urlscan.io logo urlscan.io
SecurityTrails logo

halfoffdeals.com Open in urlscan Pro
107.155.71.138  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u9734906.ct.sendgrid.net/ls/click?upn=CVuP7UctsNCEKmZhQJ4QJZvgMPfW7Kv-2Bp7Uz3OVwOEAwuqt2ygbWMIzoYtB-2FaqqWSqk0DYKHCo77wi6...
Effective URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Submission: On October 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 2 countries across 21 domains to perform 67 HTTP transactions. The main IP is 107.155.71.138, located in Tampa, United States and belongs to HVC-AS, US. The main domain is halfoffdeals.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 31st 2021. Valid for: a year.
This is the only time halfoffdeals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.121 11377 (SENDGRID)
16 107.155.71.138 29802 (HVC-AS)
4 151.139.128.11 20446 (HIGHWINDS3)
6 142.250.185.194 15169 (GOOGLE)
2 162.55.133.189 24940 (HETZNER-AS)
2 195.201.168.223 24940 (HETZNER-AS)
1 107.154.132.4 19551 (INCAPSULA)
3 104.21.84.182 13335 (CLOUDFLAR...)
1 142.250.185.232 15169 (GOOGLE)
1 216.58.212.170 15169 (GOOGLE)
3 107.155.71.39 29802 (HVC-AS)
2 142.250.185.99 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
1 143.204.98.52 16509 (AMAZON-02)
7 104.17.203.53 13335 (CLOUDFLAR...)
1 34.204.113.242 14618 (AMAZON-AES)
1 184.73.100.94 14618 (AMAZON-AES)
2 142.250.181.238 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 143.204.98.23 16509 (AMAZON-02)
1 173.194.76.156 15169 (GOOGLE)
2 142.250.186.164 15169 (GOOGLE)
2 143.204.98.106 16509 (AMAZON-02)
1 107.20.140.231 14618 (AMAZON-AES)
1 50.115.22.240 53861 (AS-KGIX)
2 142.250.186.33 15169 (GOOGLE)
67 27
1    167.89.115.121 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net
u9734906.ct.sendgrid.net
16    107.155.71.138 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: web1.halfoffdeal.com
halfoffdeals.com
static.halfoffdeal.com
shop.halfoffdeal.com
4    151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
cdn.shareaholic.net
m9m6e2w5.stackpathcdn.com
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
2    162.55.133.189 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.189.133.55.162.clients.your-server.de
scripts.sirv.com
2    195.201.168.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.168.201.195.clients.your-server.de
spismovi.sirv.com
1    107.154.132.4 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.4.ip.incapdns.net
bcg.coupons.com
3    104.21.84.182 (United States)

ASN13335 (CLOUDFLARENET, US)
sharecdn.social9.com
1    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
1    216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net
fonts.googleapis.com
3    107.155.71.39 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: 107-155-71-39-customer-incero.com
images.neofill.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
1    143.204.98.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-52.fra50.r.cloudfront.net
cdn.branch.io
7    104.17.203.53 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jst.ai
my.jst.ai
aly.jst.ai
1    34.204.113.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-113-242.compute-1.amazonaws.com
analytics.shareaholic.com
1    184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com
www.shareaholic.net
2    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.com
1    143.204.98.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-23.fra50.r.cloudfront.net
app.link
1    173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net
2    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
2    143.204.98.106 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-106.fra50.r.cloudfront.net
api.branch.io
1    107.20.140.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-140-231.compute-1.amazonaws.com
partner.shareaholic.com
1    50.115.22.240 (United States)

ASN53861 (AS-KGIX, US)
PTR: www.halfoffdeals.com
shop.halfoffdeals.com
2    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
tpc.googlesyndication.com
Domain Requested by
9 halfoffdeals.com halfoffdeals.com
6 pagead2.googlesyndication.com halfoffdeals.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 cdn.jst.ai halfoffdeals.com
cdn.jst.ai
4 shop.halfoffdeal.com halfoffdeals.com
3 images.neofill.com scripts.sirv.com
halfoffdeals.com
3 m9m6e2w5.stackpathcdn.com cdn.shareaholic.net
halfoffdeals.com
3 sharecdn.social9.com halfoffdeals.com
3 static.halfoffdeal.com halfoffdeals.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 api.branch.io cdn.branch.io
2 www.google.com halfoffdeals.com
tpc.googlesyndication.com
2 my.jst.ai cdn.jst.ai
halfoffdeals.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 spismovi.sirv.com halfoffdeals.com
2 scripts.sirv.com halfoffdeals.com
scripts.sirv.com
1 aly.jst.ai halfoffdeals.com
1 shop.halfoffdeals.com halfoffdeals.com
1 partner.shareaholic.com m9m6e2w5.stackpathcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 app.link cdn.branch.io
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.shareaholic.net cdn.shareaholic.net
1 analytics.shareaholic.com m9m6e2w5.stackpathcdn.com
1 cdn.branch.io halfoffdeals.com
1 fonts.googleapis.com halfoffdeals.com
1 www.googletagmanager.com halfoffdeals.com
1 bcg.coupons.com halfoffdeals.com
1 cdn.shareaholic.net halfoffdeals.com
1 u9734906.ct.sendgrid.net 1 redirects
67 32
Subject Issuer Validity Valid
halfoffdeals.com
Go Daddy Secure Certificate Authority - G2		 2021-08-31 -
2022-08-31		 a year crt.sh
cdn.shareaholic.net
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.sirv.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-11 -
2022-11-11		 a year crt.sh
*.halfoffdeal.com
Go Daddy Secure Certificate Authority - G2		 2021-07-27 -
2022-08-28		 a year crt.sh
*.coupons.com
Go Daddy Secure Certificate Authority - G2		 2020-10-27 -
2021-11-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-31 -
2022-05-31		 a year crt.sh
images.neofill.com
cPanel, Inc. Certification Authority		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-25		 a year crt.sh
cdn.jst.ai
Cloudflare Inc ECC CA-3		 2021-06-05 -
2022-06-04		 a year crt.sh
shareaholic.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.shareaholic.net
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
appipv4.link
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
my.jst.ai
Cloudflare Inc ECC CA-3		 2021-05-31 -
2022-05-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.shareaholic.com
R3		 2021-10-01 -
2021-12-30		 3 months crt.sh
shop.halfoffdeals.com
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
aly.jst.ai
Cloudflare Inc ECC CA-3		 2021-04-14 -
2022-04-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 8 frames:

Primary Page: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Frame ID: D894943B300114E771BD1620A2FDE2A4
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: C39922DAC06DC658EA711530096CE10A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1849320143650400&output=html&adk=2802182017&adf=65010789&lmt=1634649459&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhalfoffdeals.com%2Findex.php%3Findex_type%3Dpromo-detail%26h%3D1295607&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634649459148&bpp=10&bdt=471&idt=120&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=909790770645&frm=20&pv=2&ga_vid=112281183.1634649459&ga_sid=1634649459&ga_hid=534177069&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750886%2C182982100%2C182982300%2C31062526%2C44748552&oid=2&pvsid=1119163805724298&pem=954&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136
Frame ID: 33B7B65E06797EC0ABFD6A8DCE35C29E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jst.ai/store_4.1.html?v=3.84
Frame ID: 7809FE7009ED823ED61BC9C7E0F4170E
Requests: 1 HTTP requests in this frame

Frame: https://shop.halfoffdeals.com/local/assets3/img/hod-app-logo-50x50.png
Frame ID: 69AE6339C49D69D7B2F76917FC2D398F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jst.ai/store_4.1.html?v=3.84
Frame ID: CC976FE336F78EBCD317CA8454FCC0FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 25CDAF10AEF6D2833070E95DE1CA36C0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B01EFE3FDCCD175E605604649759ADA5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gold Layer Necklace for Women With Druzy Stone Butterfly Pendant - $25.50 with FREE Shipping! | HalfOffDeals

Page URL History Show full URLs

  1. https://u9734906.ct.sendgrid.net/ls/click?upn=CVuP7UctsNCEKmZhQJ4QJZvgMPfW7Kv-2Bp7Uz3OVwOEAwuqt2ygbWMIzoYtB-2... HTTP 302
    https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

67
Requests

100 %
HTTPS

0 %
IPv6

21
Domains

32
Subdomains

27
IPs

2
Countries

1186 kB
Transfer

2968 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u9734906.ct.sendgrid.net/ls/click?upn=CVuP7UctsNCEKmZhQJ4QJZvgMPfW7Kv-2Bp7Uz3OVwOEAwuqt2ygbWMIzoYtB-2FaqqWSqk0DYKHCo77wi6m86w6GUZNptS0oY-2FFLLRqZzkY3gg-3DU-2P_17xnVp38RXAoRoC8pyEQEth2aA40ZHJwCU4vqKV2sntQecQsHWrhMs-2Fq0QkpXtK11OoRzrEg43oZ5rwlrvnmS3s-2FYmOkRQkK6qXbRfkW1KtoHGtowBnR6vNdoHFxw9yCFNgUPpx7bN-2Fow6vGEbVyKRGNBqiE-2F50gSnsUVTYdEtTBCxZyV7uugyjNEufREaQQiH15B0mQL7dm0QANRSaRCMatmiHy5oAaLkDD2YfGpmwDr1EK-2BocapUtoizFXPEDwtn55fmfjGvRLPBO8cagNGIh3atQlQuBEhG1-2BEhryZpeBUZ20XdKaWYBPiaouNrkGybTLVQ-2FrjHFIizjdzc2Oj8QjT9lqn45PoMHX-2BFApCDmLlfV4qG2Pjn2-2F-2BfVAzaL9g-2BAxND0wVPXR07XIqLZJEJvhaB-2BBiB4zheD7AV71K-2B0DqpeuNeqNunSq0WcTfZJd5mTtZcnmvN6FHXtk-2BAkj-2B-2F2V2NYti9NjfHZNRkK2uiJidZ3PsIlPy4ogO64f9WdtfiSByP5uzQm3tp35soIi6pOcsFTfkyaNAOpN5Xxjz5xEZh4YVyKG5g1blq3MlPR2y-2Bc9f2cuRdE1KNvjxle5JntqlUhxrlPKuzo2GJUpxooDAi4n6mI36HVRJyOPTzPlgpy7-2B-2BH7sP5Rz0O4ZAo9mdz13x-2BzWJl3-2FoyZJKe-2FfPkMgOEg2Jg-2Fy9w8izdsN0icEn2q2U-2F8JA6Xek94AJYPEPTayw7yYe01vAPmrhgGk5OkRCr1-2BNexl3NuXDStp7uBbik2l8Byct4KPl72qSgzOs6TXWUfepFayrf82rOOwIhgOiGHbL-2Fddkk2GhEt1qD9jHFi-2FtsERckqtrN8ir4q26Yyhamjj8LRbVCZ0Yb85RV7clMLQDCGw0ElUOjLPZcntUmGLISRyvW2Ndrj9ZQwMgT7v5SgQhoXkvmNt0RG4ertEK18o439EzW0HWE6WglUstJSESjLkmnMwBgSu-2FpXxWc7Iypq1WiOjl-2Fj-2Fuq8zNg-3D HTTP 302
    https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
halfoffdeals.com/
Redirect Chain
  • https://u9734906.ct.sendgrid.net/ls/click?upn=CVuP7UctsNCEKmZhQJ4QJZvgMPfW7Kv-2Bp7Uz3OVwOEAwuqt2ygbWMIzoYtB-2FaqqWSqk0DYKHCo77wi6m86w6GUZNptS0oY-2FFLLRqZzkY3gg-3DU-2P_17xnVp38RXAoRoC8pyEQEth2aA40ZH...
  • https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
949ea4bfccb4162fa1244230f8fb1a123958fa1009c77c6cb52af05ae2a5be4c

Request headers

:method
GET
:authority
halfoffdeals.com
:scheme
https
:path
/index.php?index_type=promo-detail&h=1295607
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 19 Oct 2021 13:17:38 GMT
content-type
text/html
vary
Accept-Encoding
cache-control
no-cache
pragma
no-cache
access-control-allow-origin
https://www.halfoffdeal.com
set-cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; expires=Tue, 19-Oct-2021 13:27:38 GMT; Max-Age=600; path=/ station_city=Hartville; expires=Fri, 19-Nov-2021 14:17:38 GMT; Max-Age=2682000; path=/ station_state=Ohio; expires=Fri, 19-Nov-2021 14:17:38 GMT; Max-Age=2682000; path=/ last_visit=shop; expires=Thu, 18-Nov-2021 13:17:38 GMT; Max-Age=2592000; path=/; domain=halfoffdeals.com layout=thumbs; expires=Thu, 18-Nov-2021 13:17:38 GMT; Max-Age=2592000; path=/ perpage=200; expires=Thu, 18-Nov-2021 13:17:38 GMT; Max-Age=2592000; path=/ bestsellers_cats=a%3A0%3A%7B%7D; expires=Thu, 01-Jan-1970 01:00:00 GMT; Max-Age=0; path=/ counter=1; expires=Wed, 20-Oct-2021 13:17:38 GMT; Max-Age=86400 Details0=1; expires=Wed, 20-Oct-2021 13:17:38 GMT; Max-Age=86400
p3p
CP='NOI DSP COR NID NOR'
x-srv-id
1
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 19 Oct 2021 13:17:38 GMT
Content-Type
text/html; charset=utf-8
Content-Length
95
Connection
keep-alive
Location
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
X-Robots-Tag
noindex, nofollow
shareaholic.js
cdn.shareaholic.net/assets/pub/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
679901193bec155d1919e74ea8191861eebf56293c9283a1081490ecedef0f57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:38 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 19:53:45 GMT
server
nginx
x-amz-request-id
A6RK5HGS42XQCVGB
etag
"a3f496c7cfed372a6cd67eba41be4c69"
x-hw
1634649458.cds007.fr8.hn,1634649458.cds285.fr8.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1200, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
3707
x-amz-id-2
K+85MV810VHwZFVylATfyWvnv/s6FWOuQIPZutJEE+lijCISTdRHLZxD2bT0rUOHSosD9vimN6I=
hod-shop.css
halfoffdeals.com/includes/template_9/themes/three/2020/css/ 		295 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
e1456476de5a35f7f8eab6e3711c9758b2b455115a2ee8cc02d7872ead085ad3

Request headers

:path
/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
pragma
no-cache
cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; station_city=Hartville; station_state=Ohio; last_visit=shop; layout=thumbs; perpage=200; counter=1; Details0=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
halfoffdeals.com
referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:38 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 21:29:11 GMT
server
nginx
etag
W/"5fd3e4a7-49aca"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800 public, must-revalidate, proxy-revalidate
expires
Tue, 26 Oct 2021 13:17:38 GMT
webfont.js
halfoffdeals.com/includes/template_9/themes/three/js/dist/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halfoffdeals.com/includes/template_9/themes/three/js/dist/webfont.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2

Request headers

:path
/includes/template_9/themes/three/js/dist/webfont.js
pragma
no-cache
cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; station_city=Hartville; station_state=Ohio; last_visit=shop; layout=thumbs; perpage=200; counter=1; Details0=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
halfoffdeals.com
referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:38 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2016 17:16:05 GMT
server
nginx
etag
W/"56f2cf55-4522"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800 public, must-revalidate, proxy-revalidate
expires
Tue, 26 Oct 2021 13:17:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1f6fee9842ed78087a6e40668ee09e05106d8b47626d588ad871b5ff4d6445c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50922
x-xss-protection
0
server
cafe
etag
10979171463887365244
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 13:17:39 GMT
sirv.js
scripts.sirv.com/sirvjs/v3/ 		521 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.sirv.com/sirvjs/v3/sirv.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.133.189 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.189.133.55.162.clients.your-server.de
Software
Sirv.Imagination /
Resource Hash
abea9f57fd26db2bcb7b4a5e625d3eb21c8444365fcd461fb6a1d40759a22d88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:38 GMT
content-encoding
gzip
vary
Accept-Encoding
x-account-serial
2021-03-03T14:57:03.711Z
x-account-id
noh0ea1fkeohhwnrcotx1emvmvxo8nhb
x-sirv-server
c1-extra2-fireball-5
x-file-versionid
ZcWKHAum4RrKv2JQ3mtV6XPxDhLPeIoI:26
last-modified
Fri, 15 Oct 2021 11:37:24 GMT
server
Sirv.Imagination
etag
W/"616967f4-823f5"
x-sirv-shard
c1-riak4
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=605700
x-sirv-cache
HIT
access-control-allow-headers
*
expires
Tue, 26 Oct 2021 13:32:38 GMT
hod-wordmark.svg
spismovi.sirv.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spismovi.sirv.com/images/hod-wordmark.svg
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.168.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.168.201.195.clients.your-server.de
Software
Sirv.Imagination /
Resource Hash
c346363cfcaf37bc782e0df71b944f8d14b6794761071c542c489072a4db4ae0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
vary
Accept-Encoding
x-account-serial
2019-11-25T13:10:43.533Z
x-account-id
mwubhouau81yw52kqfe8l9adpuczaveu
x-sirv-server
c1-extra1-fireball-2
x-file-versionid
0LoDt9nMWzKRWhiNCeUf3Pvy4R3hjMXs:0
last-modified
Tue, 01 Sep 2020 17:09:53 GMT
server
Sirv.Imagination
etag
W/"5f4e8061-93f"
x-sirv-shard
c1-riak2
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=605700
x-sirv-cache
HIT
access-control-allow-headers
*
expires
Tue, 26 Oct 2021 13:32:39 GMT
hod-logo.png
halfoffdeals.com/includes/template_9/themes/hod/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halfoffdeals.com/includes/template_9/themes/hod/images/hod-logo.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
1640a660cc2a3667ed45c277ab2aa41cb01792feabae6d7d90f5a6f767572a1f

Request headers

:path
/includes/template_9/themes/hod/images/hod-logo.png
pragma
no-cache
cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; station_city=Hartville; station_state=Ohio; last_visit=shop; layout=thumbs; perpage=200; counter=1; Details0=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
halfoffdeals.com
referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Wed, 23 Mar 2016 17:16:05 GMT
server
nginx
etag
"56f2cf55-677"
content-type
image/png
cache-control
max-age=604800 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
1655
expires
Tue, 26 Oct 2021 13:17:39 GMT
secure-order-img.png
static.halfoffdeal.com/includes/template_9/themes/three/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.halfoffdeal.com/includes/template_9/themes/three/images/secure-order-img.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
7f0870386ebb6b98b5e20b33b714013d49a25064aadd9f55cec26ed1d361d825

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Wed, 23 Mar 2016 17:16:06 GMT
server
nginx
etag
"56f2cf56-ca8"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
3240
expires
Tue, 26 Oct 2021 13:17:39 GMT
fast-shipping-img.png
static.halfoffdeal.com/includes/template_9/themes/three/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.halfoffdeal.com/includes/template_9/themes/three/images/fast-shipping-img.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
151b4d2c5050b60ed712b77b11c42b9d22e90c84feb6efabc62370a467485dd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Wed, 23 Mar 2016 17:16:06 GMT
server
nginx
etag
"56f2cf56-e30"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
3632
expires
Tue, 26 Oct 2021 13:17:39 GMT
pid-cc-icons2.png
static.halfoffdeal.com/includes/template_9/themes/three/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.halfoffdeal.com/includes/template_9/themes/three/images/pid-cc-icons2.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
9f34150ff6bcdbbf7e586b27e9313feb2e07d691df6ea8d64e78a4af88faa3db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Wed, 23 Mar 2016 17:16:06 GMT
server
nginx
etag
"56f2cf56-158d"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
5517
expires
Tue, 26 Oct 2021 13:17:39 GMT
hod-app-pid-ad.png
spismovi.sirv.com/hods/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spismovi.sirv.com/hods/hod-app-pid-ad.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.168.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.168.201.195.clients.your-server.de
Software
Sirv.Imagination /
Resource Hash
4d4f7bcebfbd9789413c4f1fd449d0d3901019d293f54b86cff6504d828ed80e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
x-sirv-meta-width
300
x-account-serial
2019-11-25T13:10:43.533Z
x-account-id
mwubhouau81yw52kqfe8l9adpuczaveu
x-sirv-server
c1-extra1-fireball-3
x-file-versionid
ktkBaQMrXaKA4TxFnYxYIBUamcx1DCR7:1
content-length
23666
last-modified
Mon, 21 Sep 2020 18:21:57 GMT
server
Sirv.Imagination
etag
"5f68ef45-5c72"
x-sirv-shard
c1-riak2
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=605700
x-sirv-meta-height
600
x-sirv-cache
HIT
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 26 Oct 2021 13:32:39 GMT
/
bcg.coupons.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bcg.coupons.com/?scriptId=47493&bid=1542400001&format=718x940&bannerType=3&channel=hod
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.4 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.4.ip.incapdns.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
amex-icon.png
shop.halfoffdeal.com/includes/template_9/themes/three/images/ 		627 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.halfoffdeal.com/includes/template_9/themes/three/images/amex-icon.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
695a0fe8777f47d0e2569c7fece6104c82a4101ca35049c013fb2e23969ab75f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Wed, 23 Mar 2016 17:16:06 GMT
server
nginx
etag
"56f2cf56-273"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
627
expires
Tue, 26 Oct 2021 13:17:39 GMT
discover-icon.png
shop.halfoffdeal.com/includes/template_9/themes/three/images/ 		570 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.halfoffdeal.com/includes/template_9/themes/three/images/discover-icon.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
66cc3b327efee8acbc7b147c1e671dceb351a9aa5e81ef9f9568096471f28c1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Wed, 23 Mar 2016 17:16:06 GMT
server
nginx
etag
"56f2cf56-23a"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
570
expires
Tue, 26 Oct 2021 13:17:39 GMT
mastcard-icon.png
shop.halfoffdeal.com/includes/template_9/themes/three/images/ 		711 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.halfoffdeal.com/includes/template_9/themes/three/images/mastcard-icon.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
5325bde0be833368517c950983e053401ad56296910e1981c0186cdc6dc71a8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Wed, 23 Mar 2016 17:16:08 GMT
server
nginx
etag
"56f2cf58-2c7"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
711
expires
Tue, 26 Oct 2021 13:17:39 GMT
visa-icon.png
shop.halfoffdeal.com/includes/template_9/themes/three/images/ 		527 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.halfoffdeal.com/includes/template_9/themes/three/images/visa-icon.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
e8a661108f54f98ea5561835883cf004e7c6d18f97376b7f67d2156233822b90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Wed, 23 Mar 2016 17:16:08 GMT
server
nginx
etag
"56f2cf58-20f"
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
527
expires
Tue, 26 Oct 2021 13:17:39 GMT
hodshop.js
halfoffdeals.com/includes/template_9/themes/three/2020/js/ 		183 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halfoffdeals.com/includes/template_9/themes/three/2020/js/hodshop.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
69bb3f603fe69b4a80a60a4a92de3f2fc39b14ecaee7be150d8deead6c0a5e69

Request headers

:path
/includes/template_9/themes/three/2020/js/hodshop.js
pragma
no-cache
cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; station_city=Hartville; station_state=Ohio; last_visit=shop; layout=thumbs; perpage=200; counter=1; Details0=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
halfoffdeals.com
referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 18:57:07 GMT
server
nginx
etag
W/"602ac403-2ddde"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800 public, must-revalidate, proxy-revalidate
expires
Tue, 26 Oct 2021 13:17:39 GMT
service-worker.js
halfoffdeals.com/apps/justuno/ 		770 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://halfoffdeals.com/apps/justuno/service-worker.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
db820f9b380e2e1d5dbe14004a73d6acbd957f3d7e29bfb73dc9e82f2d5d6cbf

Request headers

:path
/apps/justuno/service-worker.js
pragma
no-cache
cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; station_city=Hartville; station_state=Ohio; last_visit=shop; layout=thumbs; perpage=200; counter=1; Details0=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
halfoffdeals.com
referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
last-modified
Tue, 15 Sep 2020 19:56:41 GMT
server
nginx
etag
W/"5f611c79-302"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800 public, must-revalidate, proxy-revalidate
expires
Tue, 26 Oct 2021 13:17:39 GMT
opensocialshare.js
sharecdn.social9.com/v2/js/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharecdn.social9.com/v2/js/opensocialshare.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.84.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68bddb23e3cb913c98cd69843462d09d89ad74bbf42e1a8d6f24d1dc7f480bc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
via
1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
384
x-amz-meta-cb-modifiedtime
Thu, 26 Apr 2018 09:46:28 GMT
x-cache
Hit from cloudfront
last-modified
Fri, 26 Jul 2019 22:23:17 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"becac61f5545b95da643eabf5ffaa909"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6%2FoxU2UNID7injanN5dY9amGimS6dSvytXYHgZ%2BV%2FZDfB86PyLD5twKIQ%2Fw9n25jVA2a1HRakWL1zco08ccMSvLYTg7X7wSP%2FOUpO3RwSfVm%2BvJv3L08sur6besqEKTiGBujdzM4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=91667
x-amz-cf-pop
PRG50-C1
cf-ray
6a0a49aee9474126-PRG
x-amz-cf-id
wAgIYYojqsb3T7_PTjdlPzYmZZBOgYmzn05NJOquOVYKSkf6xu9FGg==
x-amz-meta-s3b-last-modified
20170125T044939Z
opensocialsharedefaulttheme.js
sharecdn.social9.com/v2/js/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharecdn.social9.com/v2/js/opensocialsharedefaulttheme.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.84.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a331e7852701dfbf4127def8c745d9646cac7a1b5c4e3ccd054788515aa17d64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
PRG50-C1
cf-polished
origSize=22399
x-cache
Hit from cloudfront
last-modified
Fri, 26 Jul 2019 22:23:17 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"296a81555bed3ccb0a4ba66f6cc61237"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucGsN2SXDk7gGybOfIY25Yot0El1iFtAx5PYSXUdijEONuhUAfRhod4xpPFNYL6AwPT%2F%2FG5WCt8dZWF0bJaQ7SJnxBLPM47lF7SVGBhkK3oN8L91hEXNBuP5po5lMGibaewlR3Fqcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6a0a49aee9494126-PRG
x-amz-cf-id
x-q_nRXuBUgdRLpBpfJPT1Mhe-DJiv_H09xSeZ3gxeiq_QiA2qNuTg==
x-amz-meta-s3b-last-modified
20170124T132547Z
os-share-widget-style.css
sharecdn.social9.com/v2/css/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharecdn.social9.com/v2/css/os-share-widget-style.css
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.84.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479071abf4e5d70c465fe4465c67ea4397d34af0dfcd4154f5ffe2e2dd5f0521

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
via
1.1 4614c36172b2854b1e1e94af37435c8f.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
PRG50-C1
cf-polished
origSize=43471
x-cache
Hit from cloudfront
last-modified
Fri, 26 Jul 2019 22:23:16 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"cbb1377bede44f4e85126bbb4074fc7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvgzpImo3fliV8Uu6HivS%2F8WfsuHnYMk2SnbkbrcL8LeOPwBNQg4kwdmeOR%2FC18nZ%2BiB2mzAKty%2Bxxqqg%2Bhn9X%2Bglu8%2Bx2bCQGMYcckyAXXhTvBg92OgYzQmqvnmwifccAC40Xbwng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6a0a49aee94a4126-PRG
x-amz-cf-id
0iUJUhzJhKnmekfHLAFyHa1kNqL_0xqqyW6TAwky-2rZlZ-uOWI_rA==
x-amz-meta-s3b-last-modified
20170510T094328Z
gtm.js
www.googletagmanager.com/ 		131 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJM9Z87
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e2eb4801ca5bf0e65eadc01aa45ae63a04001ea8a763dabd078009decec2f8a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49320
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Oct 2021 13:17:39 GMT
css
fonts.googleapis.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800%7CRoboto+Slab:400,700
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/includes/template_9/themes/three/js/dist/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f10.1e100.net
Software
ESF /
Resource Hash
ceffc8fedc7ca54f515e6dc5a4122be1675fb802fea9416838821e30b5bf94f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:17:39 GMT
server
ESF
date
Tue, 19 Oct 2021 13:17:39 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 19 Oct 2021 13:17:39 GMT
fa-solid-900.woff2
halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/fa-solid-900.woff2
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

sec-fetch-mode
cors
origin
https://halfoffdeals.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; station_city=Hartville; station_state=Ohio; last_visit=shop; layout=thumbs; perpage=200; counter=1; Details0=1
:path
/includes/template_9/themes/three/2020/css/webfonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
halfoffdeals.com
referer
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Thu, 27 Aug 2020 20:15:52 GMT
server
nginx
etag
"5f481478-13914"
content-type
application/octet-stream
x-srv-id
1
accept-ranges
bytes
content-length
80148
fa-regular-400.woff2
halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/fa-regular-400.woff2
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91

Request headers

sec-fetch-mode
cors
origin
https://halfoffdeals.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; station_city=Hartville; station_state=Ohio; last_visit=shop; layout=thumbs; perpage=200; counter=1; Details0=1
:path
/includes/template_9/themes/three/2020/css/webfonts/fa-regular-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
halfoffdeals.com
referer
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Thu, 27 Aug 2020 20:15:51 GMT
server
nginx
etag
"5f481477-3520"
content-type
application/octet-stream
x-srv-id
1
accept-ranges
bytes
content-length
13600
main.js
m9m6e2w5.stackpathcdn.com/v2/7016fae1/ 		147 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/7016fae1/main.js
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
943447536924ef690ecbfcd8b5651fdcb2002a6d6d397d8adb5b916226179427

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 19:53:42 GMT
server
nginx
x-amz-request-id
XA12XQAV8EEVD0Z3
etag
"b2f00638b5535fc8bd662c6a4bceb661"
x-hw
1634649459.cds109.fr8.hn,1634649459.cds154.fr8.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
41738
x-amz-id-2
hKhGhpa6pOAdzjJ2+Cee/a/9d/IPe5ldO+E5cayJQ9gcrVFsEjBHTSMcMwBG9w6TC7OyFHwhpRA=
viewer.full.css
scripts.sirv.com/sirvjs/v3/ 		65 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scripts.sirv.com/sirvjs/v3/viewer.full.css
Requested by
Host: scripts.sirv.com
URL: https://scripts.sirv.com/sirvjs/v3/sirv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.133.189 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.189.133.55.162.clients.your-server.de
Software
Sirv.Imagination /
Resource Hash
85ad4fbd249f2d9ac6e9c3ccaab29c52ae103b83968f6d1fe996eb4e2ffb4c6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
vary
Accept-Encoding
x-account-serial
2021-03-03T14:57:03.711Z
x-account-id
noh0ea1fkeohhwnrcotx1emvmvxo8nhb
x-sirv-server
c1-extra2-fireball-9
x-file-versionid
8ilKtGnVKMTVWuHgotqSusuxBTTgfyhu:72
last-modified
Fri, 15 Oct 2021 11:37:25 GMT
server
Sirv.Imagination
etag
W/"616967f5-10474"
x-sirv-shard
c1-riak4
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=605700
x-sirv-cache
HIT
access-control-allow-headers
*
expires
Tue, 26 Oct 2021 13:32:39 GMT
284603.jpg
images.neofill.com/images/promo_logo/ 		19 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://images.neofill.com/images/promo_logo/284603.jpg?nometa&info=sirv_image_info_862480577_main
Requested by
Host: scripts.sirv.com
URL: https://scripts.sirv.com/sirvjs/v3/sirv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.155.71.39 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
107-155-71-39-customer-incero.com
Software
nginx /
Resource Hash
eb239ca4321d2dd905156aeab70bf76146daf96ae207b90437330fe06906d7c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Tue, 05 Oct 2021 13:29:14 GMT
server
nginx
etag
"615c532a-4a33"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
18995
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800%7CRoboto+Slab:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 17:04:31 GMT
x-content-type-options
nosniff
age
418388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 14 Oct 2022 17:04:31 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v16/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,800%7CRoboto+Slab:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 18:41:13 GMT
x-content-type-options
nosniff
age
412586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32876
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:12:04 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 14 Oct 2022 18:41:13 GMT
fa-brands-400.woff2
halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/webfonts/fa-brands-400.woff2
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.155.71.138 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
web1.halfoffdeal.com
Software
nginx /
Resource Hash
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

sec-fetch-mode
cors
origin
https://halfoffdeals.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
last_query_str=index_type%3Dpromo-detail%26h%3D1295607; station_city=Hartville; station_state=Ohio; last_visit=shop; layout=thumbs; perpage=200; counter=1; Details0=1
:path
/includes/template_9/themes/three/2020/css/webfonts/fa-brands-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
halfoffdeals.com
referer
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://halfoffdeals.com/includes/template_9/themes/three/2020/css/hod-shop.css?v=1634649458
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Thu, 27 Aug 2020 20:15:52 GMT
server
nginx
etag
"5f481478-12e58"
content-type
application/octet-stream
x-srv-id
1
accept-ranges
bytes
content-length
77400
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
32c37d3ef21fb4793c7a9f4f6adf7e5d597e7fd0d7b8a89f793bb0b34c44ee53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99348
x-xss-protection
0
server
cafe
etag
17165115455200885443
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 13:17:39 GMT
truncated
/ 		605 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c039aa3c5f27666dc6bd1d5f89694acfba9e3240dda2957c7124d8aaa0801b80

Request headers

Referer
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79fe425cd195dcec7ef86ed8a816c5447df8e50b6bba64d4441b83e55ca0dde

Request headers

Referer
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		896 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf118c51be5d2490898ce95d71866e928f9c31e2f9887c629b48216442d80227

Request headers

Referer
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame C399 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211013/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://halfoffdeals.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 18 Oct 2021 21:27:24 GMT
expires
Mon, 01 Nov 2021 21:27:24 GMT
content-type
text/html; charset=UTF-8
etag
9069739545958607985
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4691
x-xss-protection
0
age
57015
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
branch-v1.8.4.min.js
cdn.branch.io/ 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-v1.8.4.min.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-52.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
219040f9827388293bb6dc4c90adb33bb54e6ba3e391044c522c685e14669891

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
IyyeDaPrxyo7rBrZrGnyrqhVnEfHWKmn
content-encoding
gzip
last-modified
Fri, 26 Apr 2019 15:24:08 GMT
server
AmazonS3
age
40383
etag
"aa54ac9b2379553c6f7244525c933240"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
date
Tue, 19 Oct 2021 02:04:37 GMT
x-amz-cf-pop
FRA50-C1
content-length
18456
x-amz-cf-id
Nq_fWITTYEFDNJ2mFU6TKOtCeiVXFD5H8pznVqrK9qX_mfPRzolC7Q==
vck.js
cdn.jst.ai/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jst.ai/vck.js
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.203.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa433b899311f6fcb718687df51be730a5a7a3c6ce4dc2474ff26a383307b2ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-pop
pragueCZ
date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
br
cf-cache-status
HIT
x-77-nzt-ray
ZaFquXrOvBk=
age
7040
cf-polished
origSize=3165
cf-ray
6a0a49b05db34113-PRG
x-77-cache
MISS
x-cache
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
QXAP9YPYP88309ZF
x-amz-id-2
vHvZycuTt5fOBpm8GaA6uJfaGwEN5ZHOZoLwNw65WvBNPgip0R6fvQBPGsURfFNaGRF2SGPmW08=
x-77-nzt
Abm0DrgsZW7B
last-modified
Thu, 12 Nov 2020 22:18:40 GMT
server
cloudflare
etag
W/"0d90f75705633071cb4330dbccfe579a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
IStAkkpAXub6mGXsU7R_eEc9Tjbt5OG9
cache-control
public, max-age=691200
content-type
application/javascript
expires
Wed, 27 Oct 2021 13:17:39 GMT
e
analytics.shareaholic.com/ 		43 B
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.shareaholic.com/e
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/7016fae1/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.113.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-113-242.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy referrer always

Request headers

Referer
https://halfoffdeals.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 13:17:39 GMT
vary
Origin
p3p
CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin
https://halfoffdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
referer-policy
unsafe-url
content-security-policy
referrer always
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
97618602b2de2de87d4683f4dc4b6551.json
www.shareaholic.net/config/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shareaholic.net/config/97618602b2de2de87d4683f4dc4b6551.json
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-100-94.compute-1.amazonaws.com
Software
nginx /
Resource Hash
657a32ec852555dece67b137da78901e1d25a862cc765f717c7626e4fe54d889

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-client-geo-country
US,USA
date
Mon, 18 Oct 2021 21:29:50 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
content-length
1096
server
nginx
x-client-geo-region
x-client-geo-metrocode
etag
W/"657a32ec852555dece67b137da78901e"
access-control-max-age
2000
x-client-geo-city
x-varnish
37100581 23205053
via
1.1 varnish (Varnish/6.0)
access-control-expose-headers
Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control
max-age=3, public, must-revalidate
x-client-geo-zip
accept-ranges
bytes
content-type
application/json
access-control-allow-headers
*
x-client-geo-latlong
37.751000,-97.822000
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJM9Z87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
1842
date
Tue, 19 Oct 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 19 Oct 2021 14:46:57 GMT
cookie.js
partner.googleadservices.com/gampad/ 		206 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=halfoffdeals.com&callback=_gfp_s_&client=ca-pub-1849320143650400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e994139033db838a15a3b6e78e2994891ac398379adfc87f89d35dd99e46b596
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=halfoffdeals.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 33B7 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1849320143650400&output=html&adk=2802182017&adf=65010789&lmt=1634649459&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhalfoffdeals.com%2Findex.php%3Findex_type%3Dpromo-detail%26h%3D1295607&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634649459148&bpp=10&bdt=471&idt=120&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=909790770645&frm=20&pv=2&ga_vid=112281183.1634649459&ga_sid=1634649459&ga_hid=534177069&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750886%2C182982100%2C182982300%2C31062526%2C44748552&oid=2&pvsid=1119163805724298&pem=954&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1849320143650400&output=html&adk=2802182017&adf=65010789&lmt=1634649459&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhalfoffdeals.com%2Findex.php%3Findex_type%3Dpromo-detail%26h%3D1295607&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634649459148&bpp=10&bdt=471&idt=120&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=909790770645&frm=20&pv=2&ga_vid=112281183.1634649459&ga_sid=1634649459&ga_hid=534177069&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750886%2C182982100%2C182982300%2C31062526%2C44748552&oid=2&pvsid=1119163805724298&pem=954&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://halfoffdeals.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 19 Oct 2021 13:17:39 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 19-Oct-2021 13:32:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 13:17:39 GMT
cache-control
private
_r
app.link/ 		90 B
572 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.25.1&branch_key=key_live_gjOzXcqYObbG8PYHi1VFHijcDsfyEFLU&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-v1.8.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-23.fra50.r.cloudfront.net
Software
openresty / Express
Resource Hash
b771237ade1c6d3491a66cef275f5e50e6d8b2de5ff73fafde6458965bfc440b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
openresty
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
90
etag
W/"5a-uAAYXIhTUiVAcAKZixhcQRqCZwk"
x-amz-cf-id
8CAZqOqEduPi_ynLOBQhR_WX4nK8UHRbRfeLj4H--031oWtP5sygog==
account_version_check.html
my.jst.ai/ajax/ 		36 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.jst.ai/ajax/account_version_check.html?id=AA81ACCC-CBC7-46CC-8DF1-AF0A832E2CF2
Requested by
Host: cdn.jst.ai
URL: https://cdn.jst.ai/vck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.203.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6c36f202c9d6961e2bf627f650daefb22255c0ff6f615c11f7f49a51208809

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
br
cf-cache-status
HIT
age
314
p3p
CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 19 Oct 2021 06:12:25 PST
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30
cf-ray
6a0a49b0cf36278c-PRG
access-control-allow-headers
X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires
Tue, 19 Oct 2021 13:18:09 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=534177069&t=pageview&_s=1&dl=https%3A%2F%2Fhalfoffdeals.com%2Findex.php%3Findex_type%3Dpromo-detail%26h%3D1295607&dp=%2Findex.php%3Findex_type%3Dpromo-detail%26h%3D1295607&ul=en-us&de=windows-1252&dt=Gold%20Layer%20Necklace%20for%20Women%20With%20Druzy%20Stone%20Butterfly%20Pendant%20-%20%2425.50%20with%20FREE%20Shipping!%20%7C%20HalfOffDeals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=778138204&gjid=915911470&cid=112281183.1634649459&tid=UA-12186087-1&_gid=131290857.1634649459&_r=1&gtm=2wgad0KJM9Z87&z=639092598
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://halfoffdeals.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 13:17:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://halfoffdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
mwgt_4.1.js
cdn.jst.ai/ 		205 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jst.ai/mwgt_4.1.js?v=3.84
Requested by
Host: cdn.jst.ai
URL: https://cdn.jst.ai/vck.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.203.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f8d2b1e22c5c1c86f96fcf5bc33572d047bc21a3b380be85be6a4777d3c63c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-pop
pragueCZ
date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
br
cf-cache-status
HIT
x-77-nzt-ray
SNTKIfTkK3c=
age
16611
cf-polished
origSize=278225
cf-ray
6a0a49b11ee14107-PRG
x-77-cache
MISS
x-cache
MISS
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
AE62KAS1TX4QV1F0
x-amz-id-2
APLnT2ks3/q7UW2areJzgiEBnF3MPyxN2s29P3v6mo+HYLuQ8Gk83pHR3ujeDCsZUuygI1/BKPI=
x-77-nzt
AY/0IAqYjcSx
last-modified
Tue, 19 Oct 2021 08:39:45 GMT
server
cloudflare
etag
W/"17c885651f2232203aaac4c3845b105b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
2Bj2eVBQumJBMsGgUN0BMLh_.LAcmgBa
cache-control
public, max-age=700000
content-type
application/javascript
expires
Wed, 27 Oct 2021 15:44:19 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-12186087-1&cid=112281183.1634649459&jid=778138204&gjid=915911470&_gid=131290857.1634649459&_u=YAhAAEAAAAAAAC~&z=2085975496
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://halfoffdeals.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Oct 2021 13:17:39 GMT
content-type
text/plain
access-control-allow-origin
https://halfoffdeals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-12186087-1&cid=112281183.1634649459&jid=778138204&_u=YAhAAEAAAAAAAC~&z=1945494898
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 13:17:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
open
api.branch.io/v1/ 		273 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-v1.8.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-106.fra50.r.cloudfront.net
Software
/
Resource Hash
ceadaefaabffa333432bfb5cf5f4c926717b5c8f54cd4ef524ab403e032a45c0

Request headers

Referer
https://halfoffdeals.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
6950de0ee2a84137a70df7976dfaa237-2021101913
content-length
273
x-amz-cf-id
tuQRD18KJsyHE18YhSu18xMFm7Jz0BVpYY8UtNyPObafPrWKi6oUpg==
store_4.1.html
cdn.jst.ai/ Frame 7809 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.jst.ai/store_4.1.html?v=3.84
Requested by
Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=3.84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.203.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

:method
GET
:authority
cdn.jst.ai
:scheme
https
:path
/store_4.1.html?v=3.84
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://halfoffdeals.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-type
text/html
x-amz-id-2
aqmUAecQaHS1bCF2XKTd84714mLSBJjqOuBFb7aNPikctE84JROeY94N9kXL0NvbUswfsUNoiGw=
x-amz-request-id
663D1TDJT367GXYX
last-modified
Tue, 31 Mar 2020 15:31:26 GMT
cache-control
max-age=700000
x-amz-version-id
n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-77-nzt
AbmYQXecbPfv10AAAA==
x-77-nzt-ray
B9vwn4pp4ps=
x-cache
HIT
x-age
16599
x-77-pop
pragueCZ
x-77-cache
HIT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a0a49b1e83f4107-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sharebuttons.js
m9m6e2w5.stackpathcdn.com/v2/7016fae1/ 		161 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/7016fae1/sharebuttons.js
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f9afa7a2739e8a58cf2ace84b26ede1b2a162dada8620777e431698087536ddd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 19:53:42 GMT
server
nginx
x-amz-request-id
XA1929EF37NHCTH9
etag
"4def0ddd8c81302850992d862c0df4f8"
x-hw
1634649459.cds109.fr8.hn,1634649459.cds103.fr8.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
36977
x-amz-id-2
EYOiLLsEbQwlCLgY6DOEmPmxdYbNEIvm45ym1bEstkxhd8w+zO+nRbbGkotgmut/co2RkmSitj8=
partners.js
partner.shareaholic.com/ 		0
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fhalfoffdeals.com%2Findex.php%3Findex_type%3Dpromo-detail%26h%3D1295607&canonical=https%3A%2F%2Fhalfoffdeals.com%2F%3Findex_type%3Dpromo-detail%26h%3D1295607&cl=en&id_sync=6eb7f0d1-95fd-4126-9b01-fc25f8634c75&minify=1&pvs=1&site=97618602b2de2de87d4683f4dc4b6551
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/7016fae1/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.140.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-140-231.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 13:17:39 GMT
vary
Accept-Encoding, User-Agent
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript;charset=utf-8
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Referer
https://halfoffdeals.com/
Origin
https://halfoffdeals.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Fri, 17 Sep 2021 19:53:43 GMT
server
nginx
x-amz-request-id
DPE6YSYCCCYM7HE2
etag
"0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
x-hw
1634649459.cds163.fr8.hn,1634649459.cds254.fr8.c
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
20556
x-amz-id-2
Tgm+lNvoNhPhyefY8ZDjPq4K9KPsd74zDc84ccNeptSn89l64PsvVScQZw+kl1dQ+YiWRYVqRuI=
284603.jpg
images.neofill.com/images/promo_logo/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.neofill.com/images/promo_logo/284603.jpg?nometa&info=sirv_image_info_862480577_main&callback=image_info_2624559
Requested by
Host: scripts.sirv.com
URL: https://scripts.sirv.com/sirvjs/v3/sirv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.155.71.39 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
107-155-71-39-customer-incero.com
Software
nginx /
Resource Hash
8c06fd5982b971457fb1071c2e774d7ad2521eab02f3e1cc37d3659b32273165

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:39 GMT
last-modified
Tue, 05 Oct 2021 13:29:14 GMT
server
nginx
etag
"615c532a-4a33"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
18995
expires
Thu, 31 Dec 2037 23:55:55 GMT
event
api.branch.io/v1/ 		29 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.branch.io/v1/event
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-v1.8.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-106.fra50.r.cloudfront.net
Software
/ Express
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://halfoffdeals.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Oct 2021 13:17:39 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
db8adf6f6a2c4f76a20988ebbf7d828f-2021101913
content-length
29
etag
W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-amz-cf-id
fcoIvxZcV9XImXZGGs4jpqTB6z3xge14NP3K2zqtn-WjxT5JxdGVFA==
hod-app-logo-50x50.png
shop.halfoffdeals.com/local/assets3/img/ Frame 69AE 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shop.halfoffdeals.com/local/assets3/img/hod-app-logo-50x50.png
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.115.22.240 , United States, ASN53861 (AS-KGIX, US),
Reverse DNS
www.halfoffdeals.com
Software
nginx /
Resource Hash
50ac146f884eadf16dd0b5a2b3a178525fd430818674308b5f6e9f401027c4a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
public
Date
Tue, 19 Oct 2021 13:17:58 GMT
Last-Modified
Mon, 23 Sep 2019 14:51:38 GMT
Server
nginx
ETag
"5d88dbfa-1965d"
Content-Type
image/png
Cache-Control
max-age=604800, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
X-IN-SRV
161
Content-Length
104029
X-LB-ID
161
Expires
Tue, 26 Oct 2021 13:17:58 GMT
284603.jpg
images.neofill.com/images/promo_logo/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.neofill.com/images/promo_logo/284603.jpg
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.155.71.39 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
107-155-71-39-customer-incero.com
Software
nginx /
Resource Hash
eb239ca4321d2dd905156aeab70bf76146daf96ae207b90437330fe06906d7c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
public
date
Tue, 19 Oct 2021 13:17:40 GMT
last-modified
Tue, 05 Oct 2021 13:29:14 GMT
server
nginx
etag
"615c532a-4a33"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
18995
expires
Thu, 31 Dec 2037 23:55:55 GMT
account_config_4.1.html
my.jst.ai/ajax/ 		183 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.jst.ai/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=AA81ACCC-CBC7-46CC-8DF1-AF0A832E2CF2&p=0&cm=0&pl=
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/includes/template_9/themes/three/2020/js/hodshop.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.203.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11242002c434ff7b523b5fe7ec71ac232cd81e0897653866956c7ac334eec267

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:40 GMT
content-encoding
br
cf-cache-status
HIT
age
313
p3p
CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 19 Oct 2021 06:12:27 PST
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; Charset=UTF-8
cache-control
no-store,private
cf-ray
6a0a49b85db0f9d2-PRG
access-control-allow-headers
X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires
Tue, 19 Oct 2021 13:12:27 GMT
findp
aly.jst.ai/api/session/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=AA81ACCC-CBC7-46CC-8DF1-AF0A832E2CF2&genhash=&device_static_hash=&userid_hash=&pageId=0zkaj8&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fhalfoffdeals.com%2Findex.php%3Findex_type%3Dpromo-detail%26h%3D1295607&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&sw=1600&sh=1200
Requested by
Host: halfoffdeals.com
URL: https://halfoffdeals.com/includes/template_9/themes/three/2020/js/hodshop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.203.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a91aab1ad69631a9fd8cbf39e07b0e08da1e092165c3e76af4c79b8ccb56d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
DAV, content-length, Allow
access-control-allow-credentials
true
cf-ray
6a0a49b86b694119-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
store_4.1.html
cdn.jst.ai/ Frame CC97 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.jst.ai/store_4.1.html?v=3.84
Requested by
Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=3.84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.203.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

:method
GET
:authority
cdn.jst.ai
:scheme
https
:path
/store_4.1.html?v=3.84
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://halfoffdeals.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/

Response headers

date
Tue, 19 Oct 2021 13:17:40 GMT
content-type
text/html
x-amz-id-2
aqmUAecQaHS1bCF2XKTd84714mLSBJjqOuBFb7aNPikctE84JROeY94N9kXL0NvbUswfsUNoiGw=
x-amz-request-id
663D1TDJT367GXYX
last-modified
Tue, 31 Mar 2020 15:31:26 GMT
cache-control
max-age=700000
x-amz-version-id
n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-77-nzt
AbmYQXfWSh/v2EAAAA==
x-77-nzt-ray
Nab/Z6qseDY=
x-cache
HIT
x-age
16600
x-77-pop
pragueCZ
x-77-cache
HIT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a0a49b96da74107-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211013&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
01dfff7b3babdbed9baf4cf87d6334896cebf2e753c51899c2054ac76afa5f96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 13:17:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8638
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 13:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 19 Oct 2021 13:17:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 25CD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://halfoffdeals.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 19 Oct 2021 12:32:09 GMT
expires
Wed, 19 Oct 2022 12:32:09 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2733
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B01E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
3ef5475db3f06588a6094a11f5ec29a0461cee1391ad55872f82a87dc72f8f73
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LpFwsUWigBEb4ifHPA2X/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://halfoffdeals.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 19 Oct 2021 13:17:42 GMT
date
Tue, 19 Oct 2021 13:17:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LpFwsUWigBEb4ifHPA2X/g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 25CD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 12:28:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
2937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 19 Oct 2022 12:28:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B01E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211013&jk=1119163805724298&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211013&jk=1119163805724298&bg=!NDelN3PNAAao6lBpqOo7ACkAdvg8WqJY1EIsz4zV9BKfhlGd282qDb2TNTZckRdAuYW5BwhXJuNtKgIAAABoUgAAAAxoAQcKADyBYQfE3MJjc4TrD2P9N_EyzdQ_fVwKQ1_JODmHs3qb2Mk2RUmfhZ0_yxgIrdCjlTzZh48amr5NWIVSApGZArFGxxvaN2ixORSxv_ptejAbVZguwlJQ8T1qzSupuckbRRwV2K_PI4nI1w2hJwAVKNDRuT2083J3FVDdN3QpRHrjHdsvvcAu7wsa9hXIr_3oUD6VNjjjii9wmZSrMkfjvNVzato4T1-d7pzHKVGdfm03h6OzBInEN3RbvWPRCwG4rNi0Qh7qNMzdE-nVHd5YvsXL_nFpJNrQOYNajH-ech2xh8RN9eraPg5lQy6u2VQY3J5u2GqPbqnYF1wOlxF-5EhtnG01HA9RQ24cQ2ouX59NepbHW2juuXfiMsxbKJYSAi9eW-YjG7oIngcnjkadSovGnIBE6HamMBkXSJ8PFUYDooXLVqo5mserqbT9xbBqcxfTN9dbYwgnFHhaltIsUlkQCHR-Duh-eVpx81_KtBwetx9jwALFRTsvEYQBch1Jr1bUnJJD02w2mB3kVucf7BkO0Fzrh_C6XcnSAOklGKiJ7ADs7EHdhNWmnOs3ULMs1g9dHriIk6yOe_366dAY4E5cEDiJPJVaWCTVtjYjNImMgbLGFd4TNs_S5ks0r3RkJ-bhLbx2MtwMSHgJghS5bQcIop6UZqoTnIBWwcy-SAfsk0mgYS-EvS0ZqfXQH7RvlYxH6JncaR8OT6CmO7pkUtZGUYAu9vZ2m005thU_0tusFDzk61FHhLjqcHFPMH64Zwowa3J3ILb4PbflhzGJ7HWCwzDG1qTFH5fZp6w8o960eRizUrZ-9bOgLIEIvQbRVVTCqKHG5vwgwloqUJ3ibLDmIIG6r-vocLLkDqyYHzsBdwlosAVRuwaT-nPjl17SqzqNEbQLK7k01Ulx4VMPlma8Q6haXQAclTk9Pz_7Op4mMUdZTF_Kvm-FPqDvcDQGE5DAEeZL74PP6wivHX_eojIS78pe71UBgDB2m_MrwYVo7g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://halfoffdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 13:17:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

354 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| dataLayer boolean| Ba object| webfont object| WebFont object| Sirv object| shrJsonp function| Shareaholic object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| $ function| jQuery function| Popper object| bootstrap object| bootbox object| adminSettings function| OpenSocialShare function| Sizzle function| elementQuery function| getEmPixels object| OpenSocialShareDefaultTheme object| shareWidget function| showMore object| branch string| ju_num string| asset_host function| juapp object| google_tag_manager string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| ju_loadversionscript function| jju_setCookie function| jju_getCookie function| isNumeric object| $jujsonp string| ju_v string| ju_vr undefined| ju_v_arr string| ju_host string| ju_domain function| ju_vcheck object| gaplugins object| gaData boolean| isBot object| ju_Cookie object| ju_MobileEsp object| juTempConfig string| _ju_dn function| pstmsgresize function| ju_push_pers function| ouibounce function| ju_debounce function| juDetectPlatform function| ju_parseQuery function| ju_fadeinoverlay function| ju_fadeoutoverlay function| ju_fadein function| ju_fadeout function| setwidthheight function| resizejucon function| ju_targeting_data function| write_data_cookies function| evaltype function| ju_pageChange function| test_targets function| splice_rules_matched function| update_rules_matched function| run_target_action function| ju_logimpression function| update_prods_seen function| update_offers_seen function| addJuIcon function| testju_mobile function| ju_logpagestats function| ju_renderStore function| ju_getconfig function| ju_readyfetch function| ju_fetchconfig function| ju_replaceErrors function| ju_logerr function| forceNumber function| forceString function| parseImageFromTab function| ju_removeProp function| ju_setup_cookie_data function| ju_conv_cart function| ju_log_conversion function| ju_submit_conv function| ju_beaconsend function| ju_regtest_array function| ju_beaconsend_gzip function| ju_visibility_change function| ju_savetodb function| safeToJSON function| ju_limitobjectlength function| ju_objectlength function| ju_safepost_p function| ju_jsonp_p function| addDefaultCSS function| ju_initialize function| ju_tabClick function| ju_reshow_button function| ju_animate_show_open function| ju_animate_hide_button function| ju_animate_button function| ju_activityAdjust function| ju_createiframe function| ju_setup_interval_stuff function| alert_iframe_of_scroll function| ju_inPageVisCheck function| ju_loadiframe function| ju_loadiframe_con function| ju_isInViewport function| ju_writeIframe function| fire_animation function| ju_add_css function| ju_add_js function| existArrayObj function| tryCatch function| ju_jqLoaded function| update_offers_closed function| update_offers_engaged function| ju_switchfixedabsolute function| quickapplycoupon function| replaceJustuno function| juDebug function| pushdown_stuff function| ju_arr_upsert function| return_engagment_type function| ju_check function| jju_getDomain function| ju_save_hash function| ju_a function| ju_call_a function| ju_autosetemail function| ju_autoapplycoupon function| tabPosition function| tabOptions function| jju_getParameterByName function| jju_getju_windowHeight function| ju_record_event function| ju_optimizely_event function| ju_gtm_event function| ju_zaius_event function| ju_ga_event function| ju_heap_event function| ju_sgio_event function| ju_rejoiner_event function| ju_drip_event function| ju_bluecore_event function| ju_ibm_analytics_event function| ju_klaviyo_event function| ju_resci_event function| ju_field_event function| ju_listrak_event function| ju_recart_event function| ju_hubspot_event function| ju_adobe_event function| ju_cordial_event function| ju_optimove_event function| ju_braze_event function| ju_hasTouch function| ju_generateUID function| ju_genPageId function| sendPushBody function| ju_initpush function| ju_readyAskPerm function| ju_askPermission function| ju_pushSupport function| ju_registerServiceWorker function| ju_UrlExists function| ju_checkRemotePermission function| ju_subscribeUserToPush function| _toConsumableArray function| urlBase64ToUint8Array function| ju_sendSubscriptionToBackEnd function| ju_detectCompetitors function| ju_compareDetected object| ju_123_seo function| ju_inIframeLoaded number| ju_onboarding_display number| ju_onboarding_steps function| fetchWindowHref boolean| ju_isPreview function| ju_md5 function| ju_sha1 function| ju_sha256 object| ju_errors object| pako function| bililiteRange string| ju_language function| juApplyCouponDebounced boolean| ju_alreadyloaded string| ju_widget_v object| ju_target_starttime number| ju_target_interval function| jju object| ju_data_page object| ju_data_session object| ju_data_all object| juDp object| juDs object| juDa object| ju_config string| ju_current_domain string| ju_current_url string| ju_current_url_protocol string| ju_camefrom_domain string| ju_camefrom_url string| ju_camefrom_url_protocol boolean| ju_triggerred boolean| ju_show_button boolean| ju_show_coupon number| ju_show_campaign_id number| ju_show_tab_campaign_id boolean| ju_haveseen number| ju_custom_button_width string| ju_conversion boolean| ju_il_activated_exit boolean| ju_il_activated_back number| ju_targetruncount boolean| ju_mobile boolean| ju_initialized_button number| ju_new_visit number| ju_new_user number| ju_new_user_ever string| ju_active_ju_num boolean| ju_svgmode object| juHeight object| juWidth object| juBorder object| juStartingPosition object| juFinalPosition object| ju_scroll_check object| ju_ajaxDebounce object| ju_cv_timer_check boolean| ju_stoptop number| ju_successfocused number| ju_lastopenedcoupon number| ju_timer object| ju_timer2 object| ju_matched_cm object| ju_Tracker string| ju_promo_title string| ju_iframe_url boolean| ju_initialized object| ju_resize_tracker string| show_preview_tab boolean| fixed_supported object| fixed_push_interval number| pushdown_distance object| fixed_push_type number| ju_idleStateTime boolean| ju_stopupdating boolean| ie9 number| ju_cm boolean| touchPresent object| ju_googlefonttimer object| ju_promo_options boolean| ju_exitback boolean| ju_setupexitintent boolean| ju_setupbackintent object| ju_setupclickintent object| ju_setuphoverintent string| ju_setupclickintent_el string| ju_setuphoverintent_el boolean| ju_allow_again string| ju_cnt string| ju_reg string| ju_cty string| ju_zip string| _ju_dt object| ju_config_timeout object| ju_ct_timer_check object| ju_lg_timer_check object| ju_lg_array string| ju_profileUrl string| ju_pushDomain object| ju_pst boolean| ju_useBeacon boolean| ju_visible boolean| ju_jqLoaded_once boolean| ju_fetchconfig_once number| ju_lastKeyDown string| ju_orderid string| ju_referrer_url string| ju_referrer_url_protocol number| ju_plastsaved boolean| ju_cookieonly object| ju_eu_countries string| ju_gaTracker boolean| ju_cartDirty string| ju_pns function| ju_todayDate string| ju_pageid object| ju_tmpCartObj object| urlvalidmatch object| ju_qstr object| ju_options string| ju_customvar string| ju_custom1 string| ju_custom2 string| ju_custom3 number| ju_loadcm number| ju_windowHeight number| ju_windowWidth function| ju_assumejq function| ju_launch function| ju_postMessage function| jju_receivePostMessage function| jju_receiveMessage function| ju_removeProfile number| ju_ratio boolean| publisherConfigLoaded function| __shrTracker boolean| ju_mobile_scale undefined| juappTempArray object| GoogleGcLKhOms object| google_image_requests

20 Cookies

Domain/Path Name / Value
halfoffdeals.com/ Name: last_query_str
Value: index_type%3Dpromo-detail%26h%3D1295607
halfoffdeals.com/ Name: station_city
Value: Hartville
halfoffdeals.com/ Name: station_state
Value: Ohio
.halfoffdeals.com/ Name: last_visit
Value: shop
halfoffdeals.com/ Name: layout
Value: thumbs
halfoffdeals.com/ Name: perpage
Value: 200
halfoffdeals.com/ Name: counter
Value: 1
halfoffdeals.com/ Name: Details0
Value: 1
.halfoffdeals.com/ Name: __gads
Value: ID=292f7ba114b33211-22cefb7df9ca00e8:T=1634649459:RT=1634649459:S=ALNI_Ma0sw9IIKmbyungodEDdGBVsU_s8Q
.halfoffdeals.com/ Name: _ga
Value: GA1.2.112281183.1634649459
.halfoffdeals.com/ Name: _gid
Value: GA1.2.131290857.1634649459
.halfoffdeals.com/ Name: _gat_UA-12186087-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
halfoffdeals.com/ Name: _ju_v
Value: 4.1_3.84
.halfoffdeals.com/ Name: _ju_dm
Value: cookie
.halfoffdeals.com/ Name: _ju_dn
Value: 1
.app.link/ Name: _s
Value: hICxBL%2Bh3ChlXSWBUfOMf5bPzbOVkD6yNQzFvq6hH3r9RrikfqyRY3r20FWb7vgG
aly.jst.ai/ Name: __cflb
Value: 0H28w1Xe92a6MDGAYhusqbdskXm88bFcWTRUiSAVckM
.halfoffdeals.com/ Name: _ju_dc
Value: efd6843b-30de-11ec-aff8-1370c4db95de
.halfoffdeals.com/ Name: _ju_pn
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://bcg.coupons.com/?scriptId=47493&bid=1542400001&format=718x940&bannerType=3&channel=hod
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://halfoffdeals.com/index.php?index_type=promo-detail&h=1295607
Message:
Refused to execute script from 'https://images.neofill.com/images/promo_logo/284603.jpg?nometa&info=sirv_image_info_862480577_main&callback=image_info_2624559' because its MIME type ('image/jpeg') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
aly.jst.ai
analytics.shareaholic.com
api.branch.io
app.link
bcg.coupons.com
cdn.branch.io
cdn.jst.ai
cdn.shareaholic.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
halfoffdeals.com
images.neofill.com
m9m6e2w5.stackpathcdn.com
my.jst.ai
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
scripts.sirv.com
sharecdn.social9.com
shop.halfoffdeal.com
shop.halfoffdeals.com
spismovi.sirv.com
static.halfoffdeal.com
stats.g.doubleclick.net
tpc.googlesyndication.com
u9734906.ct.sendgrid.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.shareaholic.net
104.17.203.53
104.21.84.182
107.154.132.4
107.155.71.138
107.155.71.39
107.20.140.231
142.250.181.238
142.250.184.226
142.250.185.130
142.250.185.194
142.250.185.232
142.250.185.99
142.250.186.164
142.250.186.33
142.250.186.66
143.204.98.106
143.204.98.23
143.204.98.52
151.139.128.11
162.55.133.189
167.89.115.121
173.194.76.156
184.73.100.94
195.201.168.223
216.58.212.170
34.204.113.242
50.115.22.240
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01dfff7b3babdbed9baf4cf87d6334896cebf2e753c51899c2054ac76afa5f96
11242002c434ff7b523b5fe7ec71ac232cd81e0897653866956c7ac334eec267
151b4d2c5050b60ed712b77b11c42b9d22e90c84feb6efabc62370a467485dd2
1640a660cc2a3667ed45c277ab2aa41cb01792feabae6d7d90f5a6f767572a1f
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
1f6fee9842ed78087a6e40668ee09e05106d8b47626d588ad871b5ff4d6445c2
219040f9827388293bb6dc4c90adb33bb54e6ba3e391044c522c685e14669891
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
245818b22d1ec4892fcb722437e32888e97f63a0316bd22aaf9f44cde01f4c91
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
32c37d3ef21fb4793c7a9f4f6adf7e5d597e7fd0d7b8a89f793bb0b34c44ee53
3ef5475db3f06588a6094a11f5ec29a0461cee1391ad55872f82a87dc72f8f73
479071abf4e5d70c465fe4465c67ea4397d34af0dfcd4154f5ffe2e2dd5f0521
4d4f7bcebfbd9789413c4f1fd449d0d3901019d293f54b86cff6504d828ed80e
4e6c36f202c9d6961e2bf627f650daefb22255c0ff6f615c11f7f49a51208809
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50ac146f884eadf16dd0b5a2b3a178525fd430818674308b5f6e9f401027c4a3
5325bde0be833368517c950983e053401ad56296910e1981c0186cdc6dc71a8d
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
54f8d2b1e22c5c1c86f96fcf5bc33572d047bc21a3b380be85be6a4777d3c63c
5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
657a32ec852555dece67b137da78901e1d25a862cc765f717c7626e4fe54d889
66cc3b327efee8acbc7b147c1e671dceb351a9aa5e81ef9f9568096471f28c1d
679901193bec155d1919e74ea8191861eebf56293c9283a1081490ecedef0f57
68bddb23e3cb913c98cd69843462d09d89ad74bbf42e1a8d6f24d1dc7f480bc7
695a0fe8777f47d0e2569c7fece6104c82a4101ca35049c013fb2e23969ab75f
69bb3f603fe69b4a80a60a4a92de3f2fc39b14ecaee7be150d8deead6c0a5e69
77a91aab1ad69631a9fd8cbf39e07b0e08da1e092165c3e76af4c79b8ccb56d9
7f0870386ebb6b98b5e20b33b714013d49a25064aadd9f55cec26ed1d361d825
85ad4fbd249f2d9ac6e9c3ccaab29c52ae103b83968f6d1fe996eb4e2ffb4c6a
8c06fd5982b971457fb1071c2e774d7ad2521eab02f3e1cc37d3659b32273165
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
943447536924ef690ecbfcd8b5651fdcb2002a6d6d397d8adb5b916226179427
949ea4bfccb4162fa1244230f8fb1a123958fa1009c77c6cb52af05ae2a5be4c
9f34150ff6bcdbbf7e586b27e9313feb2e07d691df6ea8d64e78a4af88faa3db
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a331e7852701dfbf4127def8c745d9646cac7a1b5c4e3ccd054788515aa17d64
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a79fe425cd195dcec7ef86ed8a816c5447df8e50b6bba64d4441b83e55ca0dde
abea9f57fd26db2bcb7b4a5e625d3eb21c8444365fcd461fb6a1d40759a22d88
b771237ade1c6d3491a66cef275f5e50e6d8b2de5ff73fafde6458965bfc440b
bf118c51be5d2490898ce95d71866e928f9c31e2f9887c629b48216442d80227
c039aa3c5f27666dc6bd1d5f89694acfba9e3240dda2957c7124d8aaa0801b80
c346363cfcaf37bc782e0df71b944f8d14b6794761071c542c489072a4db4ae0
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
ceadaefaabffa333432bfb5cf5f4c926717b5c8f54cd4ef524ab403e032a45c0
ceffc8fedc7ca54f515e6dc5a4122be1675fb802fea9416838821e30b5bf94f6
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
db820f9b380e2e1d5dbe14004a73d6acbd957f3d7e29bfb73dc9e82f2d5d6cbf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1456476de5a35f7f8eab6e3711c9758b2b455115a2ee8cc02d7872ead085ad3
e2eb4801ca5bf0e65eadc01aa45ae63a04001ea8a763dabd078009decec2f8a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a661108f54f98ea5561835883cf004e7c6d18f97376b7f67d2156233822b90
e994139033db838a15a3b6e78e2994891ac398379adfc87f89d35dd99e46b596
eb239ca4321d2dd905156aeab70bf76146daf96ae207b90437330fe06906d7c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9afa7a2739e8a58cf2ace84b26ede1b2a162dada8620777e431698087536ddd
fa433b899311f6fcb718687df51be730a5a7a3c6ce4dc2474ff26a383307b2ca
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62