34.241.215.75
5.135.140.177
52.216.106.69
095d7fcd8cc82788ce5b8691f7b6ed20414fadf5c8c7c3207e496751eac3f41a
0c94c9b02a903b8cfcc9216b546b0527f45c7cff2be2f23cb13c49773b710f1d
0e2ca4e1158f81d83abdfe7a14073d182ed806342d0018ea1a250d6deb5ee0e2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c450250b43884fdb10980d493414549e5669699789bea6b8292c9ecb0236369
1d754bb9b28886580f1fc90feaefcb078e49677f64060cc461749e694ce7ac71
20f6f2526d2d8f4add22dbe8bc2f1b4a735e56dc3eed7489a4303129d4b13b37
237233242514b5698d7b0f4fe9d9b0a29c361a981fab21f75edd0f1377a5f86b
25b11c9ac5fabd9309e8fae77620b2bd4da4d6c5ae419f7be0189d867c71fdf5
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d
3725472cffa27bbd2c0ee1242869c612fed8d610243992ecd97d7a80aa04d52e
381f9b9c9273f94f934511dcee88fb042b3470fe9fbd0ea8040376ec39d096af
3b3775a09a6dc991c2fff35e768fd73fad803e656c77656aba959a891b46e123
4470fc836a34b8fa3932567ac16e87143e93ae0b6025967b7112960e84dbba55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50817335b193b62b99cb7ec1f6cab34e4776036aa3bf364bd4f76b1f6ac94a0b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58b64ee655e9675b9c929033b9fff755cbaa9e5d1bdf93c09ad6ca87a223e486
59cc75210f8feaa80435200814029bbd21aef8bd9ca51ddf42942db3a376b338
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6efeb63b89263e9c9997e35c11fa641e8fd95e6a996b5ad48e8246e21978b0df
7501941a419e13efa5628ca979ae4cfb30e6b43df57239f4bd9321412e8908b2
77016968d804eb59fd5610f0e93a31d4e64081135c584b6f02e9defcfa4c4adf
7f3f01aec241b4327f934353828ffde7c6db9b333e7b34254e5073cf2649b51a
7f4bcfde0899b5f707ffb335b91bb79b0f167bc0f151cd3f4a97fd5ecd1437e1
7f87c5d9d77a2951cf8d730caf419c0cde43be3395efe9cb4e8cd61ffc16c991
8289d6128fdf7efb2907ca86935b29d65532572e22c20a46682d0db6f89a946c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c01768d4be8ac6d88038cc5d46423be5d199c87c4d1f07cecd03beded7f894d
90603f9fa771644375205a21f9414ed08b95cc0ca7dd1c4b50ce0943275db82b
907cb937603341dcdb700423fd83a73d85aa1f65b96356ba2b37a60fa5114966
99186e3f482b4dd985184ab8095fef0783c5cef7ad2ede879f666677ecf2c730
9fb974b84a129972abbd1e2e5cfdf685cab5f6f22d881adf3845bc73b43eb4ad
a06b2f8f123b1f66cc0c4119192e333513d39ea9ca358288ba3ac3887bb4036b
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4ab348b22ac581e8f7c255b9b8491d1112ee0caddb8943ef0cc132e8d4838a6
a6dac8042626e5bae65ee7498b3709b7c0196730be7ce031b554cbc530d850e9
b1872263d69bda56b5e2940895b17b8c255e6338e67265548bbcef9aaaf4a320
b54368d107d9e76b0d36a0ef60f8200033196faa79feaa23a03ef85d4d687ec1
b7dbafb8f8e3356d5d9feb531c7e9a0f8d5fb503698d238721e487da03653d48
b9e31d16411ea7c7808cebebe111e3e599b0d2a652e5212f7f380aaf0b54262c
beb7757c36133e5e2bbace9f195c206d2deb9a03162ce393e11efce2c3d6c4fc
c7f06020ea8fba0ad3708a0321ab482d1b7930ec879d11f6d423b119e6430ebd
c96ba3216e654b5b5744192455f1f8b0153b4e2bbefa94014ffdd5fb16d878e6
cacd462ac2a5ee49b77e8a257b4bfccdbf2116ed0875095c03a02fa4ad996303
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d6cfa1e391b852e078d0dfb87f34b855c5bfa8ba521e8ccbfab203fa0f593b3a
da7a78a3218fab63ebb9a5c9241f6d2ad3ee55d663d964648d18ee5dd57fdaa5
df30157694d7e04f84fa3f672559a315317fef7d34ea0346388c50303268583c
e0ef1448c88db27307d42d6747d6bcc8b73a2ca7201af4bc05168d468923e2f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d1c0f0d317ba616313802936d644d9e4c5efafbd7ab1ef21a46e868a7e8d35
e8bd64455f4e943137bfb75e4d9fda0ea2daa22128e693a4a4ea6acb4c26177b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb9916d09e71e052fc763f0a14e0953a41579c999bbeac748cf01999826a3435
f2ba57d0f3ba908dbaebc081b2872d497d858bf3d5e8b8c4e2c937e2a3138ae1
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
fb7e82e38f222cf3a530ed8ebe4ebafb65e7e14ca135cf9bd8eb33f843f3a86d

offers.hopa.com Open in urlscan Pro 2.16.181.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

96 %HTTPS

43 %IPv6

21 Domains

24 Subdomains

23 IPs

8 Countries

1530 kBTransfer

3092 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offers.hopa.com Open in urlscan Pro
2.16.181.75 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

96 %
HTTPS

43 %
IPv6

21
Domains

24
Subdomains

23
IPs

8
Countries

1530 kB
Transfer

3092 kB
Size

1
Cookies

70 HTTP transactions
2 data transactions